Skip to content

the5orcerer/canary

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

8 Commits
.gitignore
.gitignore
Β 
Β 
README.md
README.md
Β 
Β 
go.mod
go.mod
Β 
Β 
main.go
main.go
Β 
Β 

Repository files navigation

🐦 Canary - OAST Canary Token Injector for Bug Bounty Hunting

Canary is a blazing-fast, multithreaded Go tool designed to inject OAST-powered canary tokens into URLs or raw HTTP requests.
Perfect for bug bounty hunters to detect SSRF, XSS, and other data-leaking vulnerabilities silently.

πŸš€ Features

  • ⚑ High-speed multithreaded injection (Go powered)
  • πŸ”— Automatic canary token generation (timestamp, custom string, or numeric range)
  • 🧬 Support for URL and raw HTTP request modes
  • πŸ› οΈ Parameter targeting, prefix/suffix support, and original value preservation
  • 🧾 Logging of changed lines and flexible output options
  • πŸ” Verbose and quiet modes for your workflow

πŸ“¦ Installation

Clone the repository and build the binary:

go install github.com/the5orcerer/Canary@latest

πŸ§‘β€πŸ’» Usage

cat urls.txt | canary -oa .oast.me -c timestamp -o output.txt

Or with raw HTTP request input:

canary -f raw_requests.txt -r -oa .oast.me -c mytoken -a -k -l log.txt

🧰 Options

Flag Description
-oa, --oast OAST domain to use (e.g. .oast.me)
-c, --canary Canary mode: timestamp, custom string (e.g. mytoken), or range (e.g. 1-10)
-o, --output Output file path (default: requests.dreq)
-s, --suffix Add suffix to token
-p, --prefix Add prefix to token
-d, --delimiter Delimiter between token and OAST (e.g. - β†’ timestamp-oast.me)
-k, --keep Keep original param value and append token
-a, --all Replace all matching parameters
-t, --target Comma-separated list of target parameters
-f, --file Read input from file
-r, --raw Enable raw HTTP request mode
-l, --log Log replaced lines to a file
-v, --verbose Verbose mode
-q, --quiet Quiet mode
-h, --help Show help menu

πŸ“Œ Example Scenarios

Inject a timestamp-based token into all parameters:

cat urls.txt | canary -oa .oast.site -c timestamp -o output.txt

Use a static token with a suffix and delimiter:

cat list.txt | canary -oa .oast.live -c mycanary -s ".track" -d "-" -o traced.txt

Use range-based canary tokens on only specific parameters:

canary -f data.txt -c 1-100 -t id,user -a -k -oa .oast.me -l changed.log

πŸ“„ Output

  • Injected lines go to your specified output file.
  • Logs (before β†’ after) can optionally be saved using -l.
  • No input? A friendly message and exit β€” no stack traces here.

🀝 Contributing

Found a bug or want to improve it? PRs are welcome! Help evolve this tool for the bounty hunting community.

πŸ§™β€β™‚οΈ Author

Crafted with ❀️ by @rootplinix

About

Canary is your silent payload assassin β€” inject OAST-powered canary tokens into targets at blazing speed. Built for bug bounty hunters who track leaks before they scream πŸ•΅οΈβ€β™‚οΈπŸ’₯

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

Initial Canary Release Latest
Jun 5, 2025

Packages

 
 
 

Contributors

Languages