{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":223427005,"defaultBranch":"master","name":"canary-utils","ownerLogin":"thinkst","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2019-11-22T15:02:40.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/13569025?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1708078278.0","currentOid":""},"activityList":{"items":[{"before":"026818f43370e2a196ad4b01fecc7be7ddbd0a65","after":"16a90ee485874a05c3a5e71b92906940bb77d3a1","ref":"refs/heads/master","pushedAt":"2024-09-19T12:53:06.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tkempheks","name":"Tyron Kemp","path":"/tkempheks","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/43970129?s=80&v=4"},"commit":{"message":"Create aws-windows-token-dropper.yaml","shortMessageHtmlLink":"Create aws-windows-token-dropper.yaml"}},{"before":"ff8764d5cb005dbabbe048f203d630e94d16a102","after":"026818f43370e2a196ad4b01fecc7be7ddbd0a65","ref":"refs/heads/master","pushedAt":"2024-09-10T14:20:22.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Added canary_personality_randomiser.py\n\nusage : python3 canary_personality_randomiser.py -domain abc123 -apikey abc123123123","shortMessageHtmlLink":"Added canary_personality_randomiser.py"}},{"before":"f97d2a4e4f57147608018164d281702eea023d37","after":"ff8764d5cb005dbabbe048f203d630e94d16a102","ref":"refs/heads/master","pushedAt":"2024-08-22T15:34:40.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update canarygen_awscreds_auto_v0.2.sh","shortMessageHtmlLink":"Update canarygen_awscreds_auto_v0.2.sh"}},{"before":"558ad3ae4e99138a9b21ac66e4a8bc97cc58b93b","after":"f97d2a4e4f57147608018164d281702eea023d37","ref":"refs/heads/master","pushedAt":"2024-08-07T13:09:03.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tkempheks","name":"Tyron Kemp","path":"/tkempheks","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/43970129?s=80&v=4"},"commit":{"message":"Create Invoke-EmbedLocalWordwithAWS.ps1","shortMessageHtmlLink":"Create Invoke-EmbedLocalWordwithAWS.ps1"}},{"before":"c7245ba10153c5db763fe6df6735616c25f626c3","after":"558ad3ae4e99138a9b21ac66e4a8bc97cc58b93b","ref":"refs/heads/master","pushedAt":"2024-08-07T13:08:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tkempheks","name":"Tyron Kemp","path":"/tkempheks","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/43970129?s=80&v=4"},"commit":{"message":"Delete powershell/powershell directory","shortMessageHtmlLink":"Delete powershell/powershell directory"}},{"before":"f9e6fbfff5d8856d18304217355898eb0468ebf8","after":"c7245ba10153c5db763fe6df6735616c25f626c3","ref":"refs/heads/master","pushedAt":"2024-08-07T13:07:57.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tkempheks","name":"Tyron Kemp","path":"/tkempheks","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/43970129?s=80&v=4"},"commit":{"message":"Create Invoke-EmbedLocalWordwithAWS.ps1","shortMessageHtmlLink":"Create Invoke-EmbedLocalWordwithAWS.ps1"}},{"before":"8d2fa943b0e02090ba0b720eae1bf7af0874e5e9","after":"f9e6fbfff5d8856d18304217355898eb0468ebf8","ref":"refs/heads/master","pushedAt":"2024-07-18T07:53:06.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"samhtr","name":null,"path":"/samhtr","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/167406231?s=80&v=4"},"commit":{"message":"Update Multiple-Sensitive-Command-Dropper.ps1\n\nAdded 32/64bit check prior to registry key import","shortMessageHtmlLink":"Update Multiple-Sensitive-Command-Dropper.ps1"}},{"before":"668cc13d8159be2527cd4f10d76a49d638467f66","after":"8d2fa943b0e02090ba0b720eae1bf7af0874e5e9","ref":"refs/heads/master","pushedAt":"2024-07-04T12:51:02.