Live Demo

Learn More About AC-Hunter

On this page, you can learn more about AC-Hunter by…

Please read all instructions before starting the challenge. Participating in the CTF is not required to use the AC-Hunter Demo space. However, completing the CTF will familiarize you with using the interface and some of the powerful features of AC-Hunter.

AC-Hunter Demo Enviornment

This version of AC-Hunter is read-only to prevent accidental edits or whitelist entries, so some normally available features have been disabled.

Use the following information to log in to the read-only version of AC-Hunter:

 

Once logged in, you will need to select a dataset. Once you have selected a dataset and clicked “Confirm”, it will bring you to the AC-Hunter dashboard screen with the selected dataset data loaded:

Notes

  • Play around! Check out all of the features in AC-Hunter and have some fun getting used to the interface
  • All available datasets in AC-Hunter (for the CTF and the others) have several compromised hosts for your threat hunting pleasure 🙂
  • This version of AC-Hunter is set to read-only to prevent any accidental edits or whitelist entries, so some normally available features have been disabled
  • Feel free to choose any of the other sample datasets in AC-Hunter, put on your Threat Hunter hat, and see if you can find other compromised hosts in the other sample datasets for fun

 

If you need help or have questions, you can reach out to us in our Discord Threat Hunter Community or email us your question directly.

Fun Thing to Try:

In the AC-Hunter Settings menu item “Themes” you can switch between “Game Mode” and “DaVinci Mode” themes:

AC-Hunter Simplified User Guide

To learn more about navigating and identifying threats using AC-Hunter, refer to this simplified user guide for use with this CTF.

DOWNLOAD THE AC-HUNTER SIMPLIFIED USER GUIDE PDF

CTF Challenge Details

In this Capture The Flag challenge, you’ll use the read-only version of AC-Hunter to answer a series of threat hunting questions. Each answer has a point value of 10 or 15. You can use your collected points to receive hints to answer questions you may need help with.

For this CTF, you will use dataset dnscat2-ja3-strobe (highlighted in red below).

First, select “dnscat2-ja3-strobe” and click “Confirm” in the lower right-hand corner:

Once you have selected the dataset and clicked “Confirm”, it will bring you to the AC-Hunter dashboard screen with the selected dataset data loaded:

Good luck and have fun!

Getting Started

Complete the following steps to create an account at the CTF environment:

  • Step 1: Access the CTF space here: https://achunter.ctfd.io/
  • Step 2: Click “Register” on the right-hand side of the main menu bar
  • Step 3: Create an account to access the CTF questions

 

Once you finish creating your account, you should see the Challenges screen like this:

The series of CTF questions correspond with the “dnscat2-ja3-strobe” dataset in AC-Hunter. Follow the steps below to access the AC-Hunter instance before attempting to answer any questions.

Enjoying using AC-Hunter? Schedule a Personal Demo with our Team!

Schedule a Personal Demo

We look forward to chatting with you!

After you book your appointment below, you’ll be sent a link to a GoToMeeting video conference that you can join at your scheduled time for your live, personalized meeting. We block out an hour to ensure there is plenty of time to answer any questions you might have.

Active Countermeasures Posts Related to Threat Hunting: