Create AWS Honeytokens easily to catch hackers
learn how to create AWS Honey Tokens that alert you when someone attempts to use them. Honey tokens are API or access keys that are real but harmless and can be used as an early warning system to know when an intruder has made it into your system. In this video, we run through the simple steps to be able. to create your very own AWS Honey Tokens using an open-source project and all your own infrastructure.
Step-by-step tutorial - https://blog.gitguardian.com/creating-a-honeypot-token-tutorial/
GGCanary GitHub Project - https://github.com/GitGuardian/ggcanary
AWS CLI tool - https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
Install terraform - https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli
Install JQ - https://stedolan.github.io/jq/
0:00 - What are Honey Tokens?
1:16 - Helpful links
1:33 - What is GGCanary?
1:57 - Clone GGCanary locally
2:33 - Creating AWS User
05:25 - Setting up AWS profile locally
07:40 - Editing backend.tf file
09:23 - Creating terraform.tfvars file
11:29 - Creating Slack channel
12:05 - Creating Slack webhook
12:44 - Creating Honeytoken names and tags
14:29 - Installing terraform
14:45 - Installing JQ
14:56 - Setting up GGCanary
15:40 - Creating terraform backend with AWS
18:00 - Generating Honeytokens with GGCanary
19:15 - Testing GGCanary Honeytoken keys
20:15 - Where do we put Honey Tokens?
21:09 - Leaking Honey Tokens on GitHub!