Notify Notification System Cheat Sheet¶
Overview¶
Notificar es un sistema de notificación versátil desarrollado por Project Discovery que permite enviar notificaciones en tiempo real a diversas plataformas y servicios. Está diseñado para simplificar el flujo de trabajo permitiendo a los usuarios utilizar la salida de herramientas de seguridad o archivos directamente a múltiples proveedores de notificación, como Discord, Slack, Telegram y más.
Lo que establece Notify apart from other notification tools is its seamless integration with security workflows and its ability to handle various input formatos. Puede procesar la salida de herramientas de seguridad en tiempo real, filtrar y formatear las notificaciones basadas en criterios específicos, y enviarlas a múltiples destinos simultáneamente. Esto lo convierte en una herramienta esencial para la automatización de la seguridad, permitiendo a los profesionales de la seguridad mantenerse informados sobre importantes hallazgos sin monitorear constantemente sus herramientas.
Notificar es comúnmente utilizado en tuberías de seguridad para alertar sobre vulnerabilidades descubiertas, subdominios nuevos, puertos abiertos o cualquier otro hallazgo significativo. Su flexibilidad y facilidad de integración lo convierten en un componente valioso en los flujos de trabajo de automatización de la seguridad, lo que permite una conciencia en tiempo real de las cuestiones de seguridad.
Instalación¶
Usando Go¶
# Install using Go (requires Go 1.20 or later)
go install -v github.com/projectdiscovery/notify/cmd/notify@latest
# Verify installation
notify -version
Usando Docker¶
# Pull the latest Docker image
docker pull projectdiscovery/notify:latest
# Run Notify using Docker
docker run -it projectdiscovery/notify:latest -h
Usando Homebrew (macOS)¶
Usando PDTM (Project Discovery Tools Manager)¶
# Install PDTM first if not already installed
go install -v github.com/projectdiscovery/pdtm/cmd/pdtm@latest
# Install Notify using PDTM
pdtm -i notify
# Verify installation
notify -version
On Kali Linux¶
Uso básico¶
Enviar notificaciones¶
# Send a simple notification
echo "Hello, World!"|notify
# Send a notification with a custom message
echo "Hello, World!"|notify -message "Custom message: \\\\{\\\\{data\\\\}\\\\}"
# Send a notification from a file
cat results.txt|notify
# Send a notification with a specific provider
echo "Hello, World!"|notify -provider discord
Proveedor Selección¶
# Send to a specific provider
echo "Hello, World!"|notify -provider slack
# Send to multiple providers
echo "Hello, World!"|notify -provider slack,discord,telegram
# Send to all configured providers
echo "Hello, World!"|notify -provider all
Output Options¶
# Save notification log to a file
echo "Hello, World!"|notify -log-file notify.log
# Enable verbose output
echo "Hello, World!"|notify -v
# Show debug information
echo "Hello, World!"|notify -debug
Configuración del proveedor¶
Discord Configuration¶
# Set Discord webhook URL
notify -set-discord-webhook https://discord.com/api/webhooks/your-webhook-url
# Set Discord username
notify -set-discord-username "Notify Bot"
# Set Discord avatar URL
notify -set-discord-avatar https://example.com/avatar.png
# Test Discord configuration
echo "Test message"|notify -provider discord
Slack Configuration¶
# Set Slack webhook URL
notify -set-slack-webhook https://hooks.slack.com/services/your-webhook-url
# Set Slack username
notify -set-slack-username "Notify Bot"
# Set Slack channel
notify -set-slack-channel "#security-alerts"
# Test Slack configuration
echo "Test message"|notify -provider slack
Telegram Configuration¶
# Set Telegram API token
notify -set-telegram-token your-api-token
# Set Telegram chat ID
notify -set-telegram-chat-id your-chat-id
# Test Telegram configuration
echo "Test message"|notify -provider telegram
Configuración de correo electrónico¶
# Set email SMTP server
notify -set-email-server smtp.gmail.com:587
# Set email credentials
notify -set-email-username your-email@gmail.com -set-email-password your-password
# Set email sender
notify -set-email-sender "Notify ``<notify@example.com>``"
# Set email recipient
notify -set-email-recipient recipient@example.com
# Test email configuration
echo "Test message"|notify -provider email
Equipos Configuración¶
# Set Microsoft Teams webhook URL
notify -set-teams-webhook https://outlook.office.com/webhook/your-webhook-url
# Test Teams configuration
echo "Test message"|notify -provider teams
Configuración Webhook personalizada
# Set custom webhook URL
notify -set-custom-webhook https://example.com/webhook
# Set custom webhook method
notify -set-custom-method POST
# Set custom webhook headers
notify -set-custom-headers "Content-Type: application/json,Authorization: Bearer token"
# Test custom webhook configuration
echo "Test message"|notify -provider custom
Advanced Usage¶
Message Formatting¶
# Use custom message format
echo "Vulnerability found!"|notify -message "Alert: \\\\{\\\\{data\\\\}\\\\}"
# Use JSON data in message
echo '\\\\{"severity":"high","vuln":"XSS"\\\\}'|notify -message "\\\\{\\\\{json.severity\\\\}\\\\} severity \\\\{\\\\{json.vuln\\\\}\\\\} found!"
