Hunt Change Log

Q2 2024

April

  • ENHANCEMENT
    Added a “Book your Free Demo” button at the right of top floating menu
  • ENHANCEMENT
    Redesign of Login button
  • NEW FEATURE
    Added C2 Infrastructure Landing Page, IOC Hunter Landing Page and Logo and Branding Landing Page
  • ENHANCEMENT
    Added new Footer
with ‘Latest News’ section on public pages
  • ENHANCEMENT
    Added 156 new tags to GitHub recon projects and exports to the Exposed Open Directories

Q1 2024

March

  • ENHANCEMENT
    Added left side navigation on pages: Advanced search, C2 Infrastructure, Open directory, IOC hunter, Global Sensors
  • ENHANCEMENT
    New design for Dashboard page
  • ENHANCEMENT
    Added ‘Anycast’ which labels global IPs
  • ENHANCEMENT
    Added ‘Last Seen’ column for keyword searches on Open Directories page
  • NEW SIGNATURES
    DayBreak, PrismX, APT Gamaredon, Fletchen, BlueShell Backdoor, Tactical RMM
  • ENHANCEMENT
    Added 98 new tags to GitHub recon projects and exports to the Exposed Open Directories

February

  • ENHANCEMENT
    Added counter for Certificate data (Ja4x Info)
  • ENHANCEMENT
    New page design for Advanced search - added sha256 counter
  • ENHANCEMENT
    New design for Search page
  • NEW SIGNATURES
    Power Stealer
  • ENHANCEMENT
    Added ‘first seen’ and ‘last seen’ column on IP Overview page
  • ENHANCEMENT
    Added 78 new tags to GitHub recon projects and exports to the Exposed Open Directories

January

  • ENHANCEMENT
    Preview in Open Directory now works with uppercase extensions like .TXT by default
  • ENHANCEMENT
    IOC Hunter now has a human in the loop to ensure the data is top quality all the time
  • ENHANCEMENT
    Added open directory signature for W3ll phishing kit
  • NEW SIGNATURES
    Ares, MuddyWater APT, Godzilla Loader, Ermac, Gh0st RAT, Kaiji, Neptune Loader, Noterce, Epsilon Stealer, Octopus, Winnti, Gozi
  • ENHANCEMENT
    Added 110 new tags to GitHub recon projects and exports to the Exposed Open Directories

Q4 2023

December

  • ENHANCEMENT
    Added lists of Hosts and IPs to IOC Hunter page
  • NEW SIGNATURES
    JinxLoader, Axile Stealer
  • ENHANCEMENT
    Added 230 new tags to GitHub recon projects and exports to the Exposed Open Directories

November

  • ENHANCEMENT
    Added IOC Hunter post links in IOC Hunter box on Dashboard page
  • NEW FEATURE
    Added new IOC Hunter page
    images/changelog/img_log-new-IOC-Hunter-page.webp
  • NEW SIGNATURES
    Serpent Stealer, Godzilla Loader, PlugX C2 Profile, IcedID
  • ENHANCEMENT
    Added 415 new tags to GitHub recon projects and exports to the Exposed Open Directories

October

  • NEW FEATURE
    Commercial customers can now subscribe to a feed to download new certificates found - Email [email protected] for a trial
    images/changelog/img_log-download-list-of-new-certificates-as-JSON-file.webp
  • ENHANCEMENT
    On the Dashboard, New C2 Online and New Open directories are shown in tabs
    images/changelog/img_log-New-C2-Online-and-New-Open-directories-are-shown-in-tabs.webp
  • ENHANCEMENT
    Created Filters for the Open Directories Tool - including Date, Software and Hosting Company
    images/changelog/img_log-filters-on-Open-Directories-Page.webp
  • NEW FEATURE
    Hunt.io now supports 2FA using Google Authenticator for all users
    images/changelog/img_log-Implementation-of-2FA.webp
  • NEW FEATURE
    Added a link to Settings from the Dashboard
    images/changelog/img_log-Added-Settings-page.webp
  • NEW SIGNATURES
    Gotham Stealer, Pikabot, SolarMarker, Socks5Systemz, Artemis RAT, MITRE Caldera, Bandit Stealer, ATOMIC Stealer, Meduza
  • ENHANCEMENT
    Added 360 new tags to GitHub recon projects and exports to the Exposed Open Directories

