<img src="https://i.imgur.com/jeU9F0a.png" width="550">
# Slack Watchman
Monitoring and enumerating Slack for exposed secrets
## About Slack Watchman
Slack Watchman is an application that uses the Slack API to find potentially sensitive data exposed in a Slack workspace, and to enumerate other useful information for red, blue and purple teams.
More information about Slack Watchman can be found [on my blog](https://papermtn.co.uk/slack-watchman-monitoring-slack-workspaces-for-sensitive-information/).
### Features
Slack Watchman looks for:
- API Keys, Tokens & Service Accounts
- AWS, Azure, GCP, Google API, Slack (keys & webhooks), Twitter, Facebook, GitHub and more
- Generic Private keys
- Access Tokens, Bearer Tokens, Client Secrets, Private Tokens
- Files
- Certificate files
- Potentially interesting/malicious/sensitive files (.docm, .xlsm, .zip etc.)
- Executable files
- Keychain files
- Config files for popular services (Terraform, Jenkins, OpenVPN and more)
- Personal Data
- Leaked passwords
- Passport numbers, Dates of birth, Social security numbers, National insurance numbers and more
- Financial data
- Paypal Braintree tokens, Bank card details, IBAN numbers, CUSIP numbers and more
It also enumerates the following:
- User data
- All users & all admins
- Channel data
- All channels, including externally shared channels
#### Time based searching
You can run Slack Watchman to look for results going back as far as:
- 24 hours
- 7 days
- 30 days
- All time
This means after one deep scan, you can schedule Slack Watchman to run regularly and only return results from your chosen timeframe.
### Signatures
Slack Watchman uses custom YAML signatures to detect matches in Slack. These signatures are pulled from the central [Watchman Signatures repository](https://github.com/PaperMtn/watchman-signatures). Slack Watchman automatically updates its signature base at runtime to ensure its using the latest signatures to detect secrets.
### Logging
Slack Watchman gives the following logging options:
- Terminal-friendly Stdout
- JSON to Stdout
Slack Watchman defaults to terminal-friendly stdout logging if no option is given. This is designed to be easier for humans to read.
JSON logging is also available, which is perfect for ingesting into a SIEM or other log analysis platforms.
JSON formatted logging can be easily redirected to a file as below:
```commandline
slack-watchman --timeframe a --all --output json >> slack_watchman_log.json
```
## Authentication Requirements
### Slack API token
To run Slack Watchman, you will need a Slack API OAuth access token. You can do this by creating a simple [Slack App](https://api.slack.com/apps).
The app needs to have the following **User Token Scopes** added:
```
channels:read
files:read
groups:read
im:read
links:read
mpim:read
remote_files:read
search:read
team:read
users:read
users:read.email
```
**Note**: User tokens act on behalf of the user who authorises them, so I would suggest you create this app and authorise it using a service account, otherwise the app will have access to your private channels and chats.
### Cookie Authentication
Alternatively, Slack Watchman can also authenticate to Slack using a user `d` cookie, which is stored in the browser of each user logged into a workspace.
To use cookie authentication, you will need to provide the `d` cookie, and the URL of the target workspace. Then you will need to use the `--cookie` flag when running Slack Watchman
More information on cookie authentication can be found [on my blog](https://papermtn.co.uk/category/tools/slack-watchman/)
#### Providing tokens
Slack Watchman will first try to get the Slack token (plus the cookie token and URL if selected) from the environment variables
- `SLACK_WATCHMAN_TOKEN`
- `SLACK_WATCHMAN_COOKIE`
- `SLACK_WATCHMAN_URL`
If this fails it will try to load the token(s) from `.conf` file (see below).
#### .conf file
Configuration options can be passed in a file named `watchman.conf` which must be stored in your home directory. The file should follow the YAML format, and should look like below:
```yaml
slack_watchman:
token: xoxp-xxxxxxxx
cookie: xoxd-%2xxxxx
url: https://xxxxx.slack.com
```
Slack Watchman will look for this file at runtime, and use the configuration options from here. If you are not using cookie auth, leave `cookie` and `url` blank.
