Announcing IOC-Hunter Read Now
Announcing IOC-Hunter
Read Now

Hunt Change Log

Q4 2023

November

Contents

  • ENHANCEMENT
    Added IOC Hunter post links in IOC Hunter box on Dashboard page
  • NEW FEATURE
    Added new IOC Hunter page
    images/changelog/img_log-new IOC Hunter page.png
  • NEW SIGNATURES
    Serpent Stealer, Godzilla Loader, PlugX C2 Profile
  • ENHANCEMENT
    Added 310 new tags to GitHub recon projects and exports to the Exposed Open Directories

October

  • NEW FEATURE
    Commercial customers can now subscribe to a feed to download new certificates found - Email [email protected] for a trial
    images/changelog/img_log-download list of new certificates as JSON file.png
  • ENHANCEMENT
    On the Dashboard, New C2 Online and New Open directories are shown in tabs
    images/changelog/img_log-New C2 Online and New Open directories are shown in tabs.png
  • ENHANCEMENT
    Created Filters for the Open Directories Tool - including Date, Software and Hosting Company
    images/changelog/img_log-filters on Open Directories Page.png
  • NEW FEATURE
    Hunt.io now supports 2FA using Google Authenticator for all users
    images/changelog/img_log-Implementation of 2FA.png
  • NEW FEATURE
    Added a link to Settings from the Dashboard
    images/changelog/img_log-Added Settings page.png
  • NEW SIGNATURES
    Gotham Stealer, Pikabot, SolarMarker, Socks5Systemz, Artemis RAT, MITRE Caldera, Bandit Stealer, ATOMIC Stealer, Meduza
  • ENHANCEMENT
    Added 360 new tags to GitHub recon projects and exports to the Exposed Open Directories

Q3 2023

September

  • NEW FEATURE
    Added new Certificate page with JA4X certificate info
    images/changelog/img-log-new-ja4x-certificate-info.png
  • NEW FEATURE
    Added new search type ‘Opendir files’ for searching Open Directories on Advanced Search page
    images/changelog/img-log-searching-open-directories-on-advanced-search-page.png
  • ENHANCEMENT
    Added pagination on Open Directory Search and removed 250 records limit
    images/changelog/img-log-pagination-on-open-directory-search.png
  • NEW SIGNATURES
    Unknown Android Malware, Easy Stealer, Nessus VA and OWASP ZAP API
    images/changelog/img-log-two-new-signatures-unknown-android-malware-easy-stealer.png
  • ENHANCEMENT
    Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 391)
  • NEW FEATURE
    Created Recent C2 Discoveries Page
    images/changelog/Recent_C2_Discoveries.png
  • NEW FEATURE
    Added copy button for the IPs on Overview page
    images/changelog/added_copy.png
  • ENHANCEMENT
    Syntax highlighting on JSON output
    images/changelog/highlight-json.png

August

  • BUG FIX
    Fixed links on Cobalt Strike Filters page
  • ENHANCEMENT
    Added example links on Advanced Search
    images/changelog/links-on-advanced-search.png
  • ENHANCEMENT
    Redirection to Dashboard page after login
    images/changelog/dashboard-page-after-login.png
  • ENHANCEMENT
    Added colors to the changelog items
    images/changelog/colors-changelog-items.png
  • BUG FIX
    Improved search box on Advanced search
  • BUG FIX
    HTTPS → HTTP redirection when is_ssl: false
  • NEW SIGNATURES
    Acunetix, SuperShell, Responder, ChaosRat, RedWarden, RedGuard, Mystic, AZORult
    images/changelog/new-signatures.png
  • BUG FIX
    Improved Search by Actor in Sensors
  • NEW FEATURE
    Added Dashboard Page
    images/changelog/dashboard-page.png
  • NEW FEATURE
    Added System wide Stats on Dashboard Page
    images/changelog/stats.png
  • ENHANCEMENT
    Updated ASN data in our databases
  • ENHANCEMENT
    Updated lists of downloaded extensions in Open Directories to aide in investigations (added the following ASP.NET, PHP, C, C++ files)
  • ENHANCEMENT
    Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 439)

July

  • ENHANCEMENT
    New data sources and signatures for Exposed Open Directories go identify more
  • ENHANCEMENT
    Make external links more obvious with this icon
  • ENHANCEMENT
    Added search by file name to Exposed Open Directory
    images/changelog/search-opendir.png
  • NEW FEATURE
    Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 230)
    images/changelog/tagging.png
  • BUG FIX
    Added TLS protocol check algorithm to fix misleading TLS data on IP search

Q2 2023

June

  • IMPROVED DETECTIONS
    Protocols for TLS, DNS, FTP, mySQL, pop3, rdp, and Redis
  • NEW DETECTIONS
    Protocols for OpenVPN, MS-NMF, netbios, mikroitk, and server exec
  • BUG FIX
    Improved Siemens detection to exclude false positives
  • NEW SIGNATURES
    Araneida, Vidar
  • ENHANCEMENT
    Open Directories

May

  • NEW FEATURE
    Added extract IP info to Bulk Search
  • ENHANCEMENT
    Added many ports for daily scanning cloud IPs
  • NEW SIGNATURES
    Rengine, L3mon, Hak5, EvilGoPhish, Pupy, Hookbot, Daam, BianLian

April

  • NEW FEATURE
    Added OpenAI to determine actor intent of Open Directories
  • NEW SIGNATURES
    Added initial tracker version of : Havoc, Silver, Amadey, AgentTesla, VShel, IntectSh, Meterpreter, DcRat, BYoB

Q1 2023

March

  • ENHANCEMENT
    Added Login Pages and Dark mode
  • NEW SIGNATURES
    Titan Stealer, Orcus, Ursnif, Nexus, ImBetter, Opendir Malware, HightHawk

February

  • ENHANCEMENT
    Added Protocol fingerprinting and enriching API
  • NEW SIGNATURES
    PixPirate, ARL, Viper, DarkComet, RapperBot, StealC

January

  • NEW FEATURE
    Added Open Directory search
  • NEW SIGNATURES
    Bitrat, RisePro, Mars Stealer, Shadowpad, Dacls, Alienbot, Lumma, Misha, Cova, Nosu, Spy-Agent, SystemBC, Brute Ratel, Posh C2, GoPhish, Burp Suite, BeEf, Mirai, Hydra, Ramnit, Rhadamanthys, Deimos C2, SharkStealer, Emotet

Q4 2022

December

  • ENHANCEMENT
    Added Actor and VPN Info
  • NEW FEATURE
    Created Bulk Search
  • NEW SIGNATURES
    mythic, Metasploit, Covenan, AsyncRAT, Raccoon, RedLine, Laplas, Aurora Stealer, Lokibot

November

  • NEW SIGNATURES
    CobaltStike, qakbot, bumblebee

October

  • NEW FEATURE
    Created Search Pages
  • NEW FEATURE
    Created C2 Summary and Activity Pages
  • NEW SIGNATURES
    Added Initial version of Cobalt Strike tracker