# Use HTML formatting
echo "<b>Bold text</b>"|notify -message "\\\\{\\\\{data\\\\}\\\\}" -format html
Notification Filtering¶
# Filter notifications by content
echo -e "Error 1\nWarning 2\nError 3"|notify -filter "Error"
# Filter notifications by regex
echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -filter-regex "CVE-202[2-3]-.*"
# Exclude notifications by content
echo -e "Error 1\nWarning 2\nError 3"|notify -exclude "Warning"
# Exclude notifications by regex
echo -e "CVE-2021-1234\nCVE-2022-5678"|notify -exclude-regex "CVE-202[0-1]-.*"
Notification Grouping¶
# Group notifications by ID
echo "Finding 1"|notify -id security
echo "Finding 2"|notify -id security
# Group notifications with delay
echo "Finding 1"|notify -id security -delay 60
echo "Finding 2"|notify -id security -delay 60
Notification Throttling¶
# Set notification delay
echo "Finding 1"|notify -delay 5
# Set maximum notifications per minute
echo "Finding 1"|notify -rate-limit 10
Integración con otras herramientas¶
Pipeline with Nuclei¶
# Send Nuclei findings to Discord
nuclei -u https://example.com -t cves/ -silent|notify -provider discord
# Send only critical findings to Slack
nuclei -u https://example.com -t cves/ -silent -severity critical|notify -provider slack
# Send findings with custom message format
nuclei -u https://example.com -t cves/ -json -silent|notify -message "Vulnerability found: \\\\{\\\\{json.info.name\\\\}\\\\} (\\\\{\\\\{json.info.severity\\\\}\\\\})"
Pipeline with Subfinder¶
# Send discovered subdomains to Telegram
subfinder -d example.com -silent|notify -provider telegram
# Send subdomains with custom message
subfinder -d example.com -silent|notify -message "New subdomain found: \\\\{\\\\{data\\\\}\\\\}"
Pipeline with HTTPX¶
# Send active HTTP services to Discord
httpx -l domains.txt -silent|notify -provider discord
# Send only specific status codes to Slack
httpx -l domains.txt -silent -status-code 200|notify -provider slack
Pipeline with Naabu¶
# Send open ports to Telegram
naabu -host example.com -silent|notify -provider telegram
# Send specific open ports to Discord
naabu -host example.com -silent -p 80,443,8080|notify -provider discord
Output Customization¶
Plantillas de Mensajes Personalizados¶
# Use simple text template
echo "Finding"|notify -message "New finding: \\\\{\\\\{data\\\\}\\\\}"
# Use JSON data in template
echo '\\\\{"vuln":"XSS","url":"https://example.com"\\\\}'|notify -message "\\\\{\\\\{json.vuln\\\\}\\\\} found at \\\\{\\\\{json.url\\\\}\\\\}"
# Use conditional formatting
echo '\\\\{"severity":"high"\\\\}'|notify -message "\\\\{\\\\{if eq json.severity \"high\"\\\\}\\\\}CRITICAL ALERT\\\\{\\\\{else\\\\}\\\\}Alert\\\\{\\\\{end\\\\}\\\\}: \\\\{\\\\{json.severity\\\\}\\\\} severity finding"
Opciones de formato¶
# Use plain text format
echo "<b>Bold text</b>"|notify -format text
# Use HTML format
echo "<b>Bold text</b>"|notify -format html
# Use Markdown format
echo "**Bold text**"|notify -format markdown
Attachment Options¶
# Send file as attachment
cat screenshot.png|notify -provider discord -attach screenshot.png
# Send multiple files as attachments
notify -provider discord -attach "screenshot.png,report.pdf" -message "Security findings"
Miscelánea Características¶
Bulk Notifications¶
# Send bulk notifications from a file
cat findings.txt|notify
# Process JSON lines
cat findings.jsonl|notify -json-input
Interactive Mode¶
Health Check¶
# Check provider health
notify -health-check
# Check specific provider health
notify -health-check -provider discord
Troubleshooting¶
Common Issues¶
- ** Cuestiones de configuración de proveedores**
