slack watchman v4.0.2 releases: Monitoring you Slack workspaces for sensitive information
Slack Watchman
Slack Watchman is an application that uses the Slack API to look for potentially sensitive data exposed in your Slack workspaces.
Features
It searches for, and reports back on:
- Externally shared channels
- Potential leaked passwords
- AWS Keys
- GCP keys
- Slack API keys
- Private keys
- Bank card details
- Certificate files
- Potentially interesting/malicious files (.docm, .xlsm, .zip etc.)
It also gives the following, which can be used for general auditing:
- All channels
- All users
- All admins
Time-based searching
You can run Slack Watchman to look for results going back as far as:
- 24 hours
- 7 days
- 30 days
- All-time
This means after one deep scan, you can schedule it to run regularly and only return results from your chosen timeframe.
Changelog v4.0.2
Added
- Added notification for an invalid cookie being passed (Fixes #47)
Fixed
- JSON output for User and Workspace information was malformed, this has now been fixed
Install && Use
Copyright (C) 2020 PaperMtn
