Skip to content

Commit

Permalink
Creation of the common module and notification system
Browse files Browse the repository at this point in the history
Created a new Django App to centralize the generic functions of Watcher used by multiple modules.
Refactored the notification system to integrate SMTPS protocol (replacing SMTP).
Added automatic alert creation in TheHive via Feeder.
Integrated notifications through the Citadel enterprise application (via APIs).
Added Slack notifications (via APIs).
  • Loading branch information
ygal authored and ygal committed Dec 4, 2024
1 parent 0a24d9b commit 77c9d14
Show file tree
Hide file tree
Showing 56 changed files with 2,101 additions and 1,412 deletions.
Empty file.
3 changes: 3 additions & 0 deletions Watcher/Watcher/common/admin.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
from django.contrib import admin

# Register your models here.
6 changes: 6 additions & 0 deletions Watcher/Watcher/common/apps.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
from django.apps import AppConfig


class CommonConfig(AppConfig):
default_auto_field = 'django.db.models.BigAutoField'
name = 'common'
508 changes: 508 additions & 0 deletions Watcher/Watcher/common/core.py

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
from django.conf import settings


def get_group_template(keyword, alerts_number):
def get_data_leak_group_template(keyword, alerts_number):
body = """\
<html>
<head>
Expand Down
160 changes: 160 additions & 0 deletions Watcher/Watcher/common/mail_template/data_leak_template.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,160 @@
from django.conf import settings


def get_data_leak_template(alert):
github_repo = "https://github.com/thalesgroup-cert/Watcher"
body = """\
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style>
/* Reset Styles */
body, p, table, td, div {
margin: 0;
padding: 0;
font-family: 'Lato', sans-serif;
line-height: 1.6;
}
/* Base Styles */
body {
background-color: #f5f7fa;
color: #2d3748;
font-size: 14px;
}
.container {
max-width: 600px;
margin: 20px auto;
background: #ffffff;
border-radius: 8px;
overflow: hidden;
box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
}
/* Header Styles */
.header {
background: linear-gradient(135deg, #00267F 0%, #1a365d 100%);
padding: 30px 20px;
text-align: center;
}
.header h1 {
color: #ffffff;
font-size: 24px;
font-weight: 600;
margin: 0;
text-transform: uppercase;
}
.header img {
width: 80px;
height: auto;
margin-bottom: 15px;
}
/* Content Styles */
.content {
padding: 40px 30px;
}
.content p {
margin-bottom: 20px;
color: #4a5568;
}
.details {
background: #f3f4f6;
border-left: 4px solid #00267F;
padding: 15px 20px;
margin: 20px 0;
border-radius: 0 4px 4px 0;
}
.details p {
margin: 8px 0;
color: #2d3748;
font-size: 15px;
}
/* Footer Styles */
.footer {
background: #58c3d7;
padding: 30px 20px;
text-align: center;
}
.footer-logo img {
width: 90px;
height: 90px;
}
.github-link {
display: inline-block;
padding: 8px 15px;
background: rgba(255, 255, 255, 0.1);
border-radius: 5px;
color: #ffffff;
text-decoration: none;
transition: background 0.3s ease;
}
.github-link:hover {
background: rgba(255, 255, 255, 0.2);
}
.github-link img {
width: 20px;
height: 20px;
vertical-align: middle;
margin-right: 8px;
filter: invert(1);
}
.classification {
text-align: center;
font-size: 12px;
color: #718096;
margin-top: 20px;
}
</style>
</head>
<body>
<div class="container">
<!-- Header -->
<div class="header">
<img src=\"""" + str(settings.WATCHER_LOGO_BASE64) + """\" alt="Watcher Logo">
<h1>Data Leak Alert #""" + str(alert.pk) + """</h1>
</div>
<!-- Content -->
<div class="content">
<p>Dear team,</p>
<p>A new data leakage alert has been detected: for the keyword:</p>
<div class="details">
<p><strong>Keyword:</strong> """ + str(alert.keyword) + """</p>
<p><strong>Source:</strong> """ + str(alert.url) + """</p>
</div>
<p>You can check more details <a href="{settings.WATCHER_URL}#/website_monitoring">here.</a></p>
<p>Kind Regards,<br>
<strong>Watcher</strong></p>
</div>
<!-- Footer -->
<div class="footer">
<a href=\"""" + github_repo + """\" class="github-link">
<img src="https://cdnjs.cloudflare.com/ajax/libs/simple-icons/3.0.1/github.svg" alt="GitHub">
View Watcher on GitHub
</a>
</div>
</div>
<p class="classification">[""" + str(settings.EMAIL_CLASSIFICATION) + """]</p>
</body>
</html>
"""
return body
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
from django.conf import settings


