The Prime Hunt Version 1.3.1 Is Out

On November 1, 2023, SOC Prime Team released a new version of The Prime Hunt, an open-source LGPL browser add-on acting as a single UI for platform-agnostic threat hunting. The tool enables cyber defenders to seamlessly convert, apply, and customize Sigma rules directly within Chrome, Firefox, or Edge browser — regardless of the SIEM, EDR, or XDR stack in use. 

With the release of The Prime Hunt version 1.3.1, we’ve added integration with AbuseIPDB, enabling cyber defenders to report abusive IP addresses related to offensive cyber activity while enhancing the safety of online operations.

With this latest update, we’ve also added support for a set of projects backed by abuse.ch, delivering community-driven threat intelligence on cyber threats for enhanced protection against malware and botnets. More specifically, we’ve enhanced the list of The Prime Hunt integrations with the following abuse.ch-driven projects that make the exchange of actionable cyber threat intel, indicators of compromise, and other relevant metadata faster and more accessible among industry peers:

  • URLhaus for streamlined malicious URL exchange
  • MalwareBazaar for simplified sharing of malicious samples by specific hashes (MD5 and SHA256)
  • ThreatFox for the ease of IOC sharing
  • FeudoTracker for streamlined sharing of botnet C&C servers associated with different malware strains, like Dridex, Emotet, TrickBot, QakBot, and BazarLoader.

The Prime Hunt UI

Fig. 1. Drill down to any CTI or any other sources for streamlined threat investigation with The Prime Hunt browser add-on

On top of the VirusTotal, Anomali, EchoTrail, OpenCTI, or Ultimate IT Security, the new release introduces The Prime Hunt integration with the Shodan search engine designed to map and gather information about internet-connected devices and systems. Quickly drill down to relevant cyber threat intelligence directly from The Prime Hunt UI to streamline your threat investigation and gain holistic visibility into security use cases. 

Additionally, version 1.3.1 introduces a set of UI enhancements to make The Prime Hunt experience even smoother. 

At SOC Prime, we believe that industry collaboration and knowledge sharing shape the future of collective cyber defense. Anyone can contribute to The Prime Hunt project with a pull request on GitHub to express their ideas and enrich the collective cybersecurity expertise. 

Â