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tkempheks","name":"Tyron Kemp","path":"/tkempheks","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/43970129?s=80&v=4"},"commit":{"message":"Increase Linux/MacOS compatibility \n\nAutomatically determine whether endpoint is Linux or MacOS. Use appropriate md5 according to OS.","shortMessageHtmlLink":"Increase Linux/MacOS compatibility"}},{"before":"ce2d2109337726b6e3087ad6b6d51ea7950cb170","after":"668cc13d8159be2527cd4f10d76a49d638467f66","ref":"refs/heads/master","pushedAt":"2024-07-01T13:21:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update CanaryToken_Multi-Dropper.ps1\n\nAdded the Signed EXE Token","shortMessageHtmlLink":"Update CanaryToken_Multi-Dropper.ps1"}},{"before":"a3199de6248eefaa691655095575749d1587b929","after":"ce2d2109337726b6e3087ad6b6d51ea7950cb170","ref":"refs/heads/master","pushedAt":"2024-06-25T14:26:52.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"samhtr","name":null,"path":"/samhtr","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/167406231?s=80&v=4"},"commit":{"message":"Create awscreds-multi-user-dropper.ps1","shortMessageHtmlLink":"Create awscreds-multi-user-dropper.ps1"}},{"before":"6b286e51c9d14712363456f76879f8c0396ccc3c","after":"a3199de6248eefaa691655095575749d1587b929","ref":"refs/heads/master","pushedAt":"2024-06-20T11:20:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"samhtr","name":null,"path":"/samhtr","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/167406231?s=80&v=4"},"commit":{"message":"Added Multiple-Sensitive-Command-Dropper.ps1","shortMessageHtmlLink":"Added Multiple-Sensitive-Command-Dropper.ps1"}},{"before":"1376171d306a1a59ab3856fad9c0319e9b1192dc","after":"6b286e51c9d14712363456f76879f8c0396ccc3c","ref":"refs/heads/master","pushedAt":"2024-06-20T11:16:06.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"samhtr","name":null,"path":"/samhtr","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/167406231?s=80&v=4"},"commit":{"message":"Added awscreds-multi-user-dropper.sh","shortMessageHtmlLink":"Added awscreds-multi-user-dropper.sh"}},{"before":"704cd9a34cee230b050dcda061c61c27b31074ca","after":"1376171d306a1a59ab3856fad9c0319e9b1192dc","ref":"refs/heads/master","pushedAt":"2024-06-20T11:11:48.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"samhtr","name":null,"path":"/samhtr","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/167406231?s=80&v=4"},"commit":{"message":"Added azure-token-dropper","shortMessageHtmlLink":"Added azure-token-dropper"}},{"before":"3b01f08688ae7ded746e37a444a605f7ef084f89","after":"704cd9a34cee230b050dcda061c61c27b31074ca","ref":"refs/heads/master","pushedAt":"2024-05-29T19:43:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update CanaryToken_Multi-Dropper.py\n\nremoved need to specify flock ID","shortMessageHtmlLink":"Update CanaryToken_Multi-Dropper.py"}},{"before":"c216078065d1e97c86b976a9411b8fc11f9a05f1","after":"3b01f08688ae7ded746e37a444a605f7ef084f89","ref":"refs/heads/master","pushedAt":"2024-05-29T19:42:33.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update CanaryToken_Multi-Dropper.sh\n\nremoved references to Flock ID","shortMessageHtmlLink":"Update CanaryToken_Multi-Dropper.sh"}},{"before":"a5b6895ddf4aec637d1311fd34e73a4970b1d49f","after":"c216078065d1e97c86b976a9411b8fc11f9a05f1","ref":"refs/heads/master","pushedAt":"2024-05-29T19:41:48.