SlackPirate – The Slack Enumeration and Extraction Tool

Today I am open-sourcing SlackPirate; a tool I developed over the last couple weeks, designed to enumerate and extract sensitive/interesting/confidential data from a Slack Workspace.

Red teamers can use this during an assessment to extract sensitive information which can significantly contribute to the discovery/recon/enumeration phase of the assessment by analysing data such as credentials, internal system documentation and scripts, links to internal build systems, etc.

Continue reading SlackPirate – The Slack Enumeration and Extraction Tool