If you are having issues with your .conf file, run it through a YAML linter.
An example file is in `docs/example.conf`
**Note**: Cookie and URL values are optional, and not required if not using cookie authentication.
## Installation
You can install the latest stable version via pip:
```commandline
python3 -m pip install slack-watchman
```
Or build from source yourself:
Download the release source files, then from the top level repository run:
```commandline
python3 -m pip build
python3 -m pip install --force-reinstall dist/*.whl
```
## Docker Image
Slack Watchman is also available from the Docker hub as a Docker image:
`docker pull papermountain/slack-watchman:latest`
You can then run Slack Watchman in a container, making sure you pass the required environment variables:
```commandline
// help
docker run --rm papermountain/slack-watchman -h
// scan all
docker run --rm -e SLACK_WATCHMAN_TOKEN=xoxp... papermountain/slack-watchman --timeframe a --all --output json
docker run --rm --env-file .env papermountain/slack-watchman --timeframe a --all --output stdout
```
## Usage
Slack Watchman will be installed as a global command, use as follows:
```commandline
usage: slack-watchman [-h] --timeframe {d,w,m,a} [--output {json,stdout}] [--version] [--all] [--users] [--channels] [--pii] [--secrets]
[--debug] [--verbose] [--cookie]
Monitoring and enumerating Slack for exposed secrets
options:
-h, --help show this help message and exit
--output {json,stdout}, -o {json,stdout}
Where to send results
--version, -v show program's version number and exit
--all, -a Find secrets and PII
--users, -u Enumerate users and output them to .csv
--channels, -c Enumerate channels and output them to .csv
--pii, -p Find personal data: DOB, passport details, drivers licence, ITIN, SSN etc.
--secrets, -s Find exposed secrets: credentials, tokens etc.
--debug, -d Turn on debug level logging
--verbose, -V Turn on more verbose output for JSON logging. This includes more fields, but is larger
--cookie Use cookie auth using Slack d cookie. REQUIRES either SLACK_WATCHMAN_COOKIE and SLACK_WATCHMAN_URL environment
variables set, or both values set in watchman.conf
required arguments:
--timeframe {d,w,m,a}, -t {d,w,m,a}
How far back to search: d = 24 hours w = 7 days, m = 30 days, a = all time
```
You can run Slack Watchman to look for everything, and output to default stdout:
```commandline
slack-watchman --timeframe a --all
```
## Other Watchman apps
You may be interested in the other apps in the Watchman family:
- [Slack Watchman for Enterprise Grid](https://github.com/PaperMtn/slack-watchman-enterprise-grid)
- [GitLab Watchman](https://github.com/PaperMtn/gitlab-watchman)
- [GitHub Watchman](https://github.com/PaperMtn/github-watchman)
## License
The source code for this project is released under the [GNU General Public Licence](https://www.gnu.org/licenses/licenses.html#GPL). This project is not associated with Slack Technologies or Salesforce.
## [4.0.2] - 2023-06-14
### Added
- Added notification for an invalid cookie being passed (Fixes #47)
### Fixed
- JSON output for User and Workspace information was malformed, this has now been fixed
## [4.0.1] - 2023-05-05
### Changed
- User output in stdout logging now includes display name and email. The accounts for cases where usernames are nonsensical.
## [4.0.0] - 2023-05-03
This major version release brings multiple updates to Slack Watchman in usability, functionality and behind the scenes improvements.
**Note**: While efforts have been made to make sure there is some backwards compatibility, this release may have some breaking changes on previous versions. Make sure to look at the removed secion
### Added
- Support for centralised signatures from the [Watchman Signatures repository](https://github.com/PaperMtn/watchman-signatures)
- This makes it much easier to keep the signature base for all Watchman applications up to date, and to add functionality to Slack Watchman with new signatures. New signatures are downloaded, and updates to existing signatures are applied, at runtime, meaning Slack Watchman will always be using the most up to date signatures.
