Retrieve vulnerability sightings collected from Telegram and push them to a Vulnerability-Lookup instance.

Navigation

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers
Report project as malware

Project description

TeleGramSight

A client that retrieves vulnerability observations from a Telegram collector and pushes them to a Vulnerability-Lookup instance.

Installation

pipx is an easy way to install and run Python applications in isolated environments. It's easy to install.

$ pipx install TeleGramSight
$ export TeleGramSight_CONFIG=~/conf.py

The configuration should be defined in a Python file (e.g., ~/.TeleGramSight/conf.py). You must then set an environment variable (TeleGramSight_CONFIG) with the full path to this file.

Usage

Once installed and configured, invoke the CLI:

$ telegramsight --since 2026-04-23T00:00:00 --until 2026-04-24T00:00:00
$ telegramsight --since 'yesterday' --until 'today' --no-push
$ telegramsight --since '2 days ago' --until 'today'
$ telegramsight --since 1775001600 --until 1776902399

Arguments:

  • --since / --until — time window bounds. Accept unix-epoch seconds, ISO 8601 timestamps, or natural-language expressions (e.g. 2 days ago, yesterday, today, 1 week ago). Defaults to the last 24 hours when omitted, which is the expected cron invocation.
  • --page-size — results per API call (default 100).
  • --no-push — dry run: fetch and build sightings and log them, but don't send anything to Vulnerability-Lookup.

Cron example (every hour):

0 * * * * TeleGramSight_CONFIG=/etc/telegramsight/conf.py /usr/local/bin/telegramsight

Security

Sighting sources are encrypted with AES-SIV (RFC 5297) using the source_encryption_key set in your configuration file. AES-SIV is used deterministically (no nonce, no associated data) so that the same Telegram message always produces the same source string, which lets Vulnerability-Lookup deduplicate on the ciphertext without decrypting it. The key may be 32, 48, or 64 bytes (AES-128/192/256-SIV); 64 bytes is recommended for new deployments. AES-256 retains an estimated ~128-bit security margin against known quantum attacks (Grover's algorithm), but the tool itself has not been independently audited or certified.

License

TeleGramSight is licensed under GNU General Public License version 3

Copyright (c) 2026 Computer Incident Response Center Luxembourg (CIRCL)
Copyright (C) 2026 Cédric Bonhomme - https://github.com/cedricbonhomme

Project details

Verified details

These details have been verified by PyPI
Owner

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: GPL-3.0-or-later
    SPDX License Expression
  • Author: Cédric Bonhomme
  • Tags Vulnerability-Lookup , vulnerability , cve , sighting , observations , Telegram
  • Requires: Python <4.0, >=3.10
Classifiers

Release history Release notifications | RSS feed

0.6.0

This version

0.5.2

0.5.1

0.5.0

0.4.0

0.3.0

0.2.0

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

telegramsight-0.5.2.tar.gz (19.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

telegramsight-0.5.2-py3-none-any.whl (20.9 kB view details)

Uploaded Python 3

File details

Details for the file telegramsight-0.5.2.tar.gz.

File metadata

  • Download URL: telegramsight-0.5.2.tar.gz
  • Upload date:
  • Size: 19.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.5.2.tar.gz
Algorithm Hash digest
SHA256 5c78ee2781d828d9beb13bba1521104f44053583b394cb4d8fdab85b84ff3b79
MD5 5fdde04d6528f89e664a660e6e0baef1
BLAKE2b-256 9ed52e042c01a2a055255a163770495d2bf6c7b0dc5b5595150a140bdfe0484a

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.5.2.tar.gz:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file telegramsight-0.5.2-py3-none-any.whl.

File metadata

  • Download URL: telegramsight-0.5.2-py3-none-any.whl
  • Upload date:
  • Size: 20.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for telegramsight-0.5.2-py3-none-any.whl
Algorithm Hash digest
SHA256 d9ffcbeaf9163d3188fe080dbee2855123ed760bb9bd21af0ae219aea329096c
MD5 9187561c67b2a13e746e84ae660c2a0d
BLAKE2b-256 3c6acd94fbeb9666bcb523e85a554a939104b3e736043c0a144e2d3e05c7e6e7

See more details on using hashes here.

Provenance

The following attestation bundles were made for telegramsight-0.5.2-py3-none-any.whl:

Publisher: release.yml on vulnerability-lookup/TeleGramSight

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page