Q1 2024
Q1 2024
January
enhancement
Preview in Open Directory now works with uppercase extensions like .TXT by default
Preview in Open Directory now works with uppercase extensions like .TXT by default
enhancement
IOC Hunter now has a human in the loop to ensure the data is top quality all the time
IOC Hunter now has a human in the loop to ensure the data is top quality all the time
enhancement
Added open directory signature for W3ll phishing kit
Added open directory signature for W3ll phishing kit
New signatures
Ares, MuddyWater APT, Godzilla Loader, Ermac, Gh0st RAT, Kaiji, Neptune Loader, Noterce, Epsilon Stealer, Octopus, Winnti, Gozi
Ares, MuddyWater APT, Godzilla Loader, Ermac, Gh0st RAT, Kaiji, Neptune Loader, Noterce, Epsilon Stealer, Octopus, Winnti, Gozi
enhancement
Added 110 new tags to GitHub recon projects and exports to the Exposed Open Directories
Added 110 new tags to GitHub recon projects and exports to the Exposed Open Directories
Q4 2023
Q4 2023
December
enhancement
Added lists of Hosts and IPs to IOC Hunter page
Added lists of Hosts and IPs to IOC Hunter page
New signatures
JinxLoader, Axile Stealer
JinxLoader, Axile Stealer
enhancement
Added 230 new tags to GitHub recon projects and exports to the Exposed Open Directories
Added 230 new tags to GitHub recon projects and exports to the Exposed Open Directories
November
enhancement
Added IOC Hunter post links in IOC Hunter box on Dashboard page
Added IOC Hunter post links in IOC Hunter box on Dashboard page
new feature
Added new IOC Hunter page
Added new IOC Hunter page
New signatures
Serpent Stealer, Godzilla Loader, PlugX C2 Profile, IcedID
Serpent Stealer, Godzilla Loader, PlugX C2 Profile, IcedID
enhancement
Added 415 new tags to GitHub recon projects and exports to the Exposed Open Directories
Added 415 new tags to GitHub recon projects and exports to the Exposed Open Directories
October
new feature
Possibility to download list of new certificates as JSON file on Feeds page (Commercial)
Possibility to download list of new certificates as JSON file on Feeds page (Commercial)
enhancement
On Dashboard page New C2 Online and New Open directories are shown in tabs
On Dashboard page New C2 Online and New Open directories are shown in tabs
enhancement
Added Date, Software found, Tags and Hosting Company filters on Open Directories Page
Added Date, Software found, Tags and Hosting Company filters on Open Directories Page
new feature
Implementation of 2FA
Implementation of 2FA
new feature
Added Settings page on Dashboard
Added Settings page on Dashboard
Q3 2023
Q3 2023
September
new feature
Added Settings page on Dashboard
Added Settings page on Dashboard
new feature
Added Certificate page with new JA4X certificate info
Added Certificate page with new JA4X certificate info
new feature
Added new type for searching Open Directories on Advanced Search page
Added new type for searching Open Directories on Advanced Search page
new feature
Added pagination on Open Directory Search and removed 250 records limit
Added pagination on Open Directory Search and removed 250 records limit
New signatures
Unknown Android Malware, Easy Stealer
Unknown Android Malware, Easy Stealer
New signatures
Nessus VA, Unknown Android Malware, OWASP ZAP API
Nessus VA, Unknown Android Malware, OWASP ZAP API
new feature
Created Recent C2 Discoveries Page
Created Recent C2 Discoveries Page
new feature
Added copy button for the IPs on Overview page
Added copy button for the IPs on Overview page
enhancement
Syntax highlighting on JSON output
Syntax highlighting on JSON output
August
BUG FIX
Fixed links on Cobalt Strike Filters page
Fixed links on Cobalt Strike Filters page
enhancement
Added example links on Advanced Search
Added example links on Advanced Search
enhancement
Redirection to Dashboard page after login
Redirection to Dashboard page after login
enhancement
Added colors to the changelog items
Added colors to the changelog items
BUG FIX
Improved search box on Advanced search
Improved search box on Advanced search
BUG FIX
HTTPS → HTTP redirection when “is_ssl”: false
HTTPS → HTTP redirection when “is_ssl”: false
New signatures
Acunetix, SuperShell, Responder, ChaosRat, RedWarden, RedGuard, Mystic, AZORult
Acunetix, SuperShell, Responder, ChaosRat, RedWarden, RedGuard, Mystic, AZORult
BUG FIX
Improved Search by Actor in Sensors
Improved Search by Actor in Sensors
new feature
Added Dashboard Page