- Major UI overhaul
- A lot of feedback said Slack Watchman was hard to read. This version introduces new terminal optimised logging as a logging option, as well as JSON formatting. This formatting is now the default when running with no output option selected, and is a lot easier for humans to read. Also, colours!
- Cookie login
- If you have a Slack `d` cookie (which can be gathered from a web browser authenticated to Slack), and you know the URL of the target Slack workspace, Slack Watchman now allows you to authenticate using cookie auth, instead of supplying a bot token.
- Multiprocessing and other backend improvements
- Slack Watchman now makes more efficient use of API calls, and incorporates multiprocessing, to run faster than previous versions. Larger workspaces can now be enumerated much quicker.
- Docker image support
- Slack Watchman is now available as a Docker image. Simply pull from Docker Hub `docker pull papermountain/slack-watchman:latest`
- More useful enumeration options added
- Slack Watchman now gathers more information on a workspace. Useful if your use case is more red than blue...
- Get information on calling user
- Provides you information on the user you are authenticated as, including whether the user has 2FA configured, whether they are an admin etc.
- CSV files containing information on all users and channels in the workspace.
- Option choose between verbose or succinct logging when using JSON output. Default is succinct.
- Debug logging option
### Removed
- Socket logging functionality
- I'm not sure this functionality was used, but the move to more accessible stdout and JSON logging options means that the option to log to a listening socket has been removed.
- Some CSV output
- For the same reason as above, logging results to CSV has been removed. Enumerating users and channels can still be output to CSV, but formatting a CSV file for a complex nested datastructure is a nightmare, and makes future modifications time consuming.
- Logging to file
- To keep logging as simple as possible, the file output option has also been removed. This can easily be reproduced by piping the output of running Slack Watchman to a file:
- ```slack-watchman --timeframe w --all --output json >> sw-log.json```
- Local/custom signatures - Centralised signatures mean that user-created custom signatures can't be used with Slack Watchman for Enterprise Grid anymore. If you have made a signature you think would be good for sharing with the community, feel free to add it to the Watchman Signatures repository, so it can be used in all Watchman applications
## [3.0.10] - 2020-11-08
### Fixed
- Retry added for occasional Requests HTTPSConnectionPool error
### Added
- Version added to Stdout logging
- Better exception handling and logging exceptions correctly
- Workspace field added to critical error
## [3.0.9] - 2020-10-31
### Added
- Mailgun API token rule
- Mailchimp API token rule
- Twilio API token rule
- Stripe API token rule
- Heroku API token rule
- Shodan API token rule
- Cloudflare API token rule
## [3.0.8] - 2020-10-10
### Added
- Exact regex string match added to output from message searches
- Check added for when the given token doesn't have the required API scope. On incorrect scope, and exception will be raised and the required scope will be output to log
## [3.0.7] - 2020-10-02
### Added
- Rule to detect MasterCard Datacash credentials
## [3.0.6] - 2020-09-22
### Changed
- File searching now includes user who posted file via users.list API method
- Logging field name changes = 'type' -> 'detection_type', 'detection' -> 'detection_data'
## [3.0.5] - 2020-09-18
### Changed
- Updated output to strip quotes from query strings. This should allow better JSON parsing with more log ingestors
- File searching was missing file type output in log data in some occasions, now fixed
## [3.0.4] - 2020-09-10
### Added
- Added rules to search for:
- CV files
- Files and spreadsheets containing budget and salary information
## [3.0.2] - 2020-09-06
### Added
- CHANGELOG to track updates
- Small bug meant that PyPI installations weren't including the YAML rule files. This has now been fixed.
