{"id":13464074,"url":"https://github.com/thinkst/canarytokens","last_synced_at":"2025-05-14T05:11:51.351Z","repository":{"id":35674336,"uuid":"39949815","full_name":"thinkst/canarytokens","owner":"thinkst","description":"Canarytokens helps track activity and actions on your network.","archived":false,"fork":false,"pushed_at":"2025-05-07T16:14:41.000Z","size":59572,"stargazers_count":1838,"open_issues_count":14,"forks_count":266,"subscribers_count":43,"default_branch":"master","last_synced_at":"2025-05-07T16:42:08.034Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"http://canarytokens.org","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/thinkst.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2015-07-30T12:39:30.000Z","updated_at":"2025-05-06T09:10:23.000Z","dependencies_parsed_at":"2023-01-16T23:01:38.762Z","dependency_job_id":"51f1c399-2b9b-41e8-8f2f-65b24996f886","html_url":"https://github.com/thinkst/canarytokens","commit_stats":{"total_commits":728,"total_committers":50,"mean_commits":14.56,"dds":0.8241758241758241,"last_synced_commit":"f2e492d3bb1401e98543f485b3d190d4606bd0f2"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thinkst%2Fcanarytokens","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thinkst%2Fcanarytokens/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thinkst%2Fcanarytokens/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/thinkst%2Fcanarytokens/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/thinkst","download_url":"https://codeload.github.com/thinkst/canarytokens/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254076850,"owners_count":22010611,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T14:00:33.701Z","updated_at":"2025-05-14T05:11:46.340Z","avatar_url":"https://github.com/thinkst.png","language":"HTML","funding_links":[],"categories":["Honeypots","HTML","Python","\u003ca id=\"eec238a1a2657b70f7bbbe68a4421249\"\u003e\u003c/a\u003e其他","蜜罐"],"sub_categories":["Policy enforcement","Supply chain security","\u003ca id=\"b239f12aca7aa942b45836032cbef99a\"\u003e\u003c/a\u003e转换","策略执行"],"readme":"\u003cimg src=\"http://canarytokens.org/resources/logo.png\" width=\"200\" /\u003e\n\n# Canarytokens\n\nby Thinkst Applied Research\n\n## Overview\n\nCanarytokens help track activity and actions on your network.\n\nIf you have any issues please check out our FAQ over [here](https://github.com/thinkst/canarytokens/wiki#), or create an issue and we'll try to get back to you as soon as possible.\n\n## Table of Contents\n - [Code of Conduct](#code-of-conduct)\n - [Deprecations](#deprecations)\n - [Installation](#installation)\n - [Configuration](#configuration)\n - [Configuration of Outgoing SMTP](#configuration-of-outgoing-smtp)\n - [Alert throttling](#alert-throttling)\n - [Webhook failure limiting](#webhook-failure-limiting)\n - [FAQ](#faq)\n - [Contributing](#contributing)\n\n## Code of Conduct\n\nThis project and everyone participating in it is governed by the\n[Code of Conduct](https://github.com/thinkst/.github/blob/master/CODE_OF_CONDUCT.md).\nBy participating, you are expected to uphold this code. Please report unacceptable behavior\nto github@thinkst.com.\n\n## Deprecations\n\n* The Slack API Token is deprecated and it's no longer possible to create new ones. Old tokens will still work.\n\n## Installation\n\nWe recommend [the Docker image installation process](https://github.com/thinkst/canarytokens-docker).\n\n## Configuration\n\n\nThe Canarytokens server can use many different settings configurations. You can find them in `settings.py`. There are two\nmain settings files: `frontend.env` and `switchboard.env`.