Announcing Hunt APIs
Published on
Published on
Published on
Sep 17, 2024
Sep 17, 2024
Sep 17, 2024
Welcome to Hunt Enrichment APIs
Welcome to Hunt Enrichment APIs
Today Hunt is announcing our IP Enrichment API. You can get detailed data on every IPv4 Address and enrich any existing system.
Today Hunt is announcing our IP Enrichment API. You can get detailed data on every IPv4 Address and enrich any existing system.
API Documentation
API Documentation
Unlock the true potential of your IP addresses with our groundbreaking IP Enrichment API.
Unlock the true potential of your IP addresses with our groundbreaking IP Enrichment API.
Steps to using the API :
Steps to using the API :
Reach out to our team to get access for commercial (paid), demo or research purposes.
Create an API key.
Look at the IP Enrichment Guide.
Prototype with the IP Enrichment Reference.
Reach out to our team to get access for commercial (paid), demo or research purposes.
Create an API key.
Look at the IP Enrichment Guide.
Prototype with the IP Enrichment Reference.
Enrichment Data
Enrichment Data
| Category | Description |
|---|---|
| Certificates | SSL certificates fields and related hashes to them |
| Malware | Malware details of Hunt signatures hits |
| JARM | JARM hashes |
| Protocol | Protocol payloads detected on the IP |
| HTTP | Details about any HTTP data returned |
| Opendir | Open Directories detected on IP from AttackCaptureTM |
| Phishing | Phishing infrastructure found on the IP |
| Honey Pots | Inbound requests from the IP address to Honey Pots |
| Category | Description |
|---|---|
| Certificates | SSL certificates fields and related hashes to them |
| Malware | Malware details of Hunt signatures hits |
| JARM | JARM hashes |
| Protocol | Protocol payloads detected on the IP |
| HTTP | Details about any HTTP data returned |
| Opendir | Open Directories detected on IP from AttackCaptureTM |
| Phishing | Phishing infrastructure found on the IP |
| Honey Pots | Inbound requests from the IP address to Honey Pots |
Example Responses
Example Responses
TLS Certificates
Malware
JARM
Protocols
Open Directories
Honeypots
Phishing
"certificates": [
{
"HashHexedSha256": "D3D5759DFB5CC168DBF64F79D5F7006025C0AAA9BBF390B54DC1F125A358EF03",
"UUIDHexed": "2308568BF69FA6EDAD031AA7A732D59EDA9A6B2490C30CC9E665BD15B946DAFE",
"HashHexedSha1": "026F22DC7A8DB69B730EA4359A3569FE783E1768",
"HashHexedMd5": "0DA94C4DEC96C6E378DD6D02BE885B64",
"JA4X": "2166164053c1_2166164053c1_30d204a01551",
"SeenFirst": "2024-03-17T07:36:49",
"SeenLast": "2024-07-05T06:10:06",
"Serial": "971914974",
"NotBefore": "2024-03-11T08:16:35",
"NotAfter": "2024-06-09T08:16:35",
"SubjectCommonName": "Major Cobalt Strike",
"SubjectCountry": [
"Earth"
],
"SubjectOrganization": [
"cobaltstrike"
],
"SubjectOrganizationalUnit": [
"AdvancedPenTesting"
],
"SubjectLocality": [
"Somewhere"
],
"SubjectProvince": [
"Cyberspace"
],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "Major Cobalt Strike",
"IssuerCountry": [
"Earth"
],
"IssuerOrganization": [
"cobaltstrike"
],
"IssuerOrganizationalUnit": [
"AdvancedPenTesting"
],
"IssuerLocality": [
"Somewhere"
],
"IssuerProvince": [
"Cyberspace"
],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "0",
"ExtKeyUsage": "[]",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