### Changed
- Top level dir renamed from `watchman` to `slack_watchman` to place nicer with PyPI
## [3.0.0] - 2020-09-04
### Added
- Rules based searching
- Logging options: Log file, Stdout, TCP stream
- Deduplication of output
- Refactor into slack_wrapper to use a class to create an API client
### Changed
- Top level dir renamed from `watchman` to `slack_watchman` to place nicer with PyPI
### Removed
- Custom search by CSV. This is now done by creating your own custom rule
Raw data
{
"_id": null,
"home_page": "https://github.com/PaperMtn/slack-watchman",
"name": "slack-watchman",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": "",
"keywords": "audit,slack,slack-watchman,watchman,blue-team,red-team,threat-hunting",
"author": "PaperMtn",
"author_email": "papermtn@protonmail.com",
"download_url": "https://files.pythonhosted.org/packages/92/f8/b606d5e4a76ddb78877967c15680fc9456083897e76605181e5ea4d01672/slack-watchman-4.0.2.tar.gz",
"platform": null,
"description": "<img src=\"https://i.imgur.com/jeU9F0a.png\" width=\"550\">\n\n# Slack Watchman\n\n\n\n\nMonitoring and enumerating Slack for exposed secrets\n\n## About Slack Watchman\nSlack Watchman is an application that uses the Slack API to find potentially sensitive data exposed in a Slack workspace, and to enumerate other useful information for red, blue and purple teams.\n\nMore information about Slack Watchman can be found [on my blog](https://papermtn.co.uk/slack-watchman-monitoring-slack-workspaces-for-sensitive-information/).\n\n### Features\nSlack Watchman looks for:\n\n- API Keys, Tokens & Service Accounts\n - AWS, Azure, GCP, Google API, Slack (keys & webhooks), Twitter, Facebook, GitHub and more\n - Generic Private keys\n - Access Tokens, Bearer Tokens, Client Secrets, Private Tokens\n- Files\n - Certificate files\n - Potentially interesting/malicious/sensitive files (.docm, .xlsm, .zip etc.)\n - Executable files\n - Keychain files\n - Config files for popular services (Terraform, Jenkins, OpenVPN and more)\n- Personal Data\n - Leaked passwords\n - Passport numbers, Dates of birth, Social security numbers, National insurance numbers and more\n- Financial data\n - Paypal Braintree tokens, Bank card details, IBAN numbers, CUSIP numbers and more\n\nIt also enumerates the following:\n- User data\n - All users & all admins\n- Channel data\n - All channels, including externally shared channels\n\n#### Time based searching\nYou can run Slack Watchman to look for results going back as far as:\n- 24 hours\n- 7 days\n- 30 days\n- All time\n\nThis means after one deep scan, you can schedule Slack Watchman to run regularly and only return results from your chosen timeframe.\n\n### Signatures\nSlack Watchman uses custom YAML signatures to detect matches in Slack. These signatures are pulled from the central [Watchman Signatures repository](https://github.com/PaperMtn/watchman-signatures). Slack Watchman automatically updates its signature base at runtime to ensure its using the latest signatures to detect secrets.\n\n### Logging\n\nSlack Watchman gives the following logging options:\n- Terminal-friendly Stdout\n- JSON to Stdout\n\nSlack Watchman defaults to terminal-friendly stdout logging if no option is given. This is designed to be easier for humans to read.\n\nJSON logging is also available, which is perfect for ingesting into a SIEM or other log analysis platforms.\n\nJSON formatted logging can be easily redirected to a file as below:\n```commandline\nslack-watchman --timeframe a --all --output json >> slack_watchman_log.json \n```\n\n## Authentication Requirements\n### Slack API token\nTo run Slack Watchman, you will need a Slack API OAuth access token. You can do this by creating a simple [Slack App](https://api.slack.com/apps).\n\nThe app needs to have the following **User Token Scopes** added:\n```\nchannels:read\nfiles:read\ngroups:read\nim:read\nlinks:read\nmpim:read\nremote_files:read\nsearch:read\nteam:read\nusers:read\nusers:read.email\n```\n**Note**: User tokens act on behalf of the user who authorises them, so I would suggest you create this app and authorise it using a service account, otherwise the app will have access to your private channels and chats.