Have your team hunting through our web-based interface.
Threat Hunting
Core hunting modules for C2 infrastructure, malware, phishing, IOCs, and threat actors.
HuntSQL™
Powerful SQL queries designed for pivoting across attacker infrastructure and datasets.
Feeds & API Integrations
Real-time threat intelligence feeds and APIs for integrating Hunt data into existing workflows.
Bulk Enrichment
Enhance your data analysis capabilities with Bulk Enrichment.
Advanced Search
Run precise queries across attacker infrastructure data to quickly discover and analyze malicious activity.
Real Time Stats
Meticulously engineered for identifying and tracking malicious online activities.
Associations
Pivot from one IP to associated SSH keys, IOCs, malware configs, and certificates.
DNS by IP
Lists domain names that have resolved to a given IP address based on observed DNS data.
faq
How is Hunt different from traditional IOC feeds or passive threat intel platforms?
Hunt discovers live attacker infrastructure and relationships using high-fidelity curated data that delivers far more detections than traditional OSINT.
Can we pivot and investigate at scale without exporting data to other tools?
Yes. Advanced Search and HuntSQL allow analysts to pivot, correlate, and investigate directly within the platform.
How easy is it to integrate Hunt into our existing detection and response stack?
Hunt offers real-time feeds and APIs designed for smooth integration with SIEMs, SOARs, and internal tools.
What visibility does Hunt provide into real attacker infrastructure and behavior?
It exposes active C2 servers and maps IOCs linked to threat actors and campaigns across shared infrastructure.
