Since its inception, Hunter has set out to be the premier investigative platform for cybersecurity professionals and investigators. To continue that trend, we’ve added multiple new features to help aid investigations and speed up the process.
Search Configuration
Hunter provides several different data sources designed to enhance your investigation. By default, initial searches are conducted within the Constella Data Lake to look for all attributes. To provide analysts with more flexibility, we’ve added the ability to set searches based on the attribute you are searching for. Users are able to configure the default searches depending on the attribute, including being able to select multiple sources at once.
Benefit: The user now has complete control over what sources are used, making sure that each source is necessary and proportionate to each investigation. The user can also select multiple sources, which helps speed up the investigation process and improve productivity.
VK and Yandex Added as Sources
Users can now search for VK social media profiles to identify if there are any open profiles matching a search term. Results include profile picture, URL, username, and display name, which can be added to the graph, saved data, and targets.
A Yandex search engine is also available, allowing you to search for keywords using Yandex to see the webpages generated in full, as well as using entity extraction to view information of note immediately.
Benefits: This feature enables investigators to minimize their digital footprint as there is no need to visit these sites directly. In addition, users can easily add any intelligence discovered to the graph, target or save information to refer to as needed, and build link analysis.
Similar Social Media Search
Users can now conduct a fuzzy or partial match search on usernames and email addresses to identify possible social media accounts. This new task quickly searches across 260 social media sites looking for potential matches or similar profiles to your search term.
Benefits: Users can save time and effort by searching multiple sources at once, speeding up the investigations process, and identifying possible leads that would not have otherwise been found.
Updates to Cryptocurrency Search
Improvements to the search capabilities within the crypto tab to make it easier to navigate between the cluster and transaction view to see all the addresses held in the cluster in one place.
Benefit: This feature combines multiple steps to enable users to access needed intelligence faster.
Download Raw Data
While it’s always been possible to download Constella Data Lake results to CSV or JSON, users can now download information found in the raw data view. The raw data view includes additional information from a breach which may not be identity information. This can include social media profiles, locations, travel information, and other details. You are now able to download all of this data as needed.
Benefit: This feature enables access to more data and intelligence in additional formats which can be added to any external services being used.
Geolocation
Hunter has always provided the ability to geolocate IP Addresses on a map. To improve usability, we’ve added a flag so users can see the location of the IP address immediately. We have also added location services to addresses, allowing users to view the location on a google map.
Benefit: Users can now see the location of IP addresses without leaving the platform to quickly view the location of an address as needed.
We hope you enjoy these new feature sets and that you can see the benefits as you use them. We’d love to hear your feedback, as well as requests for future functionality.
Please keep an eye out for more new features coming soon! Happy Investigating!
Check out how Brian Krebs was able to track the digital footsteps left by cybercriminal broker, Babam, by leveraging Constella’s cyber intelligence investigations platform.