\n\n### Cookie Authentication\nAlternatively, Slack Watchman can also authenticate to Slack using a user `d` cookie, which is stored in the browser of each user logged into a workspace.\n\nTo use cookie authentication, you will need to provide the `d` cookie, and the URL of the target workspace. Then you will need to use the `--cookie` flag when running Slack Watchman\n\nMore information on cookie authentication can be found [on my blog](https://papermtn.co.uk/category/tools/slack-watchman/)\n#### Providing tokens\nSlack Watchman will first try to get the Slack token (plus the cookie token and URL if selected) from the environment variables \n- `SLACK_WATCHMAN_TOKEN`\n- `SLACK_WATCHMAN_COOKIE`\n- `SLACK_WATCHMAN_URL`\n\nIf this fails it will try to load the token(s) from `.conf` file (see below).\n\n#### .conf file\nConfiguration options can be passed in a file named `watchman.conf` which must be stored in your home directory. The file should follow the YAML format, and should look like below:\n```yaml\nslack_watchman:\n token: xoxp-xxxxxxxx\n cookie: xoxd-%2xxxxx\n url: https://xxxxx.slack.com\n```\nSlack Watchman will look for this file at runtime, and use the configuration options from here. If you are not using cookie auth, leave `cookie` and `url` blank.\n\nIf you are having issues with your .conf file, run it through a YAML linter.\n\nAn example file is in `docs/example.conf`\n\n**Note**: Cookie and URL values are optional, and not required if not using cookie authentication.\n\n## Installation\nYou can install the latest stable version via pip:\n\n```commandline\npython3 -m pip install slack-watchman\n```\n\nOr build from source yourself:\n\nDownload the release source files, then from the top level repository run:\n```commandline\npython3 -m pip build\npython3 -m pip install --force-reinstall dist/*.whl\n```\n\n## Docker Image\n\nSlack Watchman is also available from the Docker hub as a Docker image:\n\n`docker pull papermountain/slack-watchman:latest`\n\nYou can then run Slack Watchman in a container, making sure you pass the required environment variables:\n\n```commandline\n// help\ndocker run --rm papermountain/slack-watchman -h\n\n// scan all\ndocker run --rm -e SLACK_WATCHMAN_TOKEN=xoxp... papermountain/slack-watchman --timeframe a --all --output json\ndocker run --rm --env-file .env papermountain/slack-watchman --timeframe a --all --output stdout\n```\n\n## Usage\nSlack Watchman will be installed as a global command, use as follows:\n```commandline\nusage: slack-watchman [-h] --timeframe {d,w,m,a} [--output {json,stdout}] [--version] [--all] [--users] [--channels] [--pii] [--secrets]\n [--debug] [--verbose] [--cookie]\n\nMonitoring and enumerating Slack for exposed secrets\n\noptions:\n -h, --help show this help message and exit\n --output {json,stdout}, -o {json,stdout}\n Where to send results\n --version, -v show program's version number and exit\n --all, -a Find secrets and PII\n --users, -u Enumerate users and output them to .csv\n --channels, -c Enumerate channels and output them to .csv\n --pii, -p Find personal data: DOB, passport details, drivers licence, ITIN, SSN etc.\n --secrets, -s Find exposed secrets: credentials, tokens etc.\n --debug, -d Turn on debug level logging\n --verbose, -V Turn on more verbose output for JSON logging. This includes more fields, but is larger\n --cookie Use cookie auth using Slack d cookie. REQUIRES either SLACK_WATCHMAN_COOKIE and SLACK_WATCHMAN_URL environment\n variables set, or both values set in watchman.conf\n\nrequired arguments:\n --timeframe {d,w,m,a}, -t {d,w,m,a}\n How far back to search: d = 24 hours w = 7 days, m = 30 days, a = all time\n ```\n\nYou can run Slack Watchman to look for everything, and output to default stdout:\n\n```commandline\nslack-watchman --timeframe a --all\n```\n\n## Other Watchman apps\nYou may be interested in the other apps in the Watchman family:\n- [Slack Watchman for Enterprise Grid](https://github.com/PaperMtn/slack-watchman-enterprise-grid)\n- [GitLab Watchman](https://github.com/PaperMtn/gitlab-watchman)\n- [GitHub Watchman](https://github.com/PaperMtn/github-watchman)\n\n## License\nThe source code for this project is released under the [GNU General Public Licence](https://www.gnu.org/licenses/licenses.html#GPL). This project is not associated with Slack Technologies or Salesforce.