{"id":3302,"date":"2019-01-07T10:30:38","date_gmt":"2019-01-07T10:30:38","guid":{"rendered":"https:\/\/emtunc.org\/blog\/?p=3302"},"modified":"2019-11-07T00:14:20","modified_gmt":"2019-11-07T00:14:20","slug":"slackpirate-the-slack-enumeration-and-extraction-tool","status":"publish","type":"post","link":"https:\/\/emtunc.org\/blog\/01\/2019\/slackpirate-the-slack-enumeration-and-extraction-tool\/","title":{"rendered":"SlackPirate &#8211; The Slack Enumeration and Extraction Tool"},"content":{"rendered":"\n<p>Today I am open-sourcing <a href=\"https:\/\/github.com\/emtunc\/SlackPirate\">SlackPirate<\/a>; a tool I developed over the last couple weeks, designed to enumerate and extract sensitive\/interesting\/confidential data from a Slack Workspace.<\/p>\n\n\n\n<p>Red teamers can use this during an assessment to extract sensitive information which can significantly contribute to the discovery\/recon\/enumeration phase of the assessment by analysing data such as credentials, internal system documentation and scripts, links to internal build systems, etc.<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>Blue teamers can use this to discover sensitive content that may exist on a Workspace that perhaps shouldn&#8217;t. You can use this information to start looking at ways to increase the security of your Workspace. Activities such as (1) raising awareness internally of the issue &#8211; including but not limited to personnel training sessions, using Slack more securely by limiting <em>where<\/em> sensitive data is shared (think private channel vs. public) (2) Detection and response &#8211; do you have the ability to detect someone extracting all your corporate data from Slack? (3) Review the configuration of your Workspace &#8211; are you still allowing anyone@example.com access to your Slack even though example.com has long expired and can be registered by anyone on the internet? (4) There are probably more I haven&#8217;t thought about but you get the idea.<\/p>\n\n\n\n<p>Here&#8217;s the link to the repository &#8211; have fun pointing it at your Slack! <a href=\"https:\/\/github.com\/emtunc\/SlackPirate\">https:\/\/github.com\/emtunc\/SlackPirate<\/a><\/p>\n\n\n\n<p>If you do use the tool, please leave feedback &#8211; I&#8217;d love to know if you found it helpful and what else I could do to make it even more useful.<\/p>\n\n\n\n<p>If you have any feature requests, enhancements or bug reports, please file an issue on Github<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today I am open-sourcing SlackPirate; a tool I developed over the last couple weeks, designed to enumerate and extract sensitive\/interesting\/confidential data from a Slack Workspace. Red teamers can use this during an assessment to extract sensitive information which can significantly contribute to the discovery\/recon\/enumeration phase of the assessment by analysing data such as credentials, internal [&hellip;]<\/p>\n","protected":false},"author":32,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"footnotes":""},"categories":[1],"tags":[265,266,264,263],"class_list":["post-3302","post","type-post","status-publish","format-standard","hentry","category-tech","tag-blueteam","tag-python","tag-redteam","tag-slack"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1trTO-Rg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/posts\/3302","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/comments?post=3302"}],"version-history":[{"count":5,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/posts\/3302\/revisions"}],"predecessor-version":[{"id":4276,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/posts\/3302\/revisions\/4276"}],"wp:attachment":[{"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/media?parent=3302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/categories?post=3302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/emtunc.org\/blog\/wp-json\/wp\/v2\/tags?post=3302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}