Retrieve vulnerability sightings collected from Telegram and push them to a Vulnerability-Lookup instance.

Navigation

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers
Report project as malware

Project description

TeleGramSight

A client that retrieves vulnerability observations from a Telegram collector and pushes them to a Vulnerability-Lookup instance.

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install TeleGramSight
$ export TeleGramSight_CONFIG=~/conf.py

The configuration should be defined in a Python file (e.g., ~/.TeleGramSight/conf.py). You must then set an environment variable (TeleGramSight_CONFIG) with the full path to this file.

Usage

Once installed and configured, invoke the CLI:

$ telegramsight --since 2026-04-23T00:00:00 --until 2026-04-24T00:00:00
$ telegramsight --since 'yesterday' --until 'today' --no-push
$ telegramsight --since '2 days ago' --until 'today'
$ telegramsight --since 1775001600 --until 1776902399

Arguments:

  • --since / --until — time window bounds. Accept unix-epoch seconds, ISO 8601 timestamps, or natural-language expressions (e.g. 2 days ago, yesterday, today, 1 week ago). Defaults to the last 24 hours when omitted, which is the expected cron invocation.
  • --page-size — results per API call (default 100).
  • --no-push — dry run: fetch and build sightings and log them, but don't send anything to Vulnerability-Lookup.

Cron example (every hour):

0 * * * * TeleGramSight_CONFIG=/etc/telegramsight/conf.py /usr/local/bin/telegramsight

Security

Sighting sources are encrypted with AES-SIV (RFC 5297) using the source_encryption_key set in your configuration file. AES-SIV is used deterministically (no nonce, no associated data) so that the same Telegram message always produces the same source string, which lets Vulnerability-Lookup deduplicate on the ciphertext without decrypting it. The key may be 32, 48, or 64 bytes (AES-128/192/256-SIV); 64 bytes is recommended for new deployments. AES-256 retains an estimated ~128-bit security margin against known quantum attacks (Grover's algorithm), but the tool itself has not been independently audited or certified.

License

TeleGramSight is licensed under GNU General Public License version 3

Copyright (c) 2026 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2026 Cédric Bonhomme - https://github.com/cedricbonhomme

Project details

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers

Release history Release notifications | RSS feed

0.6.0

0.5.2

0.5.1

0.5.0

0.4.0

0.3.0

This version

0.2.0

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

telegramsight-0.2.0.tar.gz (17.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

telegramsight-0.2.0-py3-none-any.whl (19.2 kB view details)

Uploaded Python 3

File details

Details for the file telegramsight-0.2.0.tar.gz.

File metadata

  • Download URL: telegramsight-0.2.0.tar.gz
  • Upload date:
  • Size: 17.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.2.0.tar.gz
Algorithm Hash digest
SHA256 878c293742de87dd28cdce9d107f63cfddb4b1ebaa818dad03e2c2f4ccedabaf
MD5 18ed49e6514e0cbd1b4c5137d5f276a1
BLAKE2b-256 5f91f2664fa879d1deadedb35a67a11b11ecf7de1f8d954c299ea759c7a945cc

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.2.0.tar.gz:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file telegramsight-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: telegramsight-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 19.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 3fa661dc8acc97171ad8f4e374da515165ec1240a0834a709d397755ef796263
MD5 de72b79d6498242e661030bc8745c7be
BLAKE2b-256 650e708bebe6855241adae7d16ab4fa271cc20a65ca4858edfa63befd0f85c8d

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.2.0-py3-none-any.whl:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page