def get_cert_transparency_template(alert):
def get_dns_finder_cert_transparency_template(alert):
body = """\
<html>
<head>
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
from django.conf import settings


def get_group_template(dns_monitored, alerts_number):
def get_dns_finder_group_template(dns_monitored, alerts_number):
body = """\
<html>
<head>
Expand Down
166 changes: 166 additions & 0 deletions Watcher/Watcher/common/mail_template/dns_finder_template.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,166 @@
from django.conf import settings

def get_dns_finder_template(alert):
"""
Génère un email HTML pour une alerte DNS Finder.
:param alert: Objet contenant les informations sur l'alerte.
:return: Contenu HTML de l'email.
"""
body = f"""\
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style>
/* Reset Styles */
body, table, td, p {{
margin: 0;
padding: 0;
font-family: 'Lato', sans-serif;
color: #333333;
line-height: 1.6;
}}
body {{
background-color: #f9fafc;
font-size: 14px;
}}
.container {{
max-width: 600px;
margin: 20px auto;
background: #ffffff;
border-radius: 8px;
box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
}}
/* Header */
.header {{
background: linear-gradient(135deg, #00267F 0%, #1a365d 100%);
color: #ffffff;
padding: 20px;
text-align: center;
border-top-left-radius: 8px;
border-top-right-radius: 8px;
}}
.header h1 {{
font-size: 24px;
margin: 0;
}}
.header img {{
width: 80px; /* Taille réduite du logo */
height: auto;
margin-bottom: 10px;
}}
/* Content */
.content {{
padding: 20px 30px;
}}
.content p {{
margin-bottom: 16px;
}}
.details {{
background: #f3f4f6;
padding: 15px;
margin: 20px 0;
border-left: 4px solid #00267F;
border-radius: 4px;
}}
.details p {{
margin: 5px 0;
}}
.details strong {{
color: #333333;
}}
/* Footer */
.footer {{
background: #58c3d7;
text-align: center;
padding: 20px;
color: #ffffff;
border-bottom-left-radius: 8px;
border-bottom-right-radius: 8px;
}}
.footer img {{
margin: 10px auto;
width: 80px;
}}
.github-link {{
display: inline-block;
padding: 8px 15px;
background: rgba(255, 255, 255, 0.1);
border-radius: 5px;
color: #ffffff;
text-decoration: none;
transition: background 0.3s ease;
margin-top: 10px;
}}
.github-link:hover {{
background: rgba(255, 255, 255, 0.2);
}}
.github-link img {{
width: 20px;
height: 20px;
vertical-align: middle;
margin-right: 8px;
filter: invert(1);
}}
.classification {{
text-align: center;
font-size: 12px;
color: #888888;
margin-top: 15px;
}}
</style>
</head>
<body>
<div class="container">
<!-- Header -->
<div class="header">
<img src="{settings.WATCHER_LOGO_BASE64}" alt="Watcher Logo">
<h1>DNS Finder: Alert #{alert.pk}</h1>
</div>
<!-- Content -->
<div class="content">
<p>Dear team,</p>
<p>A new Twisted DNS record has been detected:</p>
<div class="details">
<p><strong>Domain Name:</strong> {alert.dns_twisted.domain_name}</p>
<p><strong>Asset Monitored:</strong> {alert.dns_twisted.dns_monitored}</p>
</div>
<p>You can check more details <a href="{settings.WATCHER_URL}#/dns_finder">here.</a></p>
<p>Kind Regards,</p>
<p><strong>Watcher</strong></p>
</div>
<!-- Footer -->
<div class="footer">
<a href="https://github.com/thalesgroup-cert/Watcher" class="github-link">
<img src="https://cdnjs.cloudflare.com/ajax/libs/simple-icons/3.0.1/github.svg" alt="GitHub">
View Watcher on GitHub
</a>
</div>
</div>
<p class="classification">[{settings.EMAIL_CLASSIFICATION}]</p>
</body>
</html>
"""
return body
Loading

0 comments on commit 77c9d14

Please sign in to comment.