HunterSuite, Next Generation Offensive Security Suite
Introduction
Hello, and welcome to very first HunterSuite.io blog post. In this blog, we try to share our progress and struggles without spoiling all the funs and surprises.
What is HunterSuite?
HunterSuite is the next generation offensive security suite. It will automate all the tedious tasks during a penetration test just with few clicks. If you are a penetration tester, red teamer, bug bounty hunter, or you work as an offensive security engineer; you will love what HunterSuite has to offer.
It will be released soon as a SaaS on huntersuite.io
Get your invite.
Why we create HunterSuite?
The ideas of HunterSuite come from the problems we face while working on various black-box assessments, the repetitive steps, being lost in a massive amount of unstructured data, keeping up to date, tools, and vulnerabilities, and managing virtual machines and so on.
Think about, making sense of these assets, prioritize them, and select the most vulnerable in the chain. You may sleep a couple of hours, and a new asset arrives because of how tedious it is to use all the tools and steps again you may not want to repeat it, and there are high chances of missing a new asset or merely a change in an endpoint. All of these issues are just a part of the problems HunterSuite aims to fix.
The most complete suite period.
Well, to ensure the best delivery we consider many things which we will look into them now. We currently implemented a robust core, almost a perfect database design, a meaningful panel, some plugins already developed as well. Yet, we are a few months far from release.
I. Commercial and not free?
It takes time
We are working day and night to create this suite, It doesn’t mean we don’t love open source and sharing with you, look at @0xsha blog and @j3ssiejjj repositories, and we continue to do so. Because no matter what, we owe this to the infosec community.
It needs support
We love free tools too, but free tools usually don’t come with premium support. At least not without a proper sponsor. That’s why we sponsored ourselves to create HunterSuite.We did not open any crowdsource funding because we believe we should deliver our part of the deal first.
A lot of successful hunters and offensive security engineers are not software developers; they would appreciate tools that make sense. That’s why a lot of them own a burp suite license and many other tools licenses. And that’s our end-goal here create a tool with active development to make us way more productive as testers.
Infrastructure is costly
Moreover, due to the nature of HunterSuite, it uses a lot of traffic, CPU, RAM, and space, which is not free.
Having said all of that, We do our best to make as affordable and reasonable.
II. Industry pro insight
HunterSuite is under active development by industry professionals, and we have ages of proactive security assessments under our belts.
We regularly check the twitter infosec industry to make sure we are updated. We hear @nahamsec guests, stalk on your awesome #bugbountytips, and write-ups, to find out rooms for improvements. Besides, we already created a landing page and an invite form, which consists of a gold piece of information, called a feature request. We already received tones of awesome responses from you if you haven’t filled it yet go on and do it so.
III. Other Players
We believe HunterSuite is one of a kind, Yet, We have a close eye on kinda similar tools on the market, we come across projectdiscovery.io and, assetnote.io bounty.offensiveai.com we suggest you check them out too, as a suite point of view we try to cover as much as features in similar tools yet provide more functions and accessibility.
HunterSuite Design
HunterSuite consists of many parts that we are going to discuss main features now.
I. HunterSuite core
at its core, HunterSuit uses golang to provide as much as speed possible; the heart is responsible for many stuff most importantly:
Find as much as subdomains possible. currently, it can find ~19k subdomains on yahoo.com in few minutes! (we uses various subdomain enumeration techniques and 3rd party sources )
Screenshot assets (screenshot, title, headers, checksums)
Find out target IP ranges
Scan for top services and ports
Extract asset fingerprint and technology stack
Extract links (from JS files, archive, etc.)
Clean up data
Sending update notifications
Storing clean data in database
II. HunterSuite Databases
It took us days to come up with a robust database design, which we still continuously change to fit the needs we used MySQL 8, which is fast enough. Its relational functionalities help us to build beautiful relations between tables. The core use of a separate database to ensure data integrity and safety we store all critical information encrypted with the latest AES-256.
III. HunterSuite Plugins
Plugins are also mostly developed to go. here are a few examples
Plugin Jaeles: Developed by our very own @j3ssiejjj and integrated into our core as our vulnerability scan engine. For now, we have more than 250 private signatures for recent web vulnerabilities; we continuously update our unreleased signatures to ensure you don’t need to spend time anymore to scan for recent CVEs and vulnerabilities; instead, you just do it in a moment. Here are a few other plugins on our road map.
Plugin Wordy: Wordlist generator based on assets (archive links, params, words, files with extensions) also generate the latest wordlist using a big query)
Plugin FileMon: File Monitor Engine (monitor JS, API, Files, RAW HTTP Request, and responses ! )
Plugin SubOver: A fast and robust subdomain takeover scanner
Plugin DirBrute: Fast and believe me “FAST” directory scanner, which configured using target-based wordlists and custom wordlist.
Plugin Secrets: Find leaked keys and creds from various sources (Github, GitLab, etc.)
Plugin …
There are many more plugins, but we don’t want to spoil anymore and kill all the fun, so you have to wait and see it yourself!
IV. HunterSuite Web Apps
They say a picture worth thousands of words, so go for it!
User Dashboard
Please note this is not the final design and work in progress. But, we couldn’t help it we have to share with you how excited we are working on this …
Where you can access all core features and plugins just using a few clicks, for the dashboard, it utilizes the latest Laravel, Javascript, Bootstrap 4.x, HTML5, CSS3. It’s a dark theme from the beginning, so your eyes will love you, and you love your dashboard. It also uses another MySQL 8.x instance to store your pieces of information, which again encrypted with AES-256.
The panel makes sense of relationship in tables, schedules the scans, allows you to run a single scan, and quickly navigate thousands of assets, take notes, find out the most vulnerable assets and help you organize your thoughts on a successful penetration test or hunt.
Packages and Payment Options
We will have three packages. Payment options will be mainly cryptocurrencies for the love of it, plus some more usual ones like PayPal.
1- Essential: which allows you to enumerate and monitor assets that work only on whitelisted public bug bounty programs, up to 5 targets.
user: infosec community
2- Bounty hunter: essential plus vulnerability scanner, unique wordlists, directory, and parameter scanner, works on public bug bounty programs, and allows you to add private programs to our list. Up to 15 targets.
user: bug bounty hunters , read teamer, penetration tester.
3- Dark suite: essential plus bounty hunter, plus it works on any URL, no question asked, it gives you access to more plugins, but it’s limited to minimal, “verified”, organisation and individuals . Up to 50 targets.
user: Cybersecurity journalist and law enforcement , full time bug hunters.
HunterSuite is a “legal” testing suite no criminal activity and usage will be allowed or tolerated.
Scaling
Well, we still have some debates on our final solution for scaling, but for now, we chose Docker containers and Kubernetes clusters. We are continually looking for various options here to ensure we can provide you with the most cost-friendly packages.
Conclusion
As soon as we have a polished version ready, we will invite top bug bounty hunters and offensive engineers to check our tool and give us a review. We also plan to do Live Streams and Videos; to show you how it works and winning.
We hope to release the first version of HunterSuite before or in the coming summer. if you have any ideas, comments, or want to join or invest on HunterSuit.io feel free to contact us with hello [at] huntersuite.io
Otherwise, we see you soon on the other side!
PS: your invite.
