Notify

Project Discovery has released another great tool. Notify can send messages to Slack, Discord, or Telegram, which is useful during the reconnaissance phase of a penetration test or bug bounty.

I’ve set it up with Slack to get notifications from Jaeles or Nuclei scans, but it can be used for anything.

The first step is to create a new Slack app:

The second is Activate Incoming Webhooks, from the Features page:

Then to add a New Webhook, during the setup you can choose which channel the App posts to:

After copying the Webhook URL and taking note of the App Name and the Channel you’ve chosen:

Then grab Notify from the projectdiscovery github page:

GO111MODULE=on go get -u -v github.com/projectdiscovery/notify/cmd/notify

Running notify the first time will write a configuration file to :

~/.config/notify/notify.conf

Edit the configuration file and paste the WebHook URL to slack_webhook_url

Paste the App name to slack_username

Paste the Channel name to slack_channel

You can test the configuration using:

Echo TEST | notify

Which should send TEST to the relevant channel

After this we can setup scans or enumeration scripts and have the output sent to the slack channel:

cat urls | nuclei -t ~/nuclei-templates/fuzzing | notify

cat urls | xargs -I@ ~/go/bin/jaeles scan -c 100 -s ~/jaeles-signatures/ -u @ | notify

echo example.com | subfinder | notify

I have written up an example of using cloud services for Recon and Notify has been helpful in certain circumstances:

https://medium.com/@sherwyn.moodley/building-a-bug-bounty-box-in-aws-dcc691417833