Thinkst Canarytokens Detector and Diffuser/Nullifier Logo

Thinkst Canarytokens Detector and Diffuser/Nullifier

0
Free
Visit Website

A simple script to detect and remove Canary Tokens. Installation (tested on MacOS 14): git clone https://github.com/referefref/canarytokendetector.git cd canarytokendetector brew install pdftk-java python3 python3-pip -y pip3 install pefile wget https://raw.githubusercontent.com/DidierStevens/DidierStevensSuite/master/disitool.py. Examples: Example running in directory, test-only mode with report output. Example running in nullify, verbose, directory mode (vdf). Background and warranty: I wrote this script to augment a chapter on a book I'm writing about deception technologies, specifically around detection mechanisms for tokens. The detections are simple signature-based detections which could easily be adjusted or randomized by Thinkst in the future. This exists as a PoC, and no warranty of any is provided for the use (or misuse) of this application. Your actions are your own. You execute this at your own risk.

FEATURES

ALTERNATIVES

A minimal library to generate YARA rules from JAVA with maven support.

Go bindings for YARA with installation and build instructions.

A serverless, real-time, and retroactive malware detection tool that scans files with YARA rules and alerts incident response teams.

Pwndbg is a GDB plug-in that enhances the debugging experience for low-level software developers, hardware hackers, reverse-engineers, and exploit developers.

A tool to locally check for signs of a rootkit with various checks and tests.

A tool for searching a Git repository for interesting content

Detect capabilities in executable files and identify potential behaviors.

Multi-cloud antivirus scanning API with CLAMAV and YARA support for AWS S3, Azure Blob Storage, and GCP Cloud Storage.