OSINT & reputation hub
Enter an IOC: shortcuts to public interfaces (VirusTotal, AbuseIPDB, WHOIS, etc.). For domains, this server also runs DNS, HTTP / TLS probe (headers, redirects, cert fingerprints), and for IPs PTR - no API key for those calls.
Shortcuts to VirusTotal, AbuseIPDB, etc. open the official site in a new tab with the indicator when supported. No API keys are configured in CyberHunter; each provider may require a free account for full details.
External services
Open the indicator in a third-party service for enrichment (reputation, WHOIS, exposure, etc.).
Reputation & intel
VirusTotal
SiteAV scans / reputation (file, domain, IP, search). Free account recommended.
Enter an indicator in the field above.
AbuseIPDB
SiteAbuse reports and confidence score for IP addresses.
Enter an indicator in the field above.
AlienVault OTX
SiteOpen Threat Exchange - IOCs and community pulses.
Enter an indicator in the field above.
Cisco Talos Intelligence
SiteIP and domain reputation (Talos).
Enter an indicator in the field above.
GreyNoise
SiteInternet background noise context (known scanners).
Enter an indicator in the field above.
SANS ISC
SiteIP details (Internet Storm Center).
Enter an indicator in the field above.
IBM X-Force Exchange
SiteIOC records (IP, URL/domain, hash) - IBM id account.
Enter an indicator in the field above.
WHOIS & DNS
WHOIS (who.is)
SiteWHOIS for domain / IP (public UI).
Enter an indicator in the field above.
Exposure & scans
Malware & phishing
URLhaus (abuse.ch)
SiteMalware distribution URLs (search).
Enter an indicator in the field above.
Malware Bazaar
SiteMalware samples (hash).
Enter an indicator in the field above.
PhishTank
SitePhishing database (web search).
Enter an indicator in the field above.
Hybrid Analysis
SiteFile analysis / sandbox (hash).
Enter an indicator in the field above.