Hunt.io

Product

Features

OEM

Pricing

About

Blog

Login

Get a Demo

Hunt.io

Product

Features

OEM

Pricing

About

Blog

Login

Get a Demo

Hunt.io

Product

Features

OEM

Pricing

About

Blog

Login

Get a Demo

Hunt.io

HuntSQL™

HuntSQL™

HuntSQL™

This allows researchers, analysts, and threat hunters to query the extensive Hunt database using the power and flexibility of SQL.

Run SQL queries across Hunt’s first-party datasets to analyze malicious infrastructure at scale.

Book Your Demo

Book Your Demo

Book Your Demo

Analyze Malicious Infrastructure with SQL

Analyze Malicious Infrastructure with SQL

Analyze Malicious Infrastructure with SQL

HTTP

HTTP

Users can query first-party HTTP data to identify threat actors and malicious activity.

Malware

Users can query the Hunt database of confirmed C2 servers and build detailed statistics on threat actor activity.

Certificates

Users can query first-party certificate data, allowing users to track and identify malicious certificates.

HoneyPot

Users can query honeypot data and obtain detailed stats on internet scanning activity.

Open Directories

Users can query the Hunt database of past and present open directories. This helps discover malware, exploits and attack tooling.

Phishing

Query an extensive list of phishing sites to identify and track phishing kits and threat actor tooling.

Search and Sort Confirmed C2 Data

Search and Sort Confirmed C2 Data

Search and Sort Confirmed C2 Data

The malware database contains 48 searchable fields on confirmed C2 servers discovered by Hunt.

Users can view current C2s and configurations for a specific family, or use the data to build detailed statistics about how and where a malware is being hosted.

faq

faq

faq

Frequently
asked questions

Frequently
asked questions

Frequently
asked questions

What is HuntSQL used for?

HuntSQL is used to query Hunt’s first-party threat datasets with SQL in order to analyze malicious infrastructure and attacker activity.

What is HuntSQL used for?

HuntSQL is used to query Hunt’s first-party threat datasets with SQL in order to analyze malicious infrastructure and attacker activity.

What is HuntSQL used for?

HuntSQL is used to query Hunt’s first-party threat datasets with SQL in order to analyze malicious infrastructure and attacker activity.

What types of data can I query with HuntSQL?

You can query multiple datasets, including HTTP data, confirmed C2 servers, certificates, honeypot activity, open directories, and phishing infrastructure.

What types of data can I query with HuntSQL?

You can query multiple datasets, including HTTP data, confirmed C2 servers, certificates, honeypot activity, open directories, and phishing infrastructure.

What types of data can I query with HuntSQL?

You can query multiple datasets, including HTTP data, confirmed C2 servers, certificates, honeypot activity, open directories, and phishing infrastructure.

Can HuntSQL be used to analyze confirmed C2 servers?

Yes. The malware dataset includes confirmed C2 servers with dozens of searchable fields, allowing detailed analysis of configurations, hosting patterns, and activity.

Can HuntSQL be used to analyze confirmed C2 servers?

Yes. The malware dataset includes confirmed C2 servers with dozens of searchable fields, allowing detailed analysis of configurations, hosting patterns, and activity.

Can HuntSQL be used to analyze confirmed C2 servers?

Yes. The malware dataset includes confirmed C2 servers with dozens of searchable fields, allowing detailed analysis of configurations, hosting patterns, and activity.

Who is HuntSQL designed for?

HuntSQL is designed for researchers, analysts, and threat hunters who need flexible, SQL-based access to validated threat and infrastructure data

Who is HuntSQL designed for?

HuntSQL is designed for researchers, analysts, and threat hunters who need flexible, SQL-based access to validated threat and infrastructure data

Who is HuntSQL designed for?

HuntSQL is designed for researchers, analysts, and threat hunters who need flexible, SQL-based access to validated threat and infrastructure data

Find the threat
before it finds you

Hunt adversary infrastructure in real time. Surface C2 servers, enrich IOCs,
and map attacker activity at scale with our unified threat hunting platform.

Start Hunting

Threat Hunting Platform

©2026 Hunt Intelligence, Inc.

Explore

Product

Features

OEM Partners

Pricing

Integrations

Resources

Blog

Change log

Support docs

Malware Families

Glossary

Company

About us

Use Cases

Testimonials

Branding

Contact Us

Terms and conditions

Privacy Policy

Find the threat
before it finds you

Hunt adversary infrastructure in real time. Surface C2 servers, enrich IOCs,
and map attacker activity at scale with our unified threat hunting platform.

Start Hunting

Threat Hunting Platform

©2026 Hunt Intelligence, Inc.

Explore

Product

Features

OEM Partners

Pricing

Integrations

Resources

Blog

Change log

Support docs

Malware Families

Glossary

Company

About us

Use Cases

Testimonials

Branding

Contact Us

Terms and conditions

Privacy Policy

Find the threat
before it finds you

Hunt adversary infrastructure in real time. Surface C2 servers, enrich IOCs,
and map attacker activity at scale with our unified threat hunting platform.

Start Hunting

Threat Hunting Platform

Explore

Product

Features

OEM Partners

Pricing

Integrations

Resources

Blog

Change log

Support docs

Malware Families

Glossary

Company

About us

Use Cases

Testimonials

Branding

Contact Us

Terms and conditions

Privacy Policy

©2025 Hunt Intelligence, Inc.