Canarytokens is a simple and effective method for detecting unauthorized access and activity within your systems. It allows you to create various types of 'tokens' (files, URLs, QR codes, etc.) that, when accessed or triggered, send you an alert.
Key features:
- Variety of Token Types: Supports creating tokens for various use cases, including web bugs, file access, process monitoring, and more.
- Easy to Deploy: Simple to set up and integrate into existing infrastructure.
- Early Breach Detection: Provides early warning of potential security breaches.
- Customizable Alerts: Configurable notification methods (email, webhooks) to suit your needs.
Use cases:
- Detecting unauthorized file access: Embed a token in a sensitive file; if the file is opened, you'll be notified.
- Identifying internal reconnaissance: Place tokens on internal web pages or network shares to detect unauthorized scanning.
- Monitoring application usage: Integrate tokens into applications to track usage patterns and identify suspicious activity.
- Phishing detection: Use tokens in phishing campaigns to identify compromised accounts.