Announcing Hunt 2.4
Smarter Data and Better Views
Announcing Hunt 2.4
Smarter Data and Better Views
Announcing Hunt 2.4
Smarter Data and Better Views
Published on
Published on
Published on
Jul 15, 2025
Jul 15, 2025
Jul 15, 2025
We're on a roll with releases. After introducing Hunt 2.2 (released April 15, 2025) and announcing Hunt 2.3 (released May 20, 2025), here comes Hunt 2.4!
This new version expands how you pivot and search, with smarter data collection, archive unpacking for deeper code visibility, and several upgrades across phishing intelligence and domain enrichment.
Here's a quick snapshot of what's new:
| Feature | What's New? |
|---|---|
| UX Improvements | Improved grid views, filtering, and new visual components across HostingRadar™, SQL Search, and IP Search |
| AttackCapture™ | ZIP, and similar archive types are now automatically extracted and searchable within AttackCapture™ |
| HuntSQL™ | HTTP + HTML Field Expansion |
| IOC Hunter | Added filters for better search. |
| Phishing | New Phishing Kit Details Page and expanded Phishing Kits List. |
| HuntSQL™ | Dozens of new HTTP, HTML, and hash fields now exposed for SQL investigation |
| Bug Fixes | Malware search updated to query all 3,500+ malware, and cleaned AttackCapture™ GitHub categories. |
AttackCapture™
Code Search: ZIPs, and other common archive types in AttackCapture™ are now automatically unzipped and indexed.
HuntSQL™
HTTP + HTML Field Expansion: We've added dozens of new fields to expose richer HTTP and HTML data in SQL investigations. The schema has been redesigned to follow a cleaner and more intuitive structure. Fields are now grouped under logical categories like http.headers., html.head., and html.hash.*, making it easier to navigate and understand the data.
Naming is now consistent across hash types (.sha256, .ssdeep, .tlsh) and text formats (.raw.content, .redacted.content). This organization helps surface related fields faster, improves autocomplete, and reduces the learning curve. All updates are live in the httpv2 table, while the original http table remains unchanged.
New Cheat Sheets: We've added cheat sheets for functions, operators, and time to the SQL editor. This feature provides users with quick references to things to keep people hunting and not figuring out queries.
IOC Hunter
New Filters: Filters make it easy to find posts about a specific threat actor or from specific sources.
Phishing Infrastructure
New Phishing Kit Details Page: A new Phishing Kit Details page provides in-depth information about individual phishing kits identified on the platform. It consolidates key details in a clear, actionable format, helping threat analysts quickly assess and understand phishing threats.
Expanded Phishing Kits List: We've expanded the Phishing Kits List functionality to include over 1,400 phishing kits. We've also added support for filtering by multiple brand domains simultaneously, and a sorting functionality for phishing kits by Extracted Directory Size and File Count in both ascending and descending order.
General Updates
Hosting Information: We've added the hosting company name + 200 more hosting company descriptions to HostRadar.
Malware Search: We improved the Malware Search functionality by adding support for filtering the malware list by malware name for faster and more precise threat hunting.
Bulk Extractor/Enricher: Cleaned up the U/I.
IP History Widget: Improved performance for a better UX.
Bug Fixes
Malware search: Updated to query all 3,500+ malware names instead of just 200.
GitHub Tags: GitHub tags in AttackCapture™ were refined, with some removed and others added.
AttackCapture™ Sha256 Search: cleaner U/I that retains the SHA256 in the search box and displays the size of the file better.
HostRadar: Fixed Alibaba variants that were erroring.
Horizontal Scrolling Fixes: Removed unnecessary scrolling from several places (like history screens when IP Searching).
Domain Search: Fixed an issue where open directories were not appearing in domain search results. They are now properly included.
Hunt 2.4 brings deeper visibility, smarter navigation, and better structure across investigations. It's built to support the way threat hunters explore real data, with faster pivots, richer context, and more control. And more improvements are on the way soon.
We're on a roll with releases. After introducing Hunt 2.2 (released April 15, 2025) and announcing Hunt 2.3 (released May 20, 2025), here comes Hunt 2.4!
This new version expands how you pivot and search, with smarter data collection, archive unpacking for deeper code visibility, and several upgrades across phishing intelligence and domain enrichment.
