This token creates a fake WebDAV endpoint at /webdav/{token}/.
Attackers using tools like nmap, nuclei, or WebDAV scanners will trigger it
when they send PROPFIND, OPTIONS, or other WebDAV requests.
âī¸ Mimics Exposed Cloud Buckets
Creates fake cloud storage URLs that look like exposed buckets. Attackers scanning
for .s3.amazonaws.com, storage.googleapis.com, or similar
endpoints in exposed configs/documentation will trigger alerts. Returns realistic
"Access Denied" responses to encourage further probing.
If set, visitors are redirected instead of seeing 404
Token Created!
Save this URL - anyone who accesses it will trigger an alert:
Embed in HTML/email:
Your Tokens
Loading...
Settings
Loading...
Alerts for your canary tokens are sent here
Leave empty to use default (mo@mitchellolson.cloud)