# Verify provider configuration notify -provider-config # Reset provider configuration notify -reset-provider discord ``` 2. ** Limitación de destino** ```bash # Add delay between notifications echo "Finding"|notify -delay 5 # Set rate limit echo "Finding"|notify -rate-limit 10 ``` 3. ** Problemas de Formato de Mensajes** ```bash # Check message template echo "Finding"|notify -message "\\\\{\\\\{data\\\\}\\\\}" -debug # Use simple message format first echo "Finding"|notify -message "Alert: \\\\{\\\\{data\\\\}\\\\}" ``` 4. ** Cuestiones relativas a la delincuencia** ```bash # Check provider credentials notify -provider-config # Update provider credentials notify -set-discord-webhook https://discord.com/api/webhooks/your-new-webhook-url ``` ### Debugging ```bash # Enable verbose mode echo "Finding"|notify -v # Show debug information echo "Finding"|notify -debug # Check provider configuration notify -provider-config
Configuración¶
Archivo de configuración¶
Notificar utiliza un archivo de configuración ubicado en $HOME/.config/notify/provider-config.yaml_. Puede personalizar varios ajustes en este archivo:
# Example configuration file
discord:
webhook: https://discord.com/api/webhooks/your-webhook-url
username: Notify Bot
avatar: https://example.com/avatar.png
slack:
webhook: https://hooks.slack.com/services/your-webhook-url
username: Notify Bot
channel: "#security-alerts"
telegram:
token: your-api-token
chat_id: your-chat-id
email:
server: smtp.gmail.com:587
username: your-email@gmail.com
password: your-password
sender: "Notify ``<notify@example.com>``"
recipient: recipient@example.com
Environment Variables¶
# Set Notify configuration via environment variables
export NOTIFY_DISCORD_WEBHOOK=https://discord.com/api/webhooks/your-webhook-url
export NOTIFY_SLACK_WEBHOOK=https://hooks.slack.com/services/your-webhook-url
export NOTIFY_TELEGRAM_TOKEN=your-api-token
export NOTIFY_TELEGRAM_CHAT_ID=your-chat-id
Reference¶
Command Line Options¶
| Flag | Description |
|---|---|
| INLINE_CODE_36 | Provider(s) to send notification to |
| INLINE_CODE_37 | Custom message format for notification |
| INLINE_CODE_38 | ID to group notifications |
| INLINE_CODE_39 | Delay in seconds between notifications |
| INLINE_CODE_40 | Maximum number of notifications per minute |
| INLINE_CODE_41 | Filter notifications by content |
| INLINE_CODE_42 | Filter notifications by regex |
| INLINE_CODE_43 | Exclude notifications by content |
| INLINE_CODE_44 | Exclude notifications by regex |
| INLINE_CODE_45 | Format for notification (text, html, markdown) |
| INLINE_CODE_46 | File(s) to attach to notification |
| INLINE_CODE_47 | Process input as JSON lines |
| INLINE_CODE_48 | File to write notification log to |
| INLINE_CODE_49 | Show verbose output |
| INLINE_CODE_50 | Show debug information |
| INLINE_CODE_51 | Show Notify version |
Opciones de configuración del proveedor¶
| Flag | Description |
|---|---|
| INLINE_CODE_52 | Set Discord webhook URL |
| INLINE_CODE_53 | Set Discord username |
| INLINE_CODE_54 | Set Discord avatar URL |
| INLINE_CODE_55 | Set Slack webhook URL |
| INLINE_CODE_56 | Set Slack username |
| INLINE_CODE_57 | Set Slack channel |
| INLINE_CODE_58 | Set Telegram API token |
| INLINE_CODE_59 | Set Telegram chat ID |
| INLINE_CODE_60 | Set email SMTP server |
| INLINE_CODE_61 | Set email username |
| INLINE_CODE_62 | Set email password |
| INLINE_CODE_63 | Set email sender |
| INLINE_CODE_64 | Set email recipient |
| INLINE_CODE_65 | Set Microsoft Teams webhook URL |
| INLINE_CODE_66 | Set custom webhook URL |
| INLINE_CODE_67 | Set custom webhook method |
| INLINE_CODE_68 | Set custom webhook headers |
| INLINE_CODE_69 | Show provider configuration |
| INLINE_CODE_70 | Reset provider configuration |
Proveedores compatibles
| Provider | Description |
|---|---|
| INLINE_CODE_71 | Discord messaging platform |
| INLINE_CODE_72 | Slack messaging platform |
| INLINE_CODE_73 | Telegram messaging platform |
| INLINE_CODE_74 | Email notification |
| INLINE_CODE_75 | Microsoft Teams messaging platform |
| INLINE_CODE_76 | Custom webhook |
| INLINE_CODE_77 | All configured providers |
Resources¶
- [Documentación Oficial](URL_78__
- [Repositorio GitHub](URL_79__
- [Discord de descubrimiento del producto](URL_80__
-...
*Esta hoja de trampa proporciona una referencia completa para utilizar Notificar, desde notificaciones básicas a la integración avanzada con otras herramientas. Para la información más actualizada, consulte siempre la documentación oficial. *