H 13: CanaryTokens (5 pts)
What You Need
Any computer with Web access.
Background
Canary Tokens are email addresses, URLs,
and other objects which can be detected
when they are used. A defender puts them
on servers, among other
data that might be stolen.
If they are used, that indicates that someone
has stolen that data.
Making a Web Bug
In a browser, go to
http://canarytokens.org/generate
Enter these values, as shown below,
replacing YOURNAME with your
own name.
- Web bug / URL token
- An email address you can access
- Web bug from YOURNAME

Click the "Create my Canarytoken"
button.
On the next page, click the
little green icon to copy the token
to the Clipboard,
as shown below.

Click the "Create my Canarytoken"
button.
Testing the Web Bug
Paste the token into a browser and press
Enter to visit that URL.
It's just blank page,
as shown below.

H 13.1: Company Name (5 pts)
Read the email address you specified.
You get a message titled
"Your Canarytoken was Triggered",
as shown below.
The flag is the name of the company
powering this service, covered by a green
box in the image below.

References
How You Can Set up Honeytokens Using Canarytokens to Detect Intrusions
Posted 10-2-17
Updated to new scoring engine 7-11-19