Added Dashboard Page
new feature
Added System wide Stats on Dashboard Page
Added System wide Stats on Dashboard Page
enhancement
Updated ASN data in our databases
Updated ASN data in our databases
enhancement
Updated lists of downloaded extensions in Open Directories to aide in investigations (added the following ASP.NET, PHP, C, C++ files)
Updated lists of downloaded extensions in Open Directories to aide in investigations (added the following ASP.NET, PHP, C, C++ files)
enhancement
Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 240)
Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 240)
July
enhancement
New data sources and signatures for Exposed Open Directories go identify more
New data sources and signatures for Exposed Open Directories go identify more
enhancement
Make external links more obvious with this icon
Make external links more obvious with this icon
enhancement
Added search by file name to Exposed Open Directory
Added search by file name to Exposed Open Directory
new feature
Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 230)
Added tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 230)
BUG FIX
Added TLS protocol check algorithm to fix misleading TLS data on IP search
Added TLS protocol check algorithm to fix misleading TLS data on IP search
Q2 2023
Q2 2023
June
improved detections
Protocols for TLS, DNS, FTP, mySQL, pop3, rdp, and Redis
Protocols for TLS, DNS, FTP, mySQL, pop3, rdp, and Redis
new detections
Protocols for OpenVPN, MS-NMF, netbios, mikroitk, and server exec
Protocols for OpenVPN, MS-NMF, netbios, mikroitk, and server exec
BUG FIX
Improved Siemens detection to exclude false positives
Improved Siemens detection to exclude false positives
New signatures
Araneida, Vidar
Araneida, Vidar
enhancement
Open Directories
Open Directories
May
new feature
Added extract IP info to Bulk Search
Added extract IP info to Bulk Search
enhancement
Added many ports for daily scanning cloud IPs
Added many ports for daily scanning cloud IPs
New signatures
Rengine, L3mon, Hak5, EvilGoPhish, Pupy, Hookbot, Daam, BianLian
Rengine, L3mon, Hak5, EvilGoPhish, Pupy, Hookbot, Daam, BianLian
April
new feature
Added OpenAI to determine actor intent of Open Directories
Added OpenAI to determine actor intent of Open Directories
New signatures
Added initial tracker version of : Havoc, Silver, Amadey, AgentTesla, VShel, IntectSh, Meterpreter, DcRat, BYoB
Added initial tracker version of : Havoc, Silver, Amadey, AgentTesla, VShel, IntectSh, Meterpreter, DcRat, BYoB
Q1 2023
Q1 2023
March
enhancement
Added Login Pages and Dark mode
Added Login Pages and Dark mode
New signatures
Titan Stealer, Orcus, Ursnif, Nexus, ImBetter, Opendir Malware, HightHawk
Titan Stealer, Orcus, Ursnif, Nexus, ImBetter, Opendir Malware, HightHawk
February
enhancement
Added Protocol fingerprinting and enriching API
Added Protocol fingerprinting and enriching API
New signatures
PixPirate, ARL, Viper, DarkComet, RapperBot, StealC
PixPirate, ARL, Viper, DarkComet, RapperBot, StealC
January
new feature
Added Open Directory search
Added Open Directory search
New signatures
Bitrat, RisePro, Mars Stealer, Shadowpad, Dacls, Alienbot, Lumma, Misha, Cova, Nosu, Spy-Agent, SystemBC, Brute Ratel, Posh C2, GoPhish, Burp Suite, BeEf, Mirai, Hydra, Ramnit, Rhadamanthys, Deimos C2, SharkStealer, Emotet
Bitrat, RisePro, Mars Stealer, Shadowpad, Dacls, Alienbot, Lumma, Misha, Cova, Nosu, Spy-Agent, SystemBC, Brute Ratel, Posh C2, GoPhish, Burp Suite, BeEf, Mirai, Hydra, Ramnit, Rhadamanthys, Deimos C2, SharkStealer, Emotet
Q4 2022
Q4 2022
December
enhancement
Added Actor and VPN Info
Added Actor and VPN Info
new feature
Created Bulk Search
Created Bulk Search
New signatures
mythic, Metasploit, Covenan, AsyncRAT, Raccoon, RedLine, Laplas, Aurora Stealer, Lokibot
mythic, Metasploit, Covenan, AsyncRAT, Raccoon, RedLine, Laplas, Aurora Stealer, Lokibot
November
New signatures
CobaltStike, qakbot, bumblebee
CobaltStike, qakbot, bumblebee
October
new feature
Created Search Pages
Created Search Pages
new feature
Created C2 Summary and Activity Pages
Created C2 Summary and Activity Pages
New signatures
Added Initial version of Cobalt Strike tracker
Added Initial version of Cobalt Strike tracker
Threat Hunting Platform - Hunt.io
Products
Hunt Intelligence, Inc.
Threat Hunting Platform - Hunt.io
Products
Hunt Intelligence, Inc.
Threat Hunting Platform - Hunt.io
Products
Hunt Intelligence, Inc.