AdvancedFIM_EmailAlerts.py

import os,hashlib,time,base64,sqlite3,configparser,smtplib,ssl
from email.mime.text import MIMEText
from getpass import getpass

db = sqlite3.connect('FileIntegrityMonitor.db')
db.row_factory = sqlite3.Row
cur=db.cursor()
conf = configparser.ConfigParser()
conf.read('FileIntegrityMonitor.ini')
def configureDatabase():
	db.execute('CREATE TABLE IF NOT EXISTS Monitor (ID INTEGER PRIMARY KEY AUTOINCREMENT, Path TEXT NOT NULL, Recursive BIT NULL)')
	db.execute('CREATE TABLE IF NOT EXISTS File (ID INTEGER PRIMARY KEY AUTOINCREMENT, FilePath TEXT NOT NULL)')
	db.execute('CREATE TABLE IF NOT EXISTS Hash (ID INTEGER PRIMARY KEY AUTOINCREMENT, FileID INTEGER NOT NULL, Hash TEXT NOT NULL)')
	db.execute('CREATE TABLE IF NOT EXISTS Recovery (ID INTEGER PRIMARY KEY AUTOINCREMENT, FileID INTEGER NOT NULL, Base64 TEXT NOT NULL)')
def initializeFiles():
	for fimFile in getFiles():
		ID=cur.execute('SELECT ID FROM File WHERE FilePath=?',(fimFile,)).fetchone()
		if ID == None:
			cur.execute('INSERT INTO File(FilePath) VALUES(?)',(fimFile,))
			newID = cur.lastrowid
			cur.execute('INSERT INTO Hash(FileID,Hash) VALUES(?,?)',(newID,getHash(fimFile),))
			cur.execute('INSERT INTO Recovery(FileID,Base64) VALUES(?,?)',(newID,getBase64(fimFile),))
		else:
			cur.execute('UPDATE Hash SET Hash=? WHERE FileID=?',(getHash(fimFile),ID[0],))
			cur.execute('UPDATE Recovery SET Base64=? WHERE FileID=?',(getBase64(fimFile),ID[0],))
	db.commit()
def getFiles():
	filesList=[]
	for x in cur.execute('SELECT * FROM Monitor').fetchall():
		if os.path.isdir(x['Path']):
			if x['Recursive']:
				filesList.extend([os.path.join(root, f) for (root, dirs, files) in os.walk(x['Path']) for f in files])
			else:
				filesList.extend([item for item in os.listdir(x['Path']) if os.path.isfile(item)])
		elif os.path.isfile(x['Path']):
			filesList.append(x['Path'])
	return filesList
def getHash(fimFile):
	with open(fimFile,"rb") as f:
		bytes = f.read()
	return hashlib.sha256(bytes).hexdigest()
def getBase64(fimFile):
	return base64.b64encode(open(fimFile, "rb").read())
def sendAlert(alert):
	sender_email = conf.get('Email', 'Username')
	receiver_email = conf.get('Email', 'Send_To')

	msg = MIMEText(alert)
	msg['Subject'] = 'Alert - File Change Detected'
	msg['From'] = sender_email
	msg['To'] = receiver_email

	context = ssl.create_default_context()
	with smtplib.SMTP("smtp.gmail.com", 587) as server:
		server.starttls(context=context)
		server.login(sender_email, password)
		server.sendmail(sender_email, receiver_email, msg.as_string())

configureDatabase()
initializeFiles()
files=getFiles()
password = getpass('Email Password: ')

while True:
	for fimFile in files:
		hash=getHash(fimFile)
		storedFile=cur.execute('SELECT * FROM File F LEFT JOIN Hash H ON F.ID=H.FileID WHERE FilePath=?',(fimFile,)).fetchone()
		if storedFile != None and hash != storedFile['Hash']:
			sendAlert('%s:\t%s has been changed!'%(time.strftime("%Y-%m-%d %H:%M:%S") , fimFile))
			exit()
	time.sleep(int(conf.get('Timer', 'Wait')))

EmailAlerts.py

sender_email = 'sender@gmail.com'
receiver_email = 'destination@email.com'
password = getpass('Email Password: ')

msg = MIMEText(message)
msg['Subject'] = 'Alert - File Change Detected'
msg['From'] = sender_email
msg['To'] = receiver_email

with smtplib.SMTP("smtp.gmail.com", 587) as server:
  server.starttls(context=ssl.create_default_context())
  server.login(sender_email, password)
  server.sendmail(sender_email, receiver_email, msg.as_string())

FileIntegrityMonitor.INI

[Timer]
Wait: 1

[Email]
Username: {SENDER'S EMAIL}
Send_To: {DESTINATION EMAIL}