π―HoneyPots
Last updated
Last updated
Canary tokens are a free, quick, painless way to help defenders discover they've been breached (by having attackers announce themselves.)\
How tokens works (in 3 short steps):
Visit the site and get a free token (which could look like an URL or a hostname, depending on your selection.)
If an attacker ever uses the token somehow, we will give you an out of band (email or sms) notification that it's been visited.
As an added bonus, we give you a bunch of hints and tools that increase the likelihood of an attacker tripping on a canary token.
More Details:
Tokens consist of a unique identifier (which can be embedded in either HTTP URLs or in hostnames.) Whenever that URL is requested, or the hostname is resolved, we send a notification email to the address tied to the token. You can get one in seconds, using just your browser.
A vulnerability using which an attacker can obtain the information of all the users without their knowledge. He can steal his IP address, ISP, country name, city name, region, Device info, browser details.
This vulnerability can be found on the places where you have an option of uploading an image using URL eg. forums, discussion pages, comments sections, messages, fetching image using <img src=βURLβ> tag etc.
Go to IPLogger and generate an invisible image
After that a link will be generated, copy it and click on Logged IPβs
Now upload the image : 2 ways
Fetch image using web
Fetch image using <img src=βURLβ> tag
