Comments (6)
rgn-glitch
commented on June 3, 2024
1
Excellent, thanks for your help clearing that up 👍
from slack-watchman.
PaperMtn
commented on June 3, 2024
Hey,
What version are you using? You can check by running slack-watchman --version
I've tested it on version 2.0.3 and the latest version 2.1.0 and it is working for me.
If you are using an old version, try updating to the latest version. If you used pip, it would be: pip3 install --upgrade slack-watchman
Let me know how it goes
from slack-watchman.
rgn-glitch
commented on June 3, 2024
Hi,
Thanks for your reply.
I'm using the latest version 2.1.0
I've run apt-get update, along with pip3 install --upgrade slack-watchman.
No success.
For --tokens, it only outputs the AWS credentials to .csv not the other findings.
No .csv output for the above before mentioned. :(
from slack-watchman.
PaperMtn
commented on June 3, 2024
Can you let me know what OS/distro you're running, and perhaps give some example of the output you are getting?
Is there definitely some data being found in Slack for the time frame you have selected, but not written to .csv?
from slack-watchman.
rgn-glitch
commented on June 3, 2024
Distro: Kali GNU/Linux Rolling, Debian, 2020.2
Yes, their is definitely data being found in Slack for the time-frame specified, but not written to .csv
Example: --pii search will return 'X' amount of pages found for queries "Finding ID taxpayer ID Number"
"Finding national insurance numbers" "Finding DOB" and "Finding passwords" With no .csv output provided.
from slack-watchman.
PaperMtn
commented on June 3, 2024
Ok, I think I see what is happening. The way that Slack Watchman works is that it uses search terms to query the Slack API and return data, which is then filtered using regex to find any matches. Look at this output from my testing Slack workspace:
Finding US social security numbers
+++++++++++++++++++++
1 page(s) found for query: ssn
1 matches found for ssn
CSV written: /Users/papermtn/potential_leaked_us_ssn_ssn.csv
1 page(s) found for query: social security
The Slack query ssn has returned one page of results, Slack Watchman pulls 100 results per page, but in reality one page may be for 1 or 2 results found using that query. The results returned are then searched using regex, and if anything matches, that is then written to CSV.
Notice that the query for social security returned 1 page, but there were no matches so nothing was written.
I hope this clears it up? Looks like everything is working as expected. I may play around with the wording in future versions if it is causing confusion.
from slack-watchman.
Related Issues (15)
- Error when searching for externally shared channels HOT 1
- Error on incorrect scope HOT 1
- feature request: azure keys HOT 4
- Getting error 'encoding' is an invalid keyword argument for this function HOT 1
- Broken JSON HOT 3
- Add base rule set sources HOT 2
- File based rules - "posted_by" left blank HOT 3
- 'NoneType' object has no attribute 'get' HOT 8
- Enhancement - App Permissions HOT 1
- Custom Rules
- watchman conf file format is not updated HOT 1
- JSON is broken HOT 2
- Support getting Slack token from args/env var HOT 3
- Can't see message information HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from slack-watchman.