Retrieve vulnerability sightings collected from Telegram and push them to a Vulnerability-Lookup instance.

Navigation

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers
Report project as malware

Project description

TeleGramSight

A client that retrieves vulnerability observations from a Telegram collector and pushes them to a Vulnerability-Lookup instance.

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install TeleGramSight
$ export TeleGramSight_CONFIG=~/conf.py

The configuration should be defined in a Python file (e.g., ~/.TeleGramSight/conf.py). You must then set an environment variable (TeleGramSight_CONFIG) with the full path to this file.

Usage

Once installed and configured, invoke the CLI:

$ telegramsight --since 2026-04-23T00:00:00 --until 2026-04-24T00:00:00
$ telegramsight --since 'yesterday' --until 'today' --no-push
$ telegramsight --since '2 days ago' --until 'today'
$ telegramsight --since 1775001600 --until 1776902399

Arguments:

  • --since / --until — time window bounds. Accept unix-epoch seconds, ISO 8601 timestamps, or natural-language expressions (e.g. 2 days ago, yesterday, today, 1 week ago). Defaults to the last 24 hours when omitted, which is the expected cron invocation.
  • --page-size — results per API call (default 100).
  • --no-push — dry run: fetch and build sightings and log them, but don't send anything to Vulnerability-Lookup.

Cron example (every hour):

0 * * * * TeleGramSight_CONFIG=/etc/telegramsight/conf.py /usr/local/bin/telegramsight

Security

Sighting sources are encrypted with AES-SIV (RFC 5297) using the source_encryption_key set in your configuration file. AES-SIV is used deterministically (no nonce, no associated data) so that the same Telegram message always produces the same source string, which lets Vulnerability-Lookup deduplicate on the ciphertext without decrypting it. The key may be 32, 48, or 64 bytes (AES-128/192/256-SIV); 64 bytes is recommended for new deployments. AES-256 retains an estimated ~128-bit security margin against known quantum attacks (Grover's algorithm), but the tool itself has not been independently audited or certified.

License

TeleGramSight is licensed under GNU General Public License version 3

Copyright (c) 2026 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2026 Cédric Bonhomme - https://github.com/cedricbonhomme

Project details

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers

Release history Release notifications | RSS feed

0.6.0

0.5.2

0.5.1

0.5.0

0.4.0

This version

0.3.0

0.2.0

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

telegramsight-0.3.0.tar.gz (17.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

telegramsight-0.3.0-py3-none-any.whl (19.2 kB view details)

Uploaded Python 3

File details

Details for the file telegramsight-0.3.0.tar.gz.

File metadata

  • Download URL: telegramsight-0.3.0.tar.gz
  • Upload date:
  • Size: 17.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.3.0.tar.gz
Algorithm Hash digest
SHA256 7a9804027310d9703e6773a1208a4fe70215e4dd1a25cbde866d94329790ac22
MD5 c72eee5faa029b188c36eaa1b6dbcff7
BLAKE2b-256 dd82f88688f2b23002f53fe611903512b2d6d096df503fb4560faa433925f119

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.3.0.tar.gz:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file telegramsight-0.3.0-py3-none-any.whl.

File metadata

  • Download URL: telegramsight-0.3.0-py3-none-any.whl
  • Upload date:
  • Size: 19.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 d4cae0f8bb07d76d4fb092abdb5c6d884ac69c52938f91467305a7c30d4ae142
MD5 79588983d1da19a15c01b975be7dbd75
BLAKE2b-256 04e94a5d790aa9ef2f373ae62beddd2a8370b982b265c00ef915714e85e58a02

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.3.0-py3-none-any.whl:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page