Tracking system changes on Unix hosts and letting you know about it.

These details have not been verified by PyPI

Project links

Project description

rnotify

About
Installation
Usage

About

Operators use several tools to perform internal security assessments. These tools can be difficult to track remotely and have output that is time sensitive. The tool rnotify tries to solve this problem. Some example use cases are listed below:

Monitor hashcat process and notify when cracking job is completed
Monitor folder for hashes captured using Responder
Monitor and notify on computer account creation when using mitm6 and ntlmrelayx
Notify when password spraying job completes

Following a change to the monitoried object, the tool can then notify using a webhook for the following communication platforms:

Slack
MS Teams
Discord

Installation

The project can be installed using pipx:

pipx install rnotify

Usage

The tool is only useable on Unix based operating systems. The utility can be called using the command rnotify or rn and can monitor:

File changes
New files added to a folder
Process exit (PID)

Usage: rn [OPTIONS] COMMAND [ARGS]...

  Notify on arbitrary filesystem events and process state changes.

Options:
  --help  Show this message and exit.

Commands:
  file    Notify on file changes
  folder  Notify on directory changes
  pid     Notify on process changes

All modules require the specificiation of the following options:

Webhook URL used for notifications
Notification provider associated with the provided webhook
Target to monitor (file, folder, pid)

All modules optionally allow the specification of the following options:

Daemonization of the utility to run rnotify in the background
Sleep interval used by tool when checking for changes
Configuration file in the format shown below

webhook = 'https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX'
target = '/tmp/screen.log'
notifier = 'slack'
create_daemon = 'True'

File Monitoring

File changes can be monitored using the file subcommand:

Usage: rn file [OPTIONS] TARGET

  Notify on file changes

Options:
  -w, --webhook TEXT              Webhook URL  [required]
  -n, --notifier [teams|slack|discord]
                                  Notification provider.  [required]
  -f, --filter TEXT               Filter changes by string.
  -s, --sleep INTEGER             Sleep time between checks  [default: 5]
  -d, --daemon                    Daemonize the utility
  --config FILE                   Read configuration from FILE.
  -h, --help                      Show this message and exit.

Changes to logfiles can be filtered using the -f flag.

Folder Monitoring

Folder changes can be monitored using the folder subcommand:

Usage: rn folder [OPTIONS] TARGET

  Notify on directory changes

Options:
  -w, --webhook TEXT              Webhook URL  [required]
  -d, --daemon                    Daemonize the utility
  -n, --notifier [teams|slack|discord]
                                  Notification provider.  [required]
  -s, --sleep INTEGER             Sleep time between checks  [default: 5]
  --config FILE                   Read configuration from FILE.
  -h, --help                      Show this message and exit.

PID Monitoring

Process exits can be monitored using the pid subcommand:

Usage: rn pid [OPTIONS] TARGET

  Notify on process changes

Options:
  -w, --webhook TEXT              Webhook URL  [required]
  -n, --notifier [teams|slack|discord]
                                  Notification provider.  [required]
  -s, --sleep INTEGER             Sleep time between checks  [default: 5]
  -d, --daemon                    Daemonize the utility
  --config FILE                   Read configuration from FILE.
  -h, --help                      Show this message and exit.

Usage examples

Watch Responder logs folder in the foreground:

rn folder /opt/Responder/logs -w https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX -n slack

Watch for hashcat process to stop in the background:

rn pid 54782 -w https://hooks.teams.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX -n teams -d

Watch for changes to gnu screen log with a filter in the foreground:

rn file /top/screen.log -f Account -w https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX -n slack

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

0.1.3

May 17, 2022

0.1.2

Apr 29, 2022

0.1.1

Apr 29, 2022

0.1.0

Apr 29, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

rnotify-0.1.3.tar.gz (9.6 kB view details)

Uploaded May 17, 2022 Source

Built Distribution

rnotify-0.1.3-py3-none-any.whl (9.5 kB view details)

Uploaded May 17, 2022 Python 3

File details

Details for the file rnotify-0.1.3.tar.gz.

File metadata

Download URL: rnotify-0.1.3.tar.gz
Upload date: May 17, 2022
Size: 9.6 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.1.13 CPython/3.9.12 Darwin/21.4.0

File hashes

Hashes for rnotify-0.1.3.tar.gz
Algorithm	Hash digest
SHA256	`8f2c0cddc434f317eccec2fdbfe0d1d97a77987b03e36c573157b96d9fcbd365`
MD5	`6f1f44ffab32bab8862e35f3a615ad75`
BLAKE2b-256	`2a2d5354c6c42dd8a65a511322beb90c205fdce35e97e922fb04163943304040`

See more details on using hashes here.

File details

Details for the file rnotify-0.1.3-py3-none-any.whl.

File metadata

Download URL: rnotify-0.1.3-py3-none-any.whl
Upload date: May 17, 2022
Size: 9.5 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.1.13 CPython/3.9.12 Darwin/21.4.0

File hashes

Hashes for rnotify-0.1.3-py3-none-any.whl
Algorithm	Hash digest
SHA256	`b2cc71793a4fa0eb44c343479da298378c88deb00b054be485e1384741073167`
MD5	`d08deeb1e0a0040ad6e783b190e676bf`
BLAKE2b-256	`dcc3689b686feb519eb0c192c35362d6b1f4471075345bfefaaf5277362d2bf5`