Ghostwriter icon indicating copy to clipboard operation
Ghostwriter copied to clipboard
verified publisher icon GhostManager

Teams notifications

Open domwhewell opened this issue 2 years ago • 2 comments

Issue https://github.com/GhostManager/Ghostwriter/issues/127

Description of the Change This PR adds support for teams notifications

  • A new NotificationsCenter class has been added (notifications_all.py) which routes notifications based on whats enabled (Can be to both Slack and Teams)
    • This new class has only slight variations on the current SlackNotifications class
  • The Slack Configuration model has been changed to a Notifications Configuration model which will hold all the configuration for all avaliable notification types (currently only slack and teams)

I have changed the Review Configuration and the admin page to reflect the ability to enable and configure both teams and slack. The oplog and background tasks have all been updated to use the new NotificationCenter to send a notification. which is then routed based on what is enabled

Alternate Designs I think this is the most efficient design rather than having a new Configuration model for each notification service

Possible Drawbacks None but Microsoft teams has a per channel webhook unlike slack so this does not give teams the ability to post to a specific project teams channel

Verification Process Have created tests for the new models, and have also used both a teams and slack webhook to send notifications

Release Notes Added support for microsoft teams in a new "Notifications Configuration" under command center

domwhewell avatar Nov 06 '23 14:11 domwhewell

Awesome work with this! I've just added your code to my notifications branch and can confirm it works! How come this wasn't merged years ago?

usr8123667 avatar Apr 23 '25 10:04 usr8123667

When the project started, I added some common APIs and webhooks to the framework—like Slack and VirusTotal. There are many APIs we could add to the project to support various registrars, communication mediums, and other things. Development and maintenance of those features requires access and significant time. I don't have the time required to set up access and test cases for more of these, so several years ago I announced these sorts of additions should be developed as extensions instead of additions to the main project. I'd love to support notification options like Teams, Pushover, and others, but that becomes very difficult. Domwhewell has submitted a lot of great feedback and PRs for the project. This is no different, but merging it requires also taking on the maintenance.

You can take the work in this PR and adapt it into tasks that can be called as "hooks" for the background tasks. You can run a task (one that's built-in or custom) and then call a hook that sends a Teams notification. The one downside of this is the configuration isn't in the admin panel, but that may not be a problem because the configuration probably won't change that often.

For example, SpecterOps needed some automation for parking domains after their use. One of our consultants developed a task to automate this. Whenever the built-in task to release checked out domains runs, it calls the custom task as a hook. The hook takes the released domains and configured their DNS to park them.

chrismaddalena avatar Apr 23 '25 17:04 chrismaddalena