Q3 2023

September

  • NEW FEATURE
    Added new Certificate page with JA4X certificate info
    images/changelog/img-log-new-ja4x-certificate-info.webp
  • NEW FEATURE
    Added new search type ‘Opendir files’ for searching Open Directories on Advanced Search page
    images/changelog/img-log-searching-open-directories-on-advanced-search-page.webp
  • ENHANCEMENT
    Added pagination on Open Directory Search and removed 250 records limit
    images/changelog/img-log-pagination-on-open-directory-search.webp
  • NEW SIGNATURES
    Unknown Android Malware, Easy Stealer, Nessus VA and OWASP ZAP API
    images/changelog/img-log-two-new-signatures-unknown-android-malware-easy-stealer.webp
  • ENHANCEMENT
    Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 391)
  • NEW FEATURE
    Created Recent C2 Discoveries Page
    images/changelog/Recent_C2_Discoveries.webp
  • NEW FEATURE
    Added copy button for the IPs on Overview page
    images/changelog/added_copy.webp
  • ENHANCEMENT
    Syntax highlighting on JSON output
    images/changelog/highlight-json.webp

August

  • BUG FIX
    Fixed links on Cobalt Strike Filters page
  • ENHANCEMENT
    Added example links on Advanced Search
    images/changelog/links-on-advanced-search.webp
  • ENHANCEMENT
    Redirection to Dashboard page after login
    images/changelog/dashboard-page-after-login.webp
  • ENHANCEMENT
    Added colors to the changelog items
    images/changelog/colors-changelog-items.webp
  • BUG FIX
    Improved search box on Advanced search
  • BUG FIX
    HTTPS → HTTP redirection when is_ssl: false
  • NEW SIGNATURES
    Acunetix, SuperShell, Responder, ChaosRat, RedWarden, RedGuard, Mystic, AZORult
    images/changelog/new-signatures.webp
  • BUG FIX
    Improved Search by Actor in Sensors
  • NEW FEATURE
    Added Dashboard Page
    images/changelog/dashboard-page.webp
  • NEW FEATURE
    Added System wide Stats on Dashboard Page
    images/changelog/stats.webp
  • ENHANCEMENT
    Updated ASN data in our databases
  • ENHANCEMENT
    Updated lists of downloaded extensions in Open Directories to aide in investigations (added the following ASP.NET, PHP, C, C++ files)
  • ENHANCEMENT
    Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 439)

July

  • ENHANCEMENT
    New data sources and signatures for Exposed Open Directories go identify more
  • ENHANCEMENT
    Make external links more obvious with this icon
  • ENHANCEMENT
    Added search by file name to Exposed Open Directory
    images/changelog/search-opendir.webp
  • NEW FEATURE
    Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 230)
    images/changelog/tagging.webp
  • BUG FIX
    Added TLS protocol check algorithm to fix misleading TLS data on IP search

Q2 2023

June

  • IMPROVED DETECTIONS
    Protocols for TLS, DNS, FTP, mySQL, pop3, rdp, and Redis
  • NEW DETECTIONS
    Protocols for OpenVPN, MS-NMF, netbios, mikroitk, and server exec
  • BUG FIX
    Improved Siemens detection to exclude false positives
  • NEW SIGNATURES
    Araneida, Vidar
  • ENHANCEMENT
    Open Directories

May

  • NEW FEATURE
    Added extract IP info to Bulk Search
  • ENHANCEMENT
    Added many ports for daily scanning cloud IPs
  • NEW SIGNATURES
    Rengine, L3mon, Hak5, EvilGoPhish, Pupy, Hookbot, Daam, BianLian

April

  • NEW FEATURE
    Added OpenAI to determine actor intent of Open Directories
  • NEW SIGNATURES
    Added initial tracker version of : Havoc, Silver, Amadey, AgentTesla, VShel, IntectSh, Meterpreter, DcRat, BYoB

Q1 2023

March

  • ENHANCEMENT
    Added Login Pages and Dark mode
  • NEW SIGNATURES
    Titan Stealer, Orcus, Ursnif, Nexus, ImBetter, Opendir Malware, HightHawk

February

  • ENHANCEMENT
    Added Protocol fingerprinting and enriching API
  • NEW SIGNATURES
    PixPirate, ARL, Viper, DarkComet, RapperBot, StealC

January

  • NEW FEATURE
    Added Open Directory search
  • NEW SIGNATURES
    Bitrat, RisePro, Mars Stealer, Shadowpad, Dacls, Alienbot, Lumma, Misha, Cova, Nosu, Spy-Agent, SystemBC, Brute Ratel, Posh C2, GoPhish, Burp Suite, BeEf, Mirai, Hydra, Ramnit, Rhadamanthys, Deimos C2, SharkStealer, Emotet

Q4 2022

December

  • ENHANCEMENT
    Added Actor and VPN Info
  • NEW FEATURE
    Created Bulk Search
  • NEW SIGNATURES
    mythic, Metasploit, Covenan, AsyncRAT, Raccoon, RedLine, Laplas, Aurora Stealer, Lokibot

November

  • NEW SIGNATURES
    CobaltStike, qakbot, bumblebee

October

  • NEW FEATURE
    Created Search Pages
  • NEW FEATURE
    Created C2 Summary and Activity Pages
  • NEW SIGNATURES
    Added Initial version of Cobalt Strike tracker