slack watchman: Monitoring you Slack workspaces for sensitive information

Slack Watchman

Slack Watchman is an application that uses the Slack API to look for potentially sensitive data exposed in your Slack workspaces.

 

Features

It searches for, and reports back on:

  • Externally shared channels
  • Potential leaked passwords
  • AWS Keys
  • GCP keys
  • Slack API keys
  • Private keys
  • Bank card details
  • Certificate files
  • Potentially interesting/malicious files (.docm, .xlsm, .zip etc.)

It also gives the following, which can be used for general auditing:

  • All channels
  • All users
  • All admins

Time-based searching

You can run Slack Watchman to look for results going back as far as:

  • 24 hours
  • 7 days
  • 30 days
  • All-time

This means after one deep scan, you can schedule it to run regularly and only return results from your chosen timeframe.

Install && Use

Copyright (C) 2020 PaperMtn