Learn More About AC-Hunter
AC-Hunter Simplified User Guide
To learn more about navigating and identifying threats using AC-Hunter, refer to this simplified user guide.
Notes
- Play around! Check out all of the features in AC-Hunter and have some fun getting used to the interface
- All available datasets in AC-Hunter (for the CTF and the others) have several compromised hosts for your threat hunting pleasure 🙂
- This version of AC-Hunter is set to read-only to prevent any accidental edits or whitelist entries, so some normally available features have been disabled
- Feel free to choose any of the other sample datasets in AC-Hunter, put on your Threat Hunter hat, and see if you can find other compromised hosts in the other sample datasets for fun
If you need help or have questions, you can reach out to us in our Discord Threat Hunter Community or email us your question directly.
Fun Thing to Try:
In the AC-Hunter Settings menu item “Themes” you can switch between “Game Mode” and “DaVinci Mode” themes:
AC-Hunter CTF Enviornment
This version of AC-Hunter is read-only to prevent accidental edits or whitelist entries, so some normally available features have been disabled.
Use the following information to log in to the read-only version of AC-Hunter:
- Web Link: https://ctf.aihhosted.com/
- Email: [email protected]
- Password: aW1hN6gI9eJ0kA7m
Once logged in, you will need to select a dataset. Once you have selected a dataset and clicked “Confirm”, it will bring you to the AC-Hunter dashboard screen with the selected dataset data loaded:
CTF Challenge Details
In this Capture The Flag challenge, you’ll use the read-only version of AC-Hunter to answer a series of threat hunting questions. Each answer has a point value of 10 or 15. You can use your collected points to receive hints to answer questions you may need help with.
For this CTF, you will use dataset dnscat2-ja3-strobe (highlighted in red below).
First, select “dnscat2-ja3-strobe” and click “Confirm” in the lower right-hand corner:
Once you have selected the dataset and clicked “Confirm”, it will bring you to the AC-Hunter dashboard screen with the selected dataset data loaded:
Good luck and have fun!
CTF Environment
Complete the following steps to create an account at the CTF environment:
- Step 1: Access the CTF space here: https://achunter.ctfd.io/
- Step 2: Click “Register” on the right-hand side of the main menu bar
- Step 3: Create an account to access the CTF questions
Once you finish creating your account, you should see the Challenges screen like this:
The series of CTF questions correspond with the “dnscat2-ja3-strobe” dataset in AC-Hunter. Follow the steps below to access the AC-Hunter instance before attempting to answer any questions.