-
Notifications
You must be signed in to change notification settings - Fork 126
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Creation of the common module and notification system
Created a new Django App to centralize the generic functions of Watcher used by multiple modules. Refactored the notification system to integrate SMTPS protocol (replacing SMTP). Added automatic alert creation in TheHive via Feeder. Integrated notifications through the Citadel enterprise application (via APIs). Added Slack notifications (via APIs).
- Loading branch information
ygal
authored and
ygal
committed
Dec 4, 2024
1 parent
0a24d9b
commit 77c9d14
Showing
56 changed files
with
2,101 additions
and
1,412 deletions.
There are no files selected for viewing
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
from django.contrib import admin | ||
|
||
# Register your models here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
from django.apps import AppConfig | ||
|
||
|
||
class CommonConfig(AppConfig): | ||
default_auto_field = 'django.db.models.BigAutoField' | ||
name = 'common' |
Large diffs are not rendered by default.
Oops, something went wrong.
2 changes: 1 addition & 1 deletion
2
...data_leak/mail_template/group_template.py → ...mail_template/data_leak_group_template.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
160 changes: 160 additions & 0 deletions
160
Watcher/Watcher/common/mail_template/data_leak_template.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,160 @@ | ||
from django.conf import settings | ||
|
||
|
||
def get_data_leak_template(alert): | ||
github_repo = "https://github.com/thalesgroup-cert/Watcher" | ||
body = """\ | ||
<html> | ||
<head> | ||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> | ||
<style> | ||
/* Reset Styles */ | ||
body, p, table, td, div { | ||
margin: 0; | ||
padding: 0; | ||
font-family: 'Lato', sans-serif; | ||
line-height: 1.6; | ||
} | ||
/* Base Styles */ | ||
body { | ||
background-color: #f5f7fa; | ||
color: #2d3748; | ||
font-size: 14px; | ||
} | ||
.container { | ||
max-width: 600px; | ||
margin: 20px auto; | ||
background: #ffffff; | ||
border-radius: 8px; | ||
overflow: hidden; | ||
box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1); | ||
} | ||
/* Header Styles */ | ||
.header { | ||
background: linear-gradient(135deg, #00267F 0%, #1a365d 100%); | ||
padding: 30px 20px; | ||
text-align: center; | ||
} | ||
.header h1 { | ||
color: #ffffff; | ||
font-size: 24px; | ||
font-weight: 600; | ||
margin: 0; | ||
text-transform: uppercase; | ||
} | ||
.header img { | ||
width: 80px; | ||
height: auto; | ||
margin-bottom: 15px; | ||
} | ||
/* Content Styles */ | ||
.content { | ||
padding: 40px 30px; | ||
} | ||
.content p { | ||
margin-bottom: 20px; | ||
color: #4a5568; | ||
} | ||
.details { | ||
background: #f3f4f6; | ||
border-left: 4px solid #00267F; | ||
padding: 15px 20px; | ||
margin: 20px 0; | ||
border-radius: 0 4px 4px 0; | ||
} | ||
.details p { | ||
margin: 8px 0; | ||
color: #2d3748; | ||
font-size: 15px; | ||
} | ||
/* Footer Styles */ | ||
.footer { | ||
background: #58c3d7; | ||
padding: 30px 20px; | ||
text-align: center; | ||
} | ||
.footer-logo img { | ||
width: 90px; | ||
height: 90px; | ||
} | ||
.github-link { | ||
display: inline-block; | ||
padding: 8px 15px; | ||
background: rgba(255, 255, 255, 0.1); | ||
border-radius: 5px; | ||
color: #ffffff; | ||
text-decoration: none; | ||
transition: background 0.3s ease; | ||
} | ||
.github-link:hover { | ||
background: rgba(255, 255, 255, 0.2); | ||
} | ||
.github-link img { | ||
width: 20px; | ||
height: 20px; | ||
vertical-align: middle; | ||
margin-right: 8px; | ||
filter: invert(1); | ||
} | ||
.classification { | ||
text-align: center; | ||
font-size: 12px; | ||
color: #718096; | ||
margin-top: 20px; | ||
} | ||
</style> | ||
</head> | ||
<body> | ||
<div class="container"> | ||
<!-- Header --> | ||
<div class="header"> | ||
<img src=\"""" + str(settings.WATCHER_LOGO_BASE64) + """\" alt="Watcher Logo"> | ||
<h1>Data Leak Alert #""" + str(alert.pk) + """</h1> | ||
</div> | ||
<!-- Content --> | ||
<div class="content"> | ||
<p>Dear team,</p> | ||
<p>A new data leakage alert has been detected: for the keyword:</p> | ||
<div class="details"> | ||
<p><strong>Keyword:</strong> """ + str(alert.keyword) + """</p> | ||
<p><strong>Source:</strong> """ + str(alert.url) + """</p> | ||
</div> | ||
<p>You can check more details <a href="{settings.WATCHER_URL}#/website_monitoring">here.</a></p> | ||
<p>Kind Regards,<br> | ||
<strong>Watcher</strong></p> | ||
