Built from the bottom up to find, validate, and interrupt hostile infrastructure in real time.
Built from the ground up, no amount of effort is too much to find malicious infrastructure in real-time.
Our in-house research team hand crafts templates and reverses software used by adversaries.
Our team kicks into gear once new tools are launched, found or at customer or community request. We live malicious infrastructure hunting.
Categories are included to fit with in any existing pipeline and either block, warn or run victimology through netflow confidently.
You can replace or augment your Command and Control detection pipeline using the Hunt C2 Infrastructure Feed. Stop taxing your internal team to just find a subset of C2s using old pipelines and trying to manage quotas with other vendors. Confidently work with Hunt.io today to increase coverage, accuracy and be fully supported.
faq
What formats do you support?
The C2 Infrastructure Feed is delivered in JSON and GZ formats. This makes it straightforward to ingest into existing pipelines and internal systems without extra processing.
How often is the C2 Infrastructure Feed updated?
The feed is updated almost in real time, allowing teams to track active command-and-control infrastructure as it emerges.
What command-and-control families are covered?
The feed covers 125+ malware families. Our in-house research team hand-crafts templates and reverses adversary software to maintain and expand coverage.
What is the C2 Infrastructure Feed built to do?
It is purpose-built to hunt, validate, and monitor live malicious infrastructure using first-party scanning and validation.
