1 minute Canaries

chapindb

Chapin Bryce

Posted on October 16, 2022

1 minute Canaries

Visibility is everything in cyber security. Let's increase the visibility of suspicious activity in your environment in 1 minute.

Ready?

Step 1: Visit https://canarytokens.org

CanaryTokens.org home page

Step 2: Select the type of canary token that matches your system or your risk. For example, you may choose an Excel or Word document on a corporate device, or AWS keys or a MySQL dump on a developer or server. There are a lot of options here, freely available for your use.

The many options for Canary Tokens

Step 3: Enter the contact email address or a web hook URL (or both!) to notify when your canary is used.

Configuring your token

Step 4: Click "Create my Canarytoken" to generate the token to place wherever you like!

The generated token

The site provides some recommendations, though feel free to get creative - put a token in an email, in a file named passwords.docx, on a file share, in your ~/.aws/credentials file, or if you're crazy enough, you can put them on your website.

[default]
aws_access_key_id = AKIAYVP4CIPPHKZTDHPV
aws_secret_access_key = s5Qi2UmF8jZoES/9q7+/jN6c0uAieT7gZn5Vb9oW
output = json
region = us-east-2
Enter fullscreen mode Exit fullscreen mode

That's all! Now you will get a heads up when someone is snooping around or accessing resources. Have fun with it, share your creative use cases, and pass along this tip to a friend.

💖 💪 🙅 🚩
chapindb
Chapin Bryce

Posted on October 16, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related