Have you been pwned?
Canarytokens is made for both business platforms and individuals. You can set different alerts for different unauthorized tasks running or trying to run on your system. Whenever an intruder tries to run the task you’ve set up a honeypot for, you will be notified by an alert sent to your inbox or phone number whatever you’ve configured on canary tokens to send notifications.
You can visit How to set up a honeypot in Kali Linux to know more about configuring honeypot on Kali Linux systems.
Let’s see some of the features Canarytokens provide.
1.Receive an alert when a Windows Folder is browsed
2. Receiving an alert when a URL is visited
Detect if a file is infected with Canary token
./peepdf.py -i pdf file location
Here, at the bottom line, it detected a suspicious element /AA, at the object 13. We need to investigate the object 13.
At this point we got ‘/AA << /0 16 0 R >>‘. Now we have to look at the object 16 to find out what’s going on. The action type of the object is /URI. That means it contains a URL that refers to the Canary tokens platform.
That’s how we can investigate a PDF file to know about suspicious elements embedded with the file.