AI-Hunter v3.8.0 Is in the Wild!
Version 3.8.0 of AI-Hunter has been released! We are very excited about this update because it includes some cool new features. The focus of this release is integrating with more data sources than just Zeek. We’ve also created BeaKer to gather host data and help you track down which programs are involved with a given beacon. Additionally, you can now send Netflow v9 data to AI-Hunter with our new tool, Active Flow. Finally, we’ve added the ability to organize your investigation sources with nested menus.
- BeaKer: Aggregates network events from Windows Hosts
- Active Flow: Collects Netflow v9 data and processes it for use with AI-Hunter
- Nested Investigation Menus: Add even more investigation links in an organized manner
BeaKer is a new tool from Active Countermeasures which makes it easy to track down which programs and users are involved with a particular beacon. After installing the BeaKer server and distributing the BeaKer agent to your Microsoft Windows machines, matching beacons with the programs and users that created them is as easy as a single click.
- MongoDB has been upgraded from v3.6.3 to v3.6.17
- The installer now works when /tmp is mounted with the noexec option
All current customers can access the new version via their Portal account. Please be sure to check the release notes for install instructions. If you have any problems, do not hesitate to reach out to our support team.
Interested in threat hunting tools? Check out AC-Hunter
Active Countermeasures is passionate about providing quality, educational content for the Infosec and Threat Hunting community. We appreciate your feedback so we can keep providing the type of content the community wants to see. Please feel free to Email Us with your ideas!
Logan is a second-year computer science student at the South Dakota School of Mines and Technology. His current interests are computer security, machine learning, and computer science education.