},
{
"HashHexedSha256": "68C173F3A9B94616F9E7A4A568019ABF4F3F4DC5F72630A8AD695C85336D67EF",
"UUIDHexed": "B4AD1D34FA1ECE68F4FF83C78A5BEB809B160264B4902A7DDC5CE8F355303CD0",
"HashHexedSha1": "D2663405F896A5FE47DD866A30E46E675C5334A1",
"HashHexedMd5": "319AAE1738CA74568B37B77A17CF0FFF",
"JA4X": "7022c563de38_7022c563de38_e73b053161df",
"SeenFirst": "2024-01-31T10:08:55",
"SeenLast": "2024-06-28T12:36:15",
"Serial": "30105071081140588039153428523317290744",
"NotBefore": "2024-01-29T03:17:18",
"NotAfter": "2024-07-30T03:17:18",
"SubjectCommonName": "EC2AMAZ-VHT22G9",
"SubjectCountry": [],
"SubjectOrganization": [],
"SubjectOrganizationalUnit": [],
"SubjectLocality": [],
"SubjectProvince": [],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "EC2AMAZ-VHT22G9",
"IssuerCountry": [],
"IssuerOrganization": [],
"IssuerOrganizationalUnit": [],
"IssuerLocality": [],
"IssuerProvince": [],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "",
"ExtKeyUsage": "['ServerAuth']",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
},
{
"HashHexedSha256": "FF8A506CFD3550A60CC6B5ABB912164F2F214CC9366A5F157467B44519C208F1",
"UUIDHexed": "0268C00ECC6377838F89510F618253F639EE35728DA0D4AF63C5F0903A60E17E",
"HashHexedSha1": "F82AE9F456BA2148075854FD95AB763A363F5C75",
"HashHexedMd5": "203FF8B307E9B24F673A83F70FB6E2C4",
"JA4X": "7022c563de38_7022c563de38_e73b053161df",
"SeenFirst": "2024-07-01T12:42:20",
"SeenLast": "2024-07-01T12:42:20",
"Serial": "86282566764170796832333503968692302563",
"NotBefore": "2024-06-28T03:42:51",
"NotAfter": "2024-12-28T03:42:51",
"SubjectCommonName": "EC2AMAZ-VHT22G9",
"SubjectCountry": [],
"SubjectOrganization": [],
"SubjectOrganizationalUnit": [],
"SubjectLocality": [],
"SubjectProvince": [],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "EC2AMAZ-VHT22G9",
"IssuerCountry": [],
"IssuerOrganization": [],
"IssuerOrganizationalUnit": [],
"IssuerLocality": [],
"IssuerProvince": [],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "",
"ExtKeyUsage": "['ServerAuth']",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
}
],
TLS Certificates
Malware
JARM
Protocols
Open Directories
Honeypots
Phishing
"certificates": [
{
"HashHexedSha256": "D3D5759DFB5CC168DBF64F79D5F7006025C0AAA9BBF390B54DC1F125A358EF03",
"UUIDHexed": "2308568BF69FA6EDAD031AA7A732D59EDA9A6B2490C30CC9E665BD15B946DAFE",
"HashHexedSha1": "026F22DC7A8DB69B730EA4359A3569FE783E1768",
"HashHexedMd5": "0DA94C4DEC96C6E378DD6D02BE885B64",
"JA4X": "2166164053c1_2166164053c1_30d204a01551",
"SeenFirst": "2024-03-17T07:36:49",
"SeenLast": "2024-07-05T06:10:06",
"Serial": "971914974",
"NotBefore": "2024-03-11T08:16:35",
"NotAfter": "2024-06-09T08:16:35",
"SubjectCommonName": "Major Cobalt Strike",
"SubjectCountry": [
"Earth"
],
"SubjectOrganization": [
"cobaltstrike"
],
"SubjectOrganizationalUnit": [
"AdvancedPenTesting"
],
"SubjectLocality": [
"Somewhere"
],
"SubjectProvince": [
"Cyberspace"
],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "Major Cobalt Strike",
"IssuerCountry": [
"Earth"
],
"IssuerOrganization": [
"cobaltstrike"
],
"IssuerOrganizationalUnit": [
"AdvancedPenTesting"
],
"IssuerLocality": [
"Somewhere"
],
"IssuerProvince": [
"Cyberspace"
],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "0",
"ExtKeyUsage": "[]",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