Here's a quick snapshot of what's new:
| Feature | What's New? |
|---|---|
| UX Improvements | Improved grid views, filtering, and new visual components across HostingRadar™, SQL Search, and IP Search |
| AttackCapture™ | ZIP, and similar archive types are now automatically extracted and searchable within AttackCapture™ |
| HuntSQL™ | HTTP + HTML Field Expansion |
| IOC Hunter | Added filters for better search. |
| Phishing | New Phishing Kit Details Page and expanded Phishing Kits List. |
| HuntSQL™ | Dozens of new HTTP, HTML, and hash fields now exposed for SQL investigation |
| Bug Fixes | Malware search updated to query all 3,500+ malware, and cleaned AttackCapture™ GitHub categories. |
AttackCapture™
Code Search: ZIPs, and other common archive types in AttackCapture™ are now automatically unzipped and indexed.
HuntSQL™
HTTP + HTML Field Expansion: We've added dozens of new fields to expose richer HTTP and HTML data in SQL investigations. The schema has been redesigned to follow a cleaner and more intuitive structure. Fields are now grouped under logical categories like http.headers., html.head., and html.hash.*, making it easier to navigate and understand the data.
Naming is now consistent across hash types (.sha256, .ssdeep, .tlsh) and text formats (.raw.content, .redacted.content). This organization helps surface related fields faster, improves autocomplete, and reduces the learning curve. All updates are live in the httpv2 table, while the original http table remains unchanged.
New Cheat Sheets: We've added cheat sheets for functions, operators, and time to the SQL editor. This feature provides users with quick references to things to keep people hunting and not figuring out queries.
IOC Hunter
New Filters: Filters make it easy to find posts about a specific threat actor or from specific sources.
Phishing Infrastructure
New Phishing Kit Details Page: A new Phishing Kit Details page provides in-depth information about individual phishing kits identified on the platform. It consolidates key details in a clear, actionable format, helping threat analysts quickly assess and understand phishing threats.
Expanded Phishing Kits List: We've expanded the Phishing Kits List functionality to include over 1,400 phishing kits. We've also added support for filtering by multiple brand domains simultaneously, and a sorting functionality for phishing kits by Extracted Directory Size and File Count in both ascending and descending order.
General Updates
Hosting Information: We've added the hosting company name + 200 more hosting company descriptions to HostRadar.
Malware Search: We improved the Malware Search functionality by adding support for filtering the malware list by malware name for faster and more precise threat hunting.
Bulk Extractor/Enricher: Cleaned up the U/I.
IP History Widget: Improved performance for a better UX.
Bug Fixes
Malware search: Updated to query all 3,500+ malware names instead of just 200.
GitHub Tags: GitHub tags in AttackCapture™ were refined, with some removed and others added.
AttackCapture™ Sha256 Search: cleaner U/I that retains the SHA256 in the search box and displays the size of the file better.
HostRadar: Fixed Alibaba variants that were erroring.
Horizontal Scrolling Fixes: Removed unnecessary scrolling from several places (like history screens when IP Searching).
Domain Search: Fixed an issue where open directories were not appearing in domain search results. They are now properly included.
Hunt 2.4 brings deeper visibility, smarter navigation, and better structure across investigations. It's built to support the way threat hunters explore real data, with faster pivots, richer context, and more control. And more improvements are on the way soon.
Related Posts:
Hunt 2.3 is here: analyst-driven insights, easier pivots, better phishing workflows, and full SSO support for enterprise teams.
Hunt 2.3 is here: analyst-driven insights, easier pivots, better phishing workflows, and full SSO support for enterprise teams.
Explore Hunt 2.2: Auto-unpack zips in AttackCapture™, smarter SQL with WHOIS and Nmap, and full IP history consolidation, track abused hosting with Host Radar, and more.
Explore Hunt 2.2: Auto-unpack zips in AttackCapture™, smarter SQL with WHOIS and Nmap, and full IP history consolidation, track abused hosting with Host Radar, and more.
Discover the new Hunt.io updates: deep text assisted analysis, IOC feed improvements, improved threat actor data, and faster advanced search. Learn more.
Discover the new Hunt.io updates: deep text assisted analysis, IOC feed improvements, improved threat actor data, and faster advanced search. Learn more.
Hunt 2.3 is here: analyst-driven insights, easier pivots, better phishing workflows, and full SSO support for enterprise teams.
Explore Hunt 2.2: Auto-unpack zips in AttackCapture™, smarter SQL with WHOIS and Nmap, and full IP history consolidation, track abused hosting with Host Radar, and more.
Discover the new Hunt.io updates: deep text assisted analysis, IOC feed improvements, improved threat actor data, and faster advanced search. Learn more.
Get biweekly intelligence to hunt adversaries before they strike.
Products
Hunt Intelligence, Inc.
Get biweekly intelligence to hunt adversaries before they strike.
Products
Hunt Intelligence, Inc.
Get biweekly intelligence to hunt adversaries before they strike.
Products
Hunt Intelligence, Inc.