\n## [4.0.2] - 2023-06-14\n### Added\n- Added notification for an invalid cookie being passed (Fixes #47)\n### Fixed\n- JSON output for User and Workspace information was malformed, this has now been fixed\n\n## [4.0.1] - 2023-05-05\n### Changed\n- User output in stdout logging now includes display name and email. The accounts for cases where usernames are nonsensical.\n\n## [4.0.0] - 2023-05-03\nThis major version release brings multiple updates to Slack Watchman in usability, functionality and behind the scenes improvements.\n\n**Note**: While efforts have been made to make sure there is some backwards compatibility, this release may have some breaking changes on previous versions. Make sure to look at the removed secion\n\n### Added\n- Support for centralised signatures from the [Watchman Signatures repository](https://github.com/PaperMtn/watchman-signatures)\n - This makes it much easier to keep the signature base for all Watchman applications up to date, and to add functionality to Slack Watchman with new signatures. New signatures are downloaded, and updates to existing signatures are applied, at runtime, meaning Slack Watchman will always be using the most up to date signatures.\n- Major UI overhaul\n - A lot of feedback said Slack Watchman was hard to read. This version introduces new terminal optimised logging as a logging option, as well as JSON formatting. This formatting is now the default when running with no output option selected, and is a lot easier for humans to read. Also, colours!\n- Cookie login\n - If you have a Slack `d` cookie (which can be gathered from a web browser authenticated to Slack), and you know the URL of the target Slack workspace, Slack Watchman now allows you to authenticate using cookie auth, instead of supplying a bot token.\n- Multiprocessing and other backend improvements\n - Slack Watchman now makes more efficient use of API calls, and incorporates multiprocessing, to run faster than previous versions. Larger workspaces can now be enumerated much quicker. \n- Docker image support\n - Slack Watchman is now available as a Docker image. Simply pull from Docker Hub `docker pull papermountain/slack-watchman:latest`\n- More useful enumeration options added\n - Slack Watchman now gathers more information on a workspace. Useful if your use case is more red than blue...\n - Get information on calling user\n - Provides you information on the user you are authenticated as, including whether the user has 2FA configured, whether they are an admin etc.\n - CSV files containing information on all users and channels in the workspace.\n- Option choose between verbose or succinct logging when using JSON output. Default is succinct.\n- Debug logging option\n### Removed\n- Socket logging functionality\n - I'm not sure this functionality was used, but the move to more accessible stdout and JSON logging options means that the option to log to a listening socket has been removed.\n- Some CSV output\n - For the same reason as above, logging results to CSV has been removed. Enumerating users and channels can still be output to CSV, but formatting a CSV file for a complex nested datastructure is a nightmare, and makes future modifications time consuming.