},
{
"HashHexedSha256": "68C173F3A9B94616F9E7A4A568019ABF4F3F4DC5F72630A8AD695C85336D67EF",
"UUIDHexed": "B4AD1D34FA1ECE68F4FF83C78A5BEB809B160264B4902A7DDC5CE8F355303CD0",
"HashHexedSha1": "D2663405F896A5FE47DD866A30E46E675C5334A1",
"HashHexedMd5": "319AAE1738CA74568B37B77A17CF0FFF",
"JA4X": "7022c563de38_7022c563de38_e73b053161df",
"SeenFirst": "2024-01-31T10:08:55",
"SeenLast": "2024-06-28T12:36:15",
"Serial": "30105071081140588039153428523317290744",
"NotBefore": "2024-01-29T03:17:18",
"NotAfter": "2024-07-30T03:17:18",
"SubjectCommonName": "EC2AMAZ-VHT22G9",
"SubjectCountry": [],
"SubjectOrganization": [],
"SubjectOrganizationalUnit": [],
"SubjectLocality": [],
"SubjectProvince": [],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "EC2AMAZ-VHT22G9",
"IssuerCountry": [],
"IssuerOrganization": [],
"IssuerOrganizationalUnit": [],
"IssuerLocality": [],
"IssuerProvince": [],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "",
"ExtKeyUsage": "['ServerAuth']",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
},
{
"HashHexedSha256": "FF8A506CFD3550A60CC6B5ABB912164F2F214CC9366A5F157467B44519C208F1",
"UUIDHexed": "0268C00ECC6377838F89510F618253F639EE35728DA0D4AF63C5F0903A60E17E",
"HashHexedSha1": "F82AE9F456BA2148075854FD95AB763A363F5C75",
"HashHexedMd5": "203FF8B307E9B24F673A83F70FB6E2C4",
"JA4X": "7022c563de38_7022c563de38_e73b053161df",
"SeenFirst": "2024-07-01T12:42:20",
"SeenLast": "2024-07-01T12:42:20",
"Serial": "86282566764170796832333503968692302563",
"NotBefore": "2024-06-28T03:42:51",
"NotAfter": "2024-12-28T03:42:51",
"SubjectCommonName": "EC2AMAZ-VHT22G9",
"SubjectCountry": [],
"SubjectOrganization": [],
"SubjectOrganizationalUnit": [],
"SubjectLocality": [],
"SubjectProvince": [],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "EC2AMAZ-VHT22G9",
"IssuerCountry": [],
"IssuerOrganization": [],
"IssuerOrganizationalUnit": [],
"IssuerLocality": [],
"IssuerProvince": [],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "",
"ExtKeyUsage": "['ServerAuth']",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
}
],
TLS Certificates
Malware
JARM
Protocols
Open Directories
Honeypots
Phishing
"certificates": [
{
"HashHexedSha256": "D3D5759DFB5CC168DBF64F79D5F7006025C0AAA9BBF390B54DC1F125A358EF03",
"UUIDHexed": "2308568BF69FA6EDAD031AA7A732D59EDA9A6B2490C30CC9E665BD15B946DAFE",
"HashHexedSha1": "026F22DC7A8DB69B730EA4359A3569FE783E1768",
"HashHexedMd5": "0DA94C4DEC96C6E378DD6D02BE885B64",
"JA4X": "2166164053c1_2166164053c1_30d204a01551",
"SeenFirst": "2024-03-17T07:36:49",
"SeenLast": "2024-07-05T06:10:06",
"Serial": "971914974",
"NotBefore": "2024-03-11T08:16:35",
"NotAfter": "2024-06-09T08:16:35",
"SubjectCommonName": "Major Cobalt Strike",
"SubjectCountry": [
"Earth"
],
"SubjectOrganization": [
"cobaltstrike"
],
"SubjectOrganizationalUnit": [
"AdvancedPenTesting"
],
"SubjectLocality": [
"Somewhere"
],
"SubjectProvince": [
"Cyberspace"
],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "Major Cobalt Strike",
"IssuerCountry": [
"Earth"
],
"IssuerOrganization": [
"cobaltstrike"
],
"IssuerOrganizationalUnit": [
"AdvancedPenTesting"
],
"IssuerLocality": [
"Somewhere"
],
"IssuerProvince": [
"Cyberspace"
],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "0",