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update CanaryToken_Multi-Dropper.sh\n\nremoved need to specify flock ID","shortMessageHtmlLink":"Update CanaryToken_Multi-Dropper.sh"}},{"before":"80156443d324d8951c8f3256f4b435a733329f04","after":"a5b6895ddf4aec637d1311fd34e73a4970b1d49f","ref":"refs/heads/master","pushedAt":"2024-05-16T16:49:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"added update_canary_https_certificate.py\n\nthis script allows you to programatically update the TLS certificates of a Bird's web server.","shortMessageHtmlLink":"added update_canary_https_certificate.py"}},{"before":"ad7877216a3684e38f3f7238f402814887c435f0","after":"80156443d324d8951c8f3256f4b435a733329f04","ref":"refs/heads/master","pushedAt":"2024-05-15T10:35:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update TokenizeExistingFile.py\n\nRemoved the need to specify flock ID","shortMessageHtmlLink":"Update TokenizeExistingFile.py"}},{"before":"47a4bf8485ad05ea3e48948de79d756b3c4a42b1","after":"ad7877216a3684e38f3f7238f402814887c435f0","ref":"refs/heads/master","pushedAt":"2024-05-09T18:17:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update CanaryToken_Multi-Dropper.ps1\n\nAdded deduplication check for sensitive command token","shortMessageHtmlLink":"Update CanaryToken_Multi-Dropper.ps1"}},{"before":"df00ad45dea257691788f3896a2dc4d4688491bb","after":"47a4bf8485ad05ea3e48948de79d756b3c4a42b1","ref":"refs/heads/master","pushedAt":"2024-05-08T09:40:04.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Added sensitive_command_manager.ps1 script\n\nThis PowerShell script manages sensitive command Tokens by creating, deleting or modifying them.","shortMessageHtmlLink":"Added sensitive_command_manager.ps1 script"}},{"before":"912111141fe966f07b68ad999832c8846981517e","after":"df00ad45dea257691788f3896a2dc4d4688491bb","ref":"refs/heads/master","pushedAt":"2024-05-08T09:31:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update API2CSV-All_Tokens.sh\n\nSeveral improvements to script.","shortMessageHtmlLink":"Update API2CSV-All_Tokens.sh"}},{"before":"5ecd5c48fdb08bcc230ede14d6dc283b8911e179","after":"912111141fe966f07b68ad999832c8846981517e","ref":"refs/heads/master","pushedAt":"2024-05-02T18:39:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update AWS_Config_Token_Deploy.py","shortMessageHtmlLink":"Update AWS_Config_Token_Deploy.py"}},{"before":"ba4200d1312ed574b2459312efc955b1a3aa2ba7","after":"5ecd5c48fdb08bcc230ede14d6dc283b8911e179","ref":"refs/heads/master","pushedAt":"2024-04-29T11:51:19.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update CanaryToken_Multi-Dropper.ps1\n\nCorrected placement of credential manager entries.\r\nReplaced IP's with example reserve block. #RFC 5735\r\nadded exit code 0","shortMessageHtmlLink":"Update CanaryToken_Multi-Dropper.ps1"}},{"before":"317284f1419fe0dd2ce0302961c2723599a2c932","after":"ba4200d1312ed574b2459312efc955b1a3aa2ba7","ref":"refs/heads/master","pushedAt":"2024-04-29T11:40:40.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Adding Deployment for Breadcrumbs in Credential Manager, Filezilla Config, SMB Shortcut and URL Shortcut (#42)","shortMessageHtmlLink":"Adding Deployment for Breadcrumbs in Credential Manager, Filezilla Co…"}},{"before":"8cac2128abd26e06483bda26a133e0c04550c546","after":"317284f1419fe0dd2ce0302961c2723599a2c932","ref":"refs/heads/master","pushedAt":"2024-04-23T21:53:45.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Added Canary backup and restore tool\n\nCanary Backup and Restore Tool\r\n\r\nThis script provides a CLI for backing up and restoring settings for Canaries using the Canary API.\r\n\r\nUsage:\r\n    backup_restore_canary.py -domain <DOMAIN> -apikey <APIKEY>\r\n    backup_restore_canary.py -domain <DOMAIN> -apikey <APIKEY> -restore\r\n\r\nOptions:\r\n    -domain     Your Canary Console Domain Hash (e.g., a123456b)\r\n    -apikey     Your Canary API Key (e.g., c6858257b6f32986d7b44)\r\n    -restore    Restore data instead of backing up.