\n- Logging to file\n - To keep logging as simple as possible, the file output option has also been removed. This can easily be reproduced by piping the output of running Slack Watchman to a file:\n - ```slack-watchman --timeframe w --all --output json >> sw-log.json```\n- Local/custom signatures - Centralised signatures mean that user-created custom signatures can't be used with Slack Watchman for Enterprise Grid anymore. If you have made a signature you think would be good for sharing with the community, feel free to add it to the Watchman Signatures repository, so it can be used in all Watchman applications\n\n## [3.0.10] - 2020-11-08\n### Fixed\n- Retry added for occasional Requests HTTPSConnectionPool error\n### Added\n- Version added to Stdout logging\n- Better exception handling and logging exceptions correctly\n- Workspace field added to critical error\n\n## [3.0.9] - 2020-10-31\n### Added\n- Mailgun API token rule\n- Mailchimp API token rule\n- Twilio API token rule\n- Stripe API token rule\n- Heroku API token rule\n- Shodan API token rule\n- Cloudflare API token rule\n\n## [3.0.8] - 2020-10-10\n### Added\n- Exact regex string match added to output from message searches\n- Check added for when the given token doesn't have the required API scope. On incorrect scope, and exception will be raised and the required scope will be output to log\n\n## [3.0.7] - 2020-10-02\n### Added\n- Rule to detect MasterCard Datacash credentials\n\n## [3.0.6] - 2020-09-22\n### Changed\n- File searching now includes user who posted file via users.list API method\n- Logging field name changes = 'type' -> 'detection_type', 'detection' -> 'detection_data'\n\n## [3.0.5] - 2020-09-18\n### Changed\n- Updated output to strip quotes from query strings. This should allow better JSON parsing with more log ingestors\n- File searching was missing file type output in log data in some occasions, now fixed\n\n## [3.0.4] - 2020-09-10\n### Added\n- Added rules to search for:\n - CV files\n - Files and spreadsheets containing budget and salary information\n\n## [3.0.2] - 2020-09-06\n### Added\n- CHANGELOG to track updates\n- Small bug meant that PyPI installations weren't including the YAML rule files. This has now been fixed.\n\n### Changed\n- Top level dir renamed from `watchman` to `slack_watchman` to place nicer with PyPI\n\n## [3.0.0] - 2020-09-04\n### Added\n- Rules based searching\n- Logging options: Log file, Stdout, TCP stream\n- Deduplication of output\n- Refactor into slack_wrapper to use a class to create an API client\n\n### Changed\n- Top level dir renamed from `watchman` to `slack_watchman` to place nicer with PyPI\n\n### Removed\n- Custom search by CSV. This is now done by creating your own custom rule\n",
"bugtrack_url": null,
"license": "GPL-3.0",
"summary": "Monitoring and enumerating Slack for exposed secrets",
"version": "4.0.2",
"project_urls": {
"Homepage": "https://github.com/PaperMtn/slack-watchman"
},
"split_keywords": [
"audit",
"slack",
"slack-watchman",
"watchman",
"blue-team",
"red-team",
"threat-hunting"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "102d863b07e9064526fa0b5ee6a18e06a91a138feb96c6fe5613cd5800da20e6",
"md5": "ff6b52187b8d842e7e4e8f87ffed3aed",
"sha256": "2fbc097b3b022c6653cb309b17efb0e3f5eee9aca8fad013532fe3b7c6c09fd9"
},
"downloads": -1,
"filename": "slack_watchman-4.0.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "ff6b52187b8d842e7e4e8f87ffed3aed",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 38436,
"upload_time": "2023-06-14T20:07:07",
"upload_time_iso_8601": "2023-06-14T20:07:07.229666Z",
"url": "https://files.pythonhosted.org/packages/10/2d/863b07e9064526fa0b5ee6a18e06a91a138feb96c6fe5613cd5800da20e6/slack_watchman-4.0.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "92f8b606d5e4a76ddb78877967c15680fc9456083897e76605181e5ea4d01672",
"md5": "e3e45b21e970ea2a6936daae24189268",
"sha256": "8f05b5223f45f6168ed25f33a7b25ab5411c24edf2415ea9d5fa255f2935b681"
},
"downloads": -1,
"filename": "slack-watchman-4.0.2.tar.gz",
"has_sig": false,
"md5_digest": "e3e45b21e970ea2a6936daae24189268",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 41240,
"upload_time": "2023-06-14T20:07:09",
"upload_time_iso_8601": "2023-06-14T20:07:09.641772Z",
"url": "https://files.pythonhosted.org/packages/92/f8/b606d5e4a76ddb78877967c15680fc9456083897e76605181e5ea4d01672/slack-watchman-4.0.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-06-14 20:07:09",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "PaperMtn",
"github_project": "slack-watchman",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [],
"lcname": "slack-watchman"
}
JSON