"ExtKeyUsage": "[]",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
},
{
"HashHexedSha256": "68C173F3A9B94616F9E7A4A568019ABF4F3F4DC5F72630A8AD695C85336D67EF",
"UUIDHexed": "B4AD1D34FA1ECE68F4FF83C78A5BEB809B160264B4902A7DDC5CE8F355303CD0",
"HashHexedSha1": "D2663405F896A5FE47DD866A30E46E675C5334A1",
"HashHexedMd5": "319AAE1738CA74568B37B77A17CF0FFF",
"JA4X": "7022c563de38_7022c563de38_e73b053161df",
"SeenFirst": "2024-01-31T10:08:55",
"SeenLast": "2024-06-28T12:36:15",
"Serial": "30105071081140588039153428523317290744",
"NotBefore": "2024-01-29T03:17:18",
"NotAfter": "2024-07-30T03:17:18",
"SubjectCommonName": "EC2AMAZ-VHT22G9",
"SubjectCountry": [],
"SubjectOrganization": [],
"SubjectOrganizationalUnit": [],
"SubjectLocality": [],
"SubjectProvince": [],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "EC2AMAZ-VHT22G9",
"IssuerCountry": [],
"IssuerOrganization": [],
"IssuerOrganizationalUnit": [],
"IssuerLocality": [],
"IssuerProvince": [],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "",
"ExtKeyUsage": "['ServerAuth']",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
},
{
"HashHexedSha256": "FF8A506CFD3550A60CC6B5ABB912164F2F214CC9366A5F157467B44519C208F1",
"UUIDHexed": "0268C00ECC6377838F89510F618253F639EE35728DA0D4AF63C5F0903A60E17E",
"HashHexedSha1": "F82AE9F456BA2148075854FD95AB763A363F5C75",
"HashHexedMd5": "203FF8B307E9B24F673A83F70FB6E2C4",
"JA4X": "7022c563de38_7022c563de38_e73b053161df",
"SeenFirst": "2024-07-01T12:42:20",
"SeenLast": "2024-07-01T12:42:20",
"Serial": "86282566764170796832333503968692302563",
"NotBefore": "2024-06-28T03:42:51",
"NotAfter": "2024-12-28T03:42:51",
"SubjectCommonName": "EC2AMAZ-VHT22G9",
"SubjectCountry": [],
"SubjectOrganization": [],
"SubjectOrganizationalUnit": [],
"SubjectLocality": [],
"SubjectProvince": [],
"SubjectStreetAddress": [],
"SubjectPostalCode": [],
"SubjectSubjectSerialNumber": "",
"IssuerCommonName": "EC2AMAZ-VHT22G9",
"IssuerCountry": [],
"IssuerOrganization": [],
"IssuerOrganizationalUnit": [],
"IssuerLocality": [],
"IssuerProvince": [],
"IssuerStreetAddress": [],
"IssuerPostalCode": [],
"IssuerSubjectSerialNumber": "",
"PolicyIdentifiers": "",
"SignatureAlgorithm": "SHA256-RSA",
"PrivateKey_BitLength": 256,
"PrivateKey_Type": "RSA",
"KeyUsage": "",
"ExtKeyUsage": "['ServerAuth']",
"DNSNames": [],
"EmailAddresses": [],
"IPAddresses": [],
"URIs": [],
"IssuingCertificateURL": [],
"IsCA": 0,
"MaxPathLen": 0,
"MaxPathLenZero": 0,
"OCSPServer": [],
"hostnames": ""
}
],
Conclusion
Conclusion
We are committed to giving defenders access to the tools they need to understand how attackers attack. Our roadmap includes lots of additions to correlate activity as well as get access to data that will help you move the needle of defending and hunting. Please feel free to reach out to us for a demo or inquire about feeds or commercial access pricing.
We are committed to giving defenders access to the tools they need to understand how attackers attack. Our roadmap includes lots of additions to correlate activity as well as get access to data that will help you move the needle of defending and hunting. Please feel free to reach out to us for a demo or inquire about feeds or commercial access pricing.
©2024
Hunt Intelligence, Inc.
©2024
Hunt Intelligence, Inc.
©2024
Hunt Intelligence, Inc.