Retrieve vulnerability sightings collected from Telegram and push them to a Vulnerability-Lookup instance.

Navigation

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers
Report project as malware

Project description

TeleGramSight

A client that retrieves vulnerability observations from a Telegram collector and pushes them to a Vulnerability-Lookup instance.

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install TeleGramSight
$ export TeleGramSight_CONFIG=~/conf.py

The configuration should be defined in a Python file (e.g., ~/.TeleGramSight/conf.py). You must then set an environment variable (TeleGramSight_CONFIG) with the full path to this file.

Usage

Once installed and configured, invoke the CLI:

$ telegramsight --since 2026-04-23T00:00:00 --until 2026-04-24T00:00:00
$ telegramsight --since 'yesterday' --until 'today' --no-push
$ telegramsight --since '2 days ago' --until 'today'
$ telegramsight --since 1775001600 --until 1776902399

Arguments:

  • --since / --until — time window bounds. Accept unix-epoch seconds, ISO 8601 timestamps, or natural-language expressions (e.g. 2 days ago, yesterday, today, 1 week ago). Defaults to the last 24 hours when omitted, which is the expected cron invocation.
  • --page-size — results per API call (default 100).
  • --no-push — dry run: fetch and build sightings and log them, but don't send anything to Vulnerability-Lookup.

Cron example (every hour):

0 * * * * TeleGramSight_CONFIG=/etc/telegramsight/conf.py /usr/local/bin/telegramsight

Security

Sighting sources are encrypted with AES-SIV (RFC 5297) using the source_encryption_key set in your configuration file. AES-SIV is used deterministically (no nonce, no associated data) so that the same Telegram message always produces the same source string, which lets Vulnerability-Lookup deduplicate on the ciphertext without decrypting it. The key may be 32, 48, or 64 bytes (AES-128/192/256-SIV); 64 bytes is recommended for new deployments. AES-256 retains an estimated ~128-bit security margin against known quantum attacks (Grover's algorithm), but the tool itself has not been independently audited or certified.

License

TeleGramSight is licensed under GNU General Public License version 3

Copyright (c) 2026 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2026 Cédric Bonhomme - https://github.com/cedricbonhomme

Project details

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers

Release history Release notifications | RSS feed

0.6.0

0.5.2

0.5.1

0.5.0

This version

0.4.0

0.3.0

0.2.0

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

telegramsight-0.4.0.tar.gz (18.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

telegramsight-0.4.0-py3-none-any.whl (20.0 kB view details)

Uploaded Python 3

File details

Details for the file telegramsight-0.4.0.tar.gz.

File metadata

  • Download URL: telegramsight-0.4.0.tar.gz
  • Upload date:
  • Size: 18.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.4.0.tar.gz
Algorithm Hash digest
SHA256 462c3c4be55ba76570ec53ec277af65c8ba14f941245f26641ce0173356fcf01
MD5 62a6eabd8abf2040ffa57aa37add0b2a
BLAKE2b-256 527071007cd2589c03a4ea1565afb6a3b5d1425e454a1b7cced9b72ae9068234

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.4.0.tar.gz:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file telegramsight-0.4.0-py3-none-any.whl.

File metadata

  • Download URL: telegramsight-0.4.0-py3-none-any.whl
  • Upload date:
  • Size: 20.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 a3091cfb33164dc3767463bae9ab90e3e98e69a700f325ba1fc8e7ead20e3867
MD5 6c69f87cff43c5ddabca219c5c0b102a
BLAKE2b-256 54cc52fb18960ab4892802aead40be1bc27b11e6f649fb1f12bb59ff03b082a7

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.4.0-py3-none-any.whl:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page