SlackPirate – The Slack Enumeration and Extraction Tool

Today I am open-sourcing SlackPirate; a tool I developed over the last couple weeks, designed to enumerate and extract sensitive/interesting/confidential data from a Slack Workspace.

Red teamers can use this during an assessment to extract sensitive information which can significantly contribute to the discovery/recon/enumeration phase of the assessment by analysing data such as credentials, internal system documentation and scripts, links to internal build systems, etc.

Blue teamers can use this to discover sensitive content that may exist on a Workspace that perhaps shouldn’t. You can use this information to start looking at ways to increase the security of your Workspace. Activities such as (1) raising awareness internally of the issue – including but not limited to personnel training sessions, using Slack more securely by limiting where sensitive data is shared (think private channel vs. public) (2) Detection and response – do you have the ability to detect someone extracting all your corporate data from Slack? (3) Review the configuration of your Workspace – are you still allowing [email protected] access to your Slack even though example.com has long expired and can be registered by anyone on the internet? (4) There are probably more I haven’t thought about but you get the idea.

Here’s the link to the repository – have fun pointing it at your Slack! https://github.com/emtunc/SlackPirate

If you do use the tool, please leave feedback – I’d love to know if you found it helpful and what else I could do to make it even more useful.

If you have any feature requests, enhancements or bug reports, please file an issue on Github

Creating a Secure Environment for your Cryptocurrency Hardware Wallet

In this brief blog post I will discuss what I believe to be good practices to follow during the set-up and day-to-day usage of a Cryptocurrency hardware wallet; specifically the Ledger Nano S because it’s the one I use. This advice should still be useful for other hardware wallets as they’re all quite similar.

Continue reading Creating a Secure Environment for your Cryptocurrency Hardware Wallet

My Research on Misconfigured Jenkins Servers

Late last year I decided to see how many misconfigured CI/CD (continuous integration and deployment) installations I could find on the internet. I decided to focus my research on one of the most popular CI/CD applications – Jenkins. This article isn’t an attack on Jenkins in any way shape or form – any piece of software and/or hardware can be configured incorrectly… it just so happens to be that CI/CD servers often host some very sensitive configurations – some of which I will come on to in a bit.

Continue reading My Research on Misconfigured Jenkins Servers