</div> | ||
<!-- Footer --> | ||
<div class="footer"> | ||
<a href=\"""" + github_repo + """\" class="github-link"> | ||
<img src="https://cdnjs.cloudflare.com/ajax/libs/simple-icons/3.0.1/github.svg" alt="GitHub"> | ||
View Watcher on GitHub | ||
</a> | ||
</div> | ||
</div> | ||
<p class="classification">[""" + str(settings.EMAIL_CLASSIFICATION) + """]</p> | ||
</body> | ||
</html> | ||
""" | ||
return body |
2 changes: 1 addition & 1 deletion
2
...ate/default_template_cert_transparency.py → ..._template/dns_finder_cert_transparency.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...ns_finder/mail_template/group_template.py → ...ail_template/dns_finder_group_template.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
166 changes: 166 additions & 0 deletions
166
Watcher/Watcher/common/mail_template/dns_finder_template.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,166 @@ | ||
from django.conf import settings | ||
|
||
def get_dns_finder_template(alert): | ||
""" | ||
Génère un email HTML pour une alerte DNS Finder. | ||
:param alert: Objet contenant les informations sur l'alerte. | ||
:return: Contenu HTML de l'email. | ||
""" | ||
body = f"""\ | ||
<html> | ||
<head> | ||
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> | ||
<style> | ||
/* Reset Styles */ | ||
body, table, td, p {{ | ||
margin: 0; | ||
padding: 0; | ||
font-family: 'Lato', sans-serif; | ||
color: #333333; | ||
line-height: 1.6; | ||
}} | ||
body {{ | ||
background-color: #f9fafc; | ||
font-size: 14px; | ||
}} | ||
.container {{ | ||
max-width: 600px; | ||
margin: 20px auto; | ||
background: #ffffff; | ||
border-radius: 8px; | ||
box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1); | ||
}} | ||
/* Header */ | ||
.header {{ | ||
background: linear-gradient(135deg, #00267F 0%, #1a365d 100%); | ||
color: #ffffff; | ||
padding: 20px; | ||
text-align: center; | ||
border-top-left-radius: 8px; | ||
border-top-right-radius: 8px; | ||
}} | ||
.header h1 {{ | ||
font-size: 24px; | ||
margin: 0; | ||
}} | ||
.header img {{ | ||
width: 80px; /* Taille réduite du logo */ | ||
height: auto; | ||
margin-bottom: 10px; | ||
}} | ||
/* Content */ | ||
.content {{ | ||
padding: 20px 30px; | ||
}} | ||
.content p {{ | ||
margin-bottom: 16px; | ||
}} | ||
.details {{ | ||
background: #f3f4f6; | ||
padding: 15px; | ||
margin: 20px 0; | ||
border-left: 4px solid #00267F; | ||
border-radius: 4px; | ||
}} | ||
.details p {{ | ||
margin: 5px 0; | ||
}} | ||
.details strong {{ | ||
color: #333333; | ||
}} | ||
/* Footer */ | ||
.footer {{ | ||
background: #58c3d7; | ||
text-align: center; | ||
padding: 20px; | ||
color: #ffffff; | ||
border-bottom-left-radius: 8px; | ||
border-bottom-right-radius: 8px; | ||
}} | ||
.footer img {{ | ||
margin: 10px auto; | ||
width: 80px; | ||
}} | ||
.github-link {{ | ||
display: inline-block; | ||
padding: 8px 15px; | ||
background: rgba(255, 255, 255, 0.1); | ||
border-radius: 5px; | ||
color: #ffffff; | ||
text-decoration: none; | ||
transition: background 0.3s ease; | ||
margin-top: 10px; | ||
}} | ||
.github-link:hover {{ | ||
background: rgba(255, 255, 255, 0.2); | ||
}} | ||
.github-link img {{ | ||
width: 20px; | ||
height: 20px; | ||
vertical-align: middle; | ||
margin-right: 8px; | ||
filter: invert(1); | ||
}} | ||
.classification {{ | ||
text-align: center; | ||
font-size: 12px; | ||
color: #888888; | ||
margin-top: 15px; | ||
}} | ||
</style> | ||
</head> | ||
<body> | ||
<div class="container"> | ||
<!-- Header --> | ||
<div class="header"> | ||
<img src="{settings.WATCHER_LOGO_BASE64}" alt="Watcher Logo"> | ||
<h1>DNS Finder: Alert #{alert.pk}</h1> | ||
</div> | ||
<!-- Content --> | ||
<div class="content"> | ||
<p>Dear team,</p> | ||
<p>A new Twisted DNS record has been detected:</p> | ||
<div class="details"> | ||
<p><strong>Domain Name:</strong> {alert.dns_twisted.domain_name}</p> | ||
<p><strong>Asset Monitored:</strong> {alert.dns_twisted.dns_monitored}</p> | ||
</div> | ||
<p>You can check more details <a href="{settings.WATCHER_URL}#/dns_finder">here.</a></p> | ||
<p>Kind Regards,</p> | ||
<p><strong>Watcher</strong></p> | ||
</div> | ||
<!-- Footer --> | ||
<div class="footer"> | ||
<a href="https://github.com/thalesgroup-cert/Watcher" class="github-link"> | ||
<img src="https://cdnjs.cloudflare.com/ajax/libs/simple-icons/3.0.1/github.svg" alt="GitHub"> | ||
View Watcher on GitHub | ||
</a> | ||
</div> | ||
</div> | ||
<p class="classification">[{settings.EMAIL_CLASSIFICATION}]</p> | ||
</body> | ||
</html> | ||
""" | ||
return body |
Oops, something went wrong.