The Hunter Module is automation that takes distilled signatures from our Nebula dataset (API calls, SYSTEM Binaries, Behaviors) and hunts for those same signatures across the open internet. The automation presents the operator with a brief signal description, signature specifics found within the web content (API calls, SYSTEM Binaries, Soon Behaviors) and then pops open a window to the matched tradecraft. While testing a signature for process injection, we definitely noticed a lot of content being produced regarding a new evasion tool called SysWhispers2. Funnily enough, our own content (Cyber Mongol Operator Research Blog) was flagged by Hunter for an injector post we did….that was a trip! Much more to come on this module, it’s just in its infancy.
Video (YouTube): https://lnkd.in/eM6Vsbg
#cyberthreatintelligence #infosec #cybersecurity #informationsecurity #threatintelligence #networksecurity #sec #security #tools #offensivesecurity #pentesting #redteam #blueteam