Creation of the common module and notification system

Created a new Django App to centralize the generic functions of Watcher used by multiple modules.
Refactored the notification system to integrate SMTPS protocol (replacing SMTP).
Added automatic alert creation in TheHive via Feeder.
Integrated notifications through the Citadel enterprise application (via APIs).
Added Slack notifications (via APIs).

.env

@@ -38,7 +38,7 @@ EMAIL_CLASSIFICATION=INTERNAL
 # THE HIVE Setup
 THE_HIVE_URL=
 THE_HIVE_VERIFY_SSL=False
-THEHIVE_API_KEY=
+THE_HIVE_API_KEY=
 THE_HIVE_CASE_ASSIGNEE=watcher
 THE_HIVE_TAGS=Watcher,Impersonation,Malicious Domain,Typosquatting
 THE_HIVE_CUSTOM_FIELD=watcher-id

Watcher/Watcher/common/core.py

@@ -14,7 +14,7 @@
 from .mail_template.site_monitoring_template import get_site_monitoring_template
 
 thehive_url = settings.THE_HIVE_URL
-api_key = settings.THEHIVE_API_KEY
+api_key = settings.THE_HIVE_API_KEY
 
 from datetime import datetime  
 from secrets import token_hex  

Watcher/Watcher/common/utils/send_thehive_alerts.py

@@ -65,7 +65,7 @@ def send_thehive_alert(title, description, severity, tags, app_name, domain_name
     :rtype: None
     """
     thehive_url = thehive_url or settings.THE_HIVE_URL
-    api_key = api_key or settings.THEHIVE_API_KEY
+    api_key = api_key or settings.THE_HIVE_API_KEY
 
     ticket_id = None
 

Watcher/Watcher/watcher/settings.py

@@ -116,7 +116,7 @@
     THE_HIVE_VERIFY_SSL = True
 if THE_HIVE_VERIFY_SSL == "False":
     THE_HIVE_VERIFY_SSL = False
-THEHIVE_API_KEY = os.environ.get('THEHIVE_API_KEY', '')
+THE_HIVE_API_KEY = os.environ.get('THE_HIVE_API_KEY', '')
 THE_HIVE_CASE_ASSIGNEE = os.environ.get('THE_HIVE_CASE_ASSIGNEE', 'watcher')
 THE_HIVE_TAGS = os.environ.get('THE_HIVE_TAGS', "Watcher,Impersonation,Malicious Domain,Typosquatting").split(",")
 THE_HIVE_CUSTOM_FIELD = os.environ.get('THE_HIVE_CUSTOM_FIELD', 'watcher-id')