\r\n\r\nExamples:\r\n    # Backup Canary devices\r\n    backup_restore_canary.py -domain a123456b -apikey c6858257b6f32986d7b44\r\n\r\n    # Restore Canary devices\r\n    backup_restore_canary.py -domain a123456b -apikey c6858257b6f32986d7b44 -restore\r\n\r\nHow it Works:\r\n    - Backup: The script fetches settings for selected Canary devices from the Canary API and saves them\r\n      as JSON files in the current directory. Each file is named after the Canary's Node ID.\r\n    \r\n    - Restore: The script checks for the previously backed up JSON files in the current directory\r\n      with names matching the format '{Node ID}.json'. It prompts the user to select one of these\r\n      files to restore settings from. It then prompts for the target Node ID where the settings will be restored.\r\n\r\nNote:\r\n    - Backup files are saved in the current directory. Make sure you have write permissions.\r\n    - Backup files include the IP and MAC settings, keep this in mind when restoring.\r\n    - Backup files are pure JSON dumps of your Canary configs, these can be manually tweaked if needed.\r\n    - Before restoring settings, ensure that the backup files exist in the same directory as the script.","shortMessageHtmlLink":"Added Canary backup and restore tool"}},{"before":"ac25104790235fb74d6e9fe134ff2d50f422dc7c","after":"8cac2128abd26e06483bda26a133e0c04550c546","ref":"refs/heads/master","pushedAt":"2024-03-11T16:06:46.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Adding clone_canary.py (#41)","shortMessageHtmlLink":"Adding clone_canary.py (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2179497984\" data-permission-text=\"Title is private\" data-url=\"https://github.com/thinkst/canary-utils/issues/41\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/thinkst/canary-utils/pull/41/hovercard\" href=\"https://github.com/thinkst/canary-utils/pull/41\">#41</a>)"}},{"before":"f65d3ff2968b84fcb57c365245d29e4977c97fd2","after":"ac25104790235fb74d6e9fe134ff2d50f422dc7c","ref":"refs/heads/master","pushedAt":"2024-02-19T14:27:10.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Added Binary Chirp Tool\n\nA hacked together PoC replacement for the Custom EXE / Binary Token.","shortMessageHtmlLink":"Added Binary Chirp Tool"}},{"before":"7064470e47009eb69127984705dc7caba1687ed3","after":"f65d3ff2968b84fcb57c365245d29e4977c97fd2","ref":"refs/heads/master","pushedAt":"2024-02-16T10:11:18.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Added Clone-UserFlocks.ps1\n\nA script used to clone flocks between users which makes dealing with large numbers of Flocks easier.","shortMessageHtmlLink":"Added Clone-UserFlocks.ps1"}},{"before":"87ea798e8f9ebe4038dbeaa9408fb886ac9353f2","after":"7064470e47009eb69127984705dc7caba1687ed3","ref":"refs/heads/master","pushedAt":"2024-01-26T08:25:31.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Rename Invoke-BatchQrIntoWord to Invoke-BatchQrIntoWord.ps1\n\nAdd proper extension","shortMessageHtmlLink":"Rename Invoke-BatchQrIntoWord to Invoke-BatchQrIntoWord.ps1"}},{"before":"dcdb4033d2a709e7871998415aa32b5456a1ef2e","after":"87ea798e8f9ebe4038dbeaa9408fb886ac9353f2","ref":"refs/heads/master","pushedAt":"2024-01-16T10:03:37.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"0xForest","name":"Mr Forest","path":"/0xForest","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1726833?s=80&v=4"},"commit":{"message":"Update Invoke-CreateCanarytokens.ps1","shortMessageHtmlLink":"Update Invoke-CreateCanarytokens.ps1"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOS0xOVQxMjo1MzowNi4wMDAwMDBazwAAAAS626Ok","startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOS0xOVQxMjo1MzowNi4wMDAwMDBazwAAAAS626Ok","endCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wMS0xNlQxMDowMzozNy4wMDAwMDBazwAAAAPg13fy"}},"title":"Activity · thinkst/canary-utils"}