Deploys honeytokens like fake AWS credentials, DNS canaries, document beacons, and database records that trigger alerts on access using Canarytokens API and webhooks. For breach detection in security operations.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
在关键系统中部署蜜标以检测未经授权的访问。每种令牌类型在被攻击者触发时通过 Webhook 发送告警。
Deploys honeytokens like fake AWS credentials, DNS canaries, document beacons, and DB records using Canarytokens API and webhooks to alert on attacker access. For intrusion detection systems.
Deploys honeytokens including fake AWS credentials, DNS canaries, document beacons, and DB records via Canarytokens API and webhooks to alert on attacker access for intrusion detection.
Deploys and monitors Thinkst Canary tokens via Python API, including Web Bug, DNS, document, and AWS key tokens for deception-based intrusion detection, alerts, and coverage reports.
Share bugs, ideas, or general feedback.
在关键系统中部署蜜标以检测未经授权的访问。每种令牌类型在被攻击者触发时通过 Webhook 发送告警。
import requests
# 通过 Canarytokens 创建 DNS 金丝雀令牌
resp = requests.post("https://canarytokens.org/generate", data={
"type": "dns",
"email": "soc@company.com",
"memo": "生产 DB 服务器蜜标",
})
token = resp.json()
print(f"DNS 令牌:{token['hostname']}")
需要部署的令牌类型:
# 生成带金丝雀令牌的伪造 AWS 凭据文件
aws_creds = f"[default]\naws_access_key_id = {canary_key_id}\naws_secret_access_key = {canary_secret}\n"
with open("/opt/backup/.aws/credentials", "w") as f:
f.write(aws_creds)