Hunt Change Log
Q4 2023
November
Contents
- ENHANCEMENTAdded IOC Hunter post links in IOC Hunter box on Dashboard page
- NEW FEATUREAdded new IOC Hunter page
- NEW SIGNATURESSerpent Stealer, Godzilla Loader, PlugX C2 Profile
- ENHANCEMENTAdded 310 new tags to GitHub recon projects and exports to the Exposed Open Directories
October
- NEW FEATURECommercial customers can now subscribe to a feed to download new certificates found - Email [email protected] for a trial
- ENHANCEMENTOn the Dashboard, New C2 Online and New Open directories are shown in tabs
- ENHANCEMENTCreated Filters for the Open Directories Tool - including Date, Software and Hosting Company
- NEW FEATUREHunt.io now supports 2FA using Google Authenticator for all users
- NEW FEATUREAdded a link to Settings from the Dashboard
- NEW SIGNATURESGotham Stealer, Pikabot, SolarMarker, Socks5Systemz, Artemis RAT, MITRE Caldera, Bandit Stealer, ATOMIC Stealer, Meduza
- ENHANCEMENTAdded 360 new tags to GitHub recon projects and exports to the Exposed Open Directories
Q3 2023
September
- NEW FEATUREAdded new Certificate page with JA4X certificate info
- NEW FEATUREAdded new search type ‘Opendir files’ for searching Open Directories on Advanced Search page
- ENHANCEMENTAdded pagination on Open Directory Search and removed 250 records limit
- NEW SIGNATURESUnknown Android Malware, Easy Stealer, Nessus VA and OWASP ZAP API
- ENHANCEMENTAdded tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 391)
- NEW FEATURECreated Recent C2 Discoveries Page
- NEW FEATUREAdded copy button for the IPs on Overview page
- ENHANCEMENTSyntax highlighting on JSON output
August
- BUG FIXFixed links on Cobalt Strike Filters page
- ENHANCEMENTAdded example links on Advanced Search
- ENHANCEMENTRedirection to Dashboard page after login
- ENHANCEMENTAdded colors to the changelog items
- BUG FIXImproved search box on Advanced search
- BUG FIXHTTPS → HTTP redirection when
is_ssl: false
- NEW SIGNATURESAcunetix, SuperShell, Responder, ChaosRat, RedWarden, RedGuard, Mystic, AZORult
- BUG FIXImproved Search by Actor in Sensors
- NEW FEATUREAdded Dashboard Page
- NEW FEATUREAdded System wide Stats on Dashboard Page
- ENHANCEMENTUpdated ASN data in our databases
- ENHANCEMENTUpdated lists of downloaded extensions in Open Directories to aide in investigations (added the following ASP.NET, PHP, C, C++ files)
- ENHANCEMENTAdded tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 439)
July
- ENHANCEMENTNew data sources and signatures for Exposed Open Directories go identify more
- ENHANCEMENTMake external links more obvious with this icon
- ENHANCEMENTAdded search by file name to Exposed Open Directory
- NEW FEATUREAdded tagging of common tools from Exposed Open Directories and linked to GitHub (total number: 230)
- BUG FIXAdded TLS protocol check algorithm to fix misleading TLS data on IP search
Q2 2023
June
- IMPROVED DETECTIONSProtocols for TLS, DNS, FTP, mySQL, pop3, rdp, and Redis
- NEW DETECTIONSProtocols for OpenVPN, MS-NMF, netbios, mikroitk, and server exec
- BUG FIXImproved Siemens detection to exclude false positives
- NEW SIGNATURESAraneida, Vidar
- ENHANCEMENTOpen Directories
May
- NEW FEATUREAdded extract IP info to Bulk Search
- ENHANCEMENTAdded many ports for daily scanning cloud IPs
- NEW SIGNATURESRengine, L3mon, Hak5, EvilGoPhish, Pupy, Hookbot, Daam, BianLian
April
- NEW FEATUREAdded OpenAI to determine actor intent of Open Directories
- NEW SIGNATURESAdded initial tracker version of : Havoc, Silver, Amadey, AgentTesla, VShel, IntectSh, Meterpreter, DcRat, BYoB
Q1 2023
March
- ENHANCEMENTAdded Login Pages and Dark mode
- NEW SIGNATURESTitan Stealer, Orcus, Ursnif, Nexus, ImBetter, Opendir Malware, HightHawk
February
- ENHANCEMENTAdded Protocol fingerprinting and enriching API
- NEW SIGNATURESPixPirate, ARL, Viper, DarkComet, RapperBot, StealC
January
- NEW FEATUREAdded Open Directory search
- NEW SIGNATURESBitrat, RisePro, Mars Stealer, Shadowpad, Dacls, Alienbot, Lumma, Misha, Cova, Nosu, Spy-Agent, SystemBC, Brute Ratel, Posh C2, GoPhish, Burp Suite, BeEf, Mirai, Hydra, Ramnit, Rhadamanthys, Deimos C2, SharkStealer, Emotet
Q4 2022
December
- ENHANCEMENTAdded Actor and VPN Info
- NEW FEATURECreated Bulk Search
- NEW SIGNATURESmythic, Metasploit, Covenan, AsyncRAT, Raccoon, RedLine, Laplas, Aurora Stealer, Lokibot
November
- NEW SIGNATURESCobaltStike, qakbot, bumblebee
October
- NEW FEATURECreated Search Pages
- NEW FEATURECreated C2 Summary and Activity Pages
- NEW SIGNATURESAdded Initial version of Cobalt Strike tracker