Sometimes in my line of work, I review submitted bug bounty submissions. While most of the time, they are merely ‘beg bounties’
Thinkst provides the popular canary token service, but a honeytoken can be made through other means. This post will focus on the canary token platform but concepts can be applied elsewhere. These tokens can be implemented in a variety of different and creative ways such as an Invoke-WebRequest to the canary URL when an attacker adds a machine account to AD