1 minute Canaries
Chapin Bryce
Posted on October 16, 2022
Visibility is everything in cyber security. Let's increase the visibility of suspicious activity in your environment in 1 minute.
Ready?
Step 1: Visit https://canarytokens.org
Step 2: Select the type of canary token that matches your system or your risk. For example, you may choose an Excel or Word document on a corporate device, or AWS keys or a MySQL dump on a developer or server. There are a lot of options here, freely available for your use.
Step 3: Enter the contact email address or a web hook URL (or both!) to notify when your canary is used.
Step 4: Click "Create my Canarytoken" to generate the token to place wherever you like!
The site provides some recommendations, though feel free to get creative - put a token in an email, in a file named passwords.docx
, on a file share, in your ~/.aws/credentials
file, or if you're crazy enough, you can put them on your website.
[default]
aws_access_key_id = AKIAYVP4CIPPHKZTDHPV
aws_secret_access_key = s5Qi2UmF8jZoES/9q7+/jN6c0uAieT7gZn5Vb9oW
output = json
region = us-east-2
That's all! Now you will get a heads up when someone is snooping around or accessing resources. Have fun with it, share your creative use cases, and pass along this tip to a friend.
Posted on October 16, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.