Mr.Trunk · @mrtrunk
9 followers · 16762 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
10 followers · 16661 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
10 followers · 16455 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
10 followers · 16364 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
10 followers · 16246 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
9 followers · 16129 posts · Server dromedary.seedoubleyou.me
Mr.Trunk · @mrtrunk
9 followers · 15920 posts · Server dromedary.seedoubleyou.me
dispatch · @dispatch
569 followers · 3319 posts · Server ioc.exchange
Mr.Trunk · @mrtrunk
7 followers · 15707 posts · Server dromedary.seedoubleyou.me

Looking for an DBMS-way to implement with a that sends a pingback if a certain row is queried. Research...
canarytokens.org/generate

#canarytokens #mongodb

Last updated 2 years ago

Ellie · @nilokuma
210 followers · 262 posts · Server infosec.exchange

Today is a good day to add canary tokens to your infrastructure!



Did you know you can get free from @ThinkstCanary to alert on suspicious activity?

On canarytokens.org/generate, you can generate a whole range of “canaries”, or assets that look like one thing but will actually email you as soon as someone or something interacts with them.



A canary can be a pdf file called “password.pdf”, left on server, a computer or attached to an email. 



A canary can be AWS keys, left in a config file or committed in a private git repo.

A canary can listen for SQL commands or command being run.

A canary can be an email address, included in customer or employee lists.

They are traps you place, so you know something’s been compromised and your team can start investigating immediately *.

Check out the documentation for more examples and use cases: docs.canarytokens.org/guide/

Set up your free this month! 



* These are free so there are some limitations, but still super neat to have.

#canarytokens #honeypots #newyearresolutions

Last updated 2 years ago

Now is a good time for you to drop couple of in your chats. You might get lucky...

#aws #canarytokens #slack #detectionengineering #spotthebirdie

Last updated 2 years ago

Patryk Krawaczyński · @agresor
32 followers · 75 posts · Server infosec.exchange

of the day: Search for AKIA*, ASIA* and ABIA* in your slack/teams/jira/confluence etc, you might be surprised. do the same, you might get lucky 😅
teams drop some API key in your chatops tooling, when it triggers an alert you know you have a problem

#BlueTeamtoot #redteams #detectionengineering #aws #canarytokens

Last updated 2 years ago