Retrieve vulnerability sightings collected from Telegram and push them to a Vulnerability-Lookup instance.

Navigation

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers
Report project as malware

Project description

TeleGramSight

A client that retrieves vulnerability observations from a Telegram collector and pushes them to a Vulnerability-Lookup instance.

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install TeleGramSight
$ export TeleGramSight_CONFIG=~/conf.py

The configuration should be defined in a Python file (e.g., ~/.TeleGramSight/conf.py). You must then set an environment variable (TeleGramSight_CONFIG) with the full path to this file.

Usage

Once installed and configured, invoke the CLI:

$ telegramsight --since 2026-04-23T00:00:00 --until 2026-04-24T00:00:00
$ telegramsight --since 'yesterday' --until 'today' --no-push
$ telegramsight --since '2 days ago' --until 'today'
$ telegramsight --since 1775001600 --until 1776902399

Arguments:

  • --since / --until — time window bounds. Accept unix-epoch seconds, ISO 8601 timestamps, or natural-language expressions (e.g. 2 days ago, yesterday, today, 1 week ago). Defaults to the last 24 hours when omitted, which is the expected cron invocation.
  • --page-size — results per API call (default 100).
  • --no-push — dry run: fetch and build sightings and log them, but don't send anything to Vulnerability-Lookup.

Cron example (every hour):

0 * * * * TeleGramSight_CONFIG=/etc/telegramsight/conf.py /usr/local/bin/telegramsight

Security

Sighting sources are encrypted with AES-SIV (RFC 5297) using the source_encryption_key set in your configuration file. AES-SIV is used deterministically (no nonce, no associated data) so that the same Telegram message always produces the same source string, which lets Vulnerability-Lookup deduplicate on the ciphertext without decrypting it. The key may be 32, 48, or 64 bytes (AES-128/192/256-SIV); 64 bytes is recommended for new deployments. AES-256 retains an estimated ~128-bit security margin against known quantum attacks (Grover's algorithm), but the tool itself has not been independently audited or certified.

License

TeleGramSight is licensed under GNU General Public License version 3

Copyright (c) 2026 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2026 Cédric Bonhomme - https://github.com/cedricbonhomme

Project details

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers

Release history Release notifications | RSS feed

0.6.0

0.5.2

This version

0.5.1

0.5.0

0.4.0

0.3.0

0.2.0

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

telegramsight-0.5.1.tar.gz (18.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

telegramsight-0.5.1-py3-none-any.whl (20.4 kB view details)

Uploaded Python 3

File details

Details for the file telegramsight-0.5.1.tar.gz.

File metadata

  • Download URL: telegramsight-0.5.1.tar.gz
  • Upload date:
  • Size: 18.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.5.1.tar.gz
Algorithm Hash digest
SHA256 d2e6be3c69ee5cbe9d406515e1a296d21ab116ec3c8ffa681acaa0b7fad1be29
MD5 99f182b9cb0aee34eb9f4b6b529a1bce
BLAKE2b-256 a31d1e20cdce7ff69769a97aa6920c75b21ff6b7010d9e8cfa43a83c67ca8b40

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.5.1.tar.gz:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file telegramsight-0.5.1-py3-none-any.whl.

File metadata

  • Download URL: telegramsight-0.5.1-py3-none-any.whl
  • Upload date:
  • Size: 20.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.5.1-py3-none-any.whl
Algorithm Hash digest
SHA256 880b70c73a82ee2ea358655a7209dae99444acba8ab704fbb6d0c425f33be256
MD5 d9a7aeab74d30585df086f74ccc8fcdf
BLAKE2b-256 3b05675348557eb810c48a1b67b76ff4157dd1845984b1b76036ec46a2a3b691

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.5.1-py3-none-any.whl:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page