Canary Codes for Curious Minds

Hey everyone!

Today, let’s learn about canary tokens. It would be short and sweet, as many of us are enjoying our exam season. But it is still super interesting! I have made sure you won’t miss out on our fun Thursday reads!

Canary tokens are digital tripwires. Tripwires are nothing but a trigger which gets activated when something unexpected happens.

For example, hiding a secret code in a document or system. If someone tries to decode it or access it without permission, it alerts you of suspicious activity.

These secret codes can be placed in documents, websites, or QR codes to catch intruders early on. They’re a simple but effective way to improve your security.

1. Web bug / URL token: Alert when a URL is visited

2. DNS token: Alert when a hostname is requested

3. AWS keys: Alert when AWS key is used

4. Sensitive command token: Alert when a suspicious Windows command is run

5. Microsoft Word document: Get alerted when a document is opened in Microsoft Word

6. Microsoft Excel document: Get alerted when a document is opened in Microsoft Excel

7. Cloned website: Trigger an alert when your website is cloned

8. QR code: Generate a QR code for physical tokens

9. MySQL dump: Get alerted when a MySQL dump is loaded

10. Windows folder: Be notified when a Windows Folder is browsed in Windows Explorer

11. Fast redirect: Alert when a URL is visited, User is redirected

12. Slow redirect: Alert when a URL is visited, User is redirected (More info is grabbed!)

13. Custom image web bug: Alert when an image you uploaded is viewed

14. Acrobat Reader PDF document: Get alerted when a PDF document is opened in Acrobat Reader

15. Custom exe / binary: Fire an alert when an EXE or DLL is executed

Now, Let’s start our process. We can either sniff out some information or set a trap for curious minds. Whatever you prefer, maybe? Just make sure that you don’t use this technique to harm someone.

Step 1: Go to the canarytokens website and select any method which you would like to try. I am using QR code technique here.

Step 2: add a webhook address or your email to get the alert.

Step 3: You have now successfully generated the QR code token. Scan it for the next step.

Step 4: Have you scanned the QR code? If yes, cool!

If not, go ahead & do it, maybe?

Step 5: Now, if you hover over your webhook address you will see the other details like these.

Interesting right?

Step 6: Now hover back again to you canary tokens website and click on “get more information”. There you will even see your map and other details can be downloaded in a json or csv file.

Isn’t this super super interesting??Now, you try it with something else, either URL or excel? I would appreciate if you tried this by yourself and if you found this interesting, give it a like!

See you on next Thursday!