Skip to content

Canary Tokens

SIEM & Threat Detection

A low‑resource, multi‑protocol network honeypot that alerts you when attackers interact with it on non‑public networks.

Track releases GitHub Website
Python Latest v0.9.8 · 16d ago Security brief →

Features

  • Mimics a variety of network services to lure and detect attackers
  • Generates real‑time alerts showing the source IP and breached service
  • Extensible via optional modules (SNMP, Portscan, SMB, etc.)

Recent releases

View all 2 releases →
Upgrade now
v0.9.8 New feature
Dependencies

MongoDB module + pytest migration

Open
v0.9.7 Bug fix

Fixes TFTP client handling and Docker startup issues.

Full changelog

What's Changed

  • Fix TFTP client attacks without generating event issues by @H-Dynamite in https://github.com/thinkst/opencanary/pull/411
  • Fix docker startup failure due to dangling twistd.pid file by @jayjb in https://github.com/thinkst/opencanary/pull/423
  • Change base image to python:3.10-bookworm by @imTHAI in https://github.com/thinkst/opencanary/pull/422

New Contributors

  • @H-Dynamite made their first contribution in https://github.com/thinkst/opencanary/pull/411
  • @imTHAI made their first contribution in https://github.com/thinkst/opencanary/pull/422

Full Changelog: https://github.com/thinkst/opencanary/compare/v0.9.6...v0.9.7

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
2,881
Forks
400
Languages
Python CSS HTML
View on GitHub Homepage

Install & Platforms

Install via
pip docker
Platforms
linux macos arm64

Similar tools

wazuh
hollows_hunter
beelzebub
opensnitch
grisuno/LazyOwn

Alternative to

Thinkst Canary

Beta — feedback welcome: [email protected]