Thinkst Canarytokens Detector and Diffuser/Nullifier Logo

Thinkst Canarytokens Detector and Diffuser/Nullifier

0
Free
Visit Website

A simple script to detect and remove Canary Tokens. Installation (tested on MacOS 14): git clone https://github.com/referefref/canarytokendetector.git cd canarytokendetector brew install pdftk-java python3 python3-pip -y pip3 install pefile wget https://raw.githubusercontent.com/DidierStevens/DidierStevensSuite/master/disitool.py. Examples: Example running in directory, test-only mode with report output. Example running in nullify, verbose, directory mode (vdf). Background and warranty: I wrote this script to augment a chapter on a book I'm writing about deception technologies, specifically around detection mechanisms for tokens. The detections are simple signature-based detections which could easily be adjusted or randomized by Thinkst in the future. This exists as a PoC, and no warranty of any is provided for the use (or misuse) of this application. Your actions are your own. You execute this at your own risk.

FEATURES

ALTERNATIVES

Boomerang Decompiler is a machine code decompiler supporting various architectures and file formats, with a focus on high-level language output.

A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases

Generates a YARA rule to match basic blocks of the current function in IDA Pro

A tool that recovers passwords from pixelized screenshots

Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.

A simple Python script to test for a hypothetical JWT vulnerability

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

A Burp extension to check JWT tokens for potential weaknesses

PINNED