\n\nThe `frontend.env` contains the frontend process settings such as:\n- CANARY_DOMAINS=mytesttokensdomain.com\n- CANARY_NXDOMAINS=pdf.demo.canarytokens.net\n- CANARY_AWSID_URL=\u003ccustom awsid url\u003e\n- CANARY_WEB_IMAGE_UPLOAD_PATH=/uploads\n- CANARY_GOOGLE_API_KEY=\u003ccustom google maps api key\u003e\n- LOG_FILE=frontend.log\n\nThe `switchboard.env` contains the switchboard process settings such as:\n\n| Variable Name | Value |\n|---------------------------------|--------------------------------------------------|\n| CANARY_MAILGUN_DOMAIN_NAME | \u003cmailgun domain\u003e |\n| CANARY_MAILGUN_API_KEY | |\n| CANARY_MANDRILL_API_KEY | |\n| CANARY_SENDGRID_API_KEY | |\n| CANARY_PUBLIC_IP | \u003cinstead of using a domain\u003e |\n| CANARY_PUBLIC_DOMAIN | \u003cinstead of using an IP\u003e |\n| CANARY_ALERT_EMAIL_FROM_ADDRESS | noreply@yourdomain.com |\n| CANARY_ALERT_EMAIL_FROM_DISPLAY | \"Canarytoken Mailer\" |\n| CANARY_ALERT_EMAIL_SUBJECT | \"Alert\" |\n| CANARY_MAX_ALERTS_PER_MINUTE | 1000 |\n| CANARY_SMTP_USERNAME | \u003csmtp username\u003e |\n| CANARY_SMTP_PASSWORD | \u003csmtp password\u003e |\n| CANARY_SMTP_SERVER | smtp.gmail.com |\n| CANARY_IPINFO_API_KEY | \u003cipinfo.io api key\u003e |\n| CANARY_SMTP_PORT | 587 |\n| CANARY_WEB_IMAGE_UPLOAD_PATH | /uploads |\n| LOG_FILE | switchboard.log |\n| ERROR_LOG_WEBHOOK | \u003cURI of a webhook you want Error Logs posted to\u003e |\n| CANARY_FORCE_HTTPS | force `https` protocol scheme for Canarytokens |\n\nPlease note that when choosing which email provider you would like to use, you **MUST** only provide\ninformation related to that provider. E.g. if you have `CANARY_MAILGUN_API_KEY` then you must remove the others such as\n`CANARY_SENDGRID_API_KEY` and `CANARY_MANDRILL_API_KEY`.\n\nIf you are using Mailgun's European infrastructure for your Canarytokens Server, you will need to add `CANARY_MAILGUN_BASE_URL=https://api.eu.mailgun.net` to your `switchboard.env`. If you do not specify that,\nwe will use the regular URL as 'https://api.mailgun.net' as the default.\n\nLastly, we have added the ability to specify your own AWSID lambda so that you may host your own. The setting is placed in\n`frontend.env` under `CANARY_AWSID_URL`. If this value is not specified, it will use our default hosted lambda.\n\n### Configuration of Outgoing SMTP\n\nWhen configuring outgoing SMTP please consider the following:\n\nRestrictions:\n* no other provider like Mailgun or Sendgrid must be configured for this to work\n* For AWS SES `CANARY_ALERT_EMAIL_FROM_DISPLAY` should be in the format: `CANARY_ALERT_EMAIL_FROM_DISPLAY=CanaryAlert \u003ccanaryalert@my-email-domain.here\u003e`\n\nThe following settings have to be configured in `switchboard.env` for SMTP to work:\n* CANARY_SMTP_SERVER: the SMTP server\n* CANARY_SMTP_PORT: the port number of the SMTP server (must be a StartTLS enabled port!)\n* CANARY_SMTP_USERNAME: Username for the SMTP server (no anonymous SMTP supported right now)\n* CANARY_SMTP_PASSWORD: the password that corresponds to the username\n\nA complete example config in `switchboard.env` then looks like this:\n```\nCANARY_SMTP_SERVER=smtp.yourserver.com\nCANARY_SMTP_PORT=587\nCANARY_SMTP_USERNAME=\u003cyour smtp username\u003e\nCANARY_SMTP_PASSWORD=\u003cyour smtp password\u003e\nCANARY_ALERT_EMAIL_FROM_ADDRESS=canary@yourdomain.com\nCANARY_ALERT_EMAIL_SUBJECT=\"Canary Alert via SMTP\"\n```\n\n## Alert throttling\nBy default, unless running in DEBUG mode, no more than 1 alert per unique calling IP per\nminute is permitted. Activity will still be recorded in the database, and visible in\nthe token management console, but alerts will not be generated (email and/or webhook).\n\nThis is tunable with the switchboard ENV variable `CANARY_MAX_ALERTS_PER_MINUTE`.\n\n## Webhook failure limiting\nAfter a webhook returns an error 5 times in a row, it is disabled. This behaviour can be\ntuned with `MAX_ALERT_FAILURES`.\n\n## FAQ\n\nWe have a FAQ over [here](https://github.com/thinkst/canarytokens/wiki)\n\n## Contributing\n\nPlease check out our [Code of Conduct](https://github.com/thinkst/.github/blob/master/CODE_OF_CONDUCT.md) and [Contributing](https://github.com/thinkst/.github/blob/master/CONTRIBUTING.md) documents before submitting a pull request.\n\nWe look forward to your valuable contributions.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthinkst%2Fcanarytokens","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fthinkst%2Fcanarytokens","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fthinkst%2Fcanarytokens/lists"}