Canary Tokens are traps to identify information leaks. Using canary tokens you can identify who has accessed your secret files (timestamp, geographical location, etc...)
You can generate canary tokens in different formats. To generate canary token you can visit below websites.
>> Lets start with the first website.
When you open the email alert you will see some details of the file access.
By clicking on the "Manage this Canarytoken" you can manage the future email notifications for this canary token.
By clicking on the "More info on this token" you can see details access information.
>> If you visit the second website first you have to enter two fields.
After clicking on "Generate Token" button you will see what are the available options to generate canary tokens. Below are some of the token types available.
For this example you can select "MS Word" and download the canary token file. When you open the file, you will get an email notification as below (you can edit the content of the downloaded MS Word file as you wish. You can include some false information and an attractive file name such as "my_passwords". So hackers will surely open that file and you will get their information)
When you open the email alert you will see all details of the file access.
When you visit the provided url at the bottom of the email, you will be able to see the file access history too.
Using MS Word files is just a one way to use canary tokens. There are lots of options available and you can use those wisely.
Cheers...!!
You can generate canary tokens in different formats. To generate canary token you can visit below websites.
>> Lets start with the first website.
- First you have to select the token type from the drop-down. For our easiness select "MS Word" option.
- your email address (when file is accessed, notification will be sent to this email address)
- some text to identify the token
Then download the generated canary token. When you open the file, you will get an email notification as below (you can edit the content of the downloaded MS Word file as you wish. You can include some false information and an attractive file name such as "my_passwords". So hackers will surely open that file and you will get their information)
When you open the email alert you will see some details of the file access.
By clicking on the "Manage this Canarytoken" you can manage the future email notifications for this canary token.
By clicking on the "More info on this token" you can see details access information.
>> If you visit the second website first you have to enter two fields.
- your email address (when file is accessed, notification will be sent to this email address)
- some text to identify the token
After clicking on "Generate Token" button you will see what are the available options to generate canary tokens. Below are some of the token types available.
- Web bugs
- DNS Tokens
- SMTP Token
- Remote Image
- QR Code
- SQL Server Alert on SELECT, UPDATE, INSERT, DELETE
- MS Word
- Acrobat Reader PDF
- SVN Token
- Signed EXE / DLL
- SecretKeeper Token
- Windows Directory Browsing
For this example you can select "MS Word" and download the canary token file. When you open the file, you will get an email notification as below (you can edit the content of the downloaded MS Word file as you wish. You can include some false information and an attractive file name such as "my_passwords". So hackers will surely open that file and you will get their information)
When you open the email alert you will see all details of the file access.
Using MS Word files is just a one way to use canary tokens. There are lots of options available and you can use those wisely.
Cheers...!!
