canary token

canary token? Let’s do Information gathering


In this post, you will learn what is a canary token is? And how does it work and most importantly I’m going to perform a how to see canary tokens lively.


What is canary token

The canary token is a type of token, When a criminal sends this to the target and when the target clicks on the token generated by the criminal then the target location and the IP address will be known to the criminal.

In simple words, We could say the canary tokens are used to gathering real-time information like victim IP and the location.

Only these you could gather and further the criminal should do enumeration using Nmap. Then it’s really very simple process just take the victim IP address scan it in nmap and find the person.

Also Read: Full tutorial on DMitry?


How to use a canary token

It’s really very simple to use carnary tokens, just wet your hands let’s GO!!!

Firstly, go to this site

canary token

The interface looks pretty cool, Just kidding ????

This is the official canary token page there are some other sites also generating carnary tokens like stationX

Just click on the select toke and select one and give your mail, make a remainder, and give generate.

*Make sure the mail you give is anonymous and make sure you are the admin of the mail to check the information.

generating canary token

Looks really cool Ah (¬‿¬)

Okay, funs apart let’s see what the hell these are;

  1. Chose your canary token it may be excel doc or pdf whatever and make sure that it should be looking like legit so, the victim will click on the canary token.
  2. Second enter the mail address, DON’T enter mine. Get a temporary mail and enter it and make sure you have access to it
  3. Write a remainder on to whome the token you are sending to, suppose if youre a scammer you will send to all of them and one will get confused.
  4. Atlast give create canary tokens. ????
created a ms excel token

Success MAN, you finally created a canary token ????

Now comes the IMPORTANT part make sure whatever you’re sending is legit. This means to add some decoration like you got a job offers or say if you didn’t pay you will lose our subscription, well it is an invoice type.

Give download ????

Give a new file name so, the victim will not be fishy about the doc

Caranay token

I sent the mail to my dear friend and I got this information once he/she clicked on it I got this information

Further, I could do enumeration on the IP address I got



This tool is very much useful for doing phishing activity and gathering information just give a try on it! ✨

Also Read: Information gathering using ARP-SCAN

Also Read: How to change MAC address

Additionally: The different ways to do password cracking

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top