SentinelOne Hunter

Hunter works with SentinelOne Deep Visibility to hunt for indicators of interest, captured right from your browser.

What is SentinelOne Hunter?

"SentinelOne Hunter" is a Chrome extension that enhances cybersecurity investigations by allowing SentinelOne Deep Visibility admins to identify and track digital indicators, such as IP addresses, DNS names, and hashes, directly from their browser. It integrates with the SentinelOne console, making it easier to initiate queries and probe for potential threats across their networks without personal data capture.

Download

Stats

By: SentinelOne

View on Chrome Web Store

Users: 10,000+

Rating: 4.33 (12)

Version: 2.3.0 (Last updated: 2023-07-11)

Creation date: 2023-07-11

Risk impact: Moderate risk impact

Risk likelihood: Moderate risk likelihood

Manifest version: 2

Permissions:

tabs
activeTab
storage

Size: 6.75M

Email: su*****@sentinelone.com

URLs: Privacy policy

Stats date:

Chrome-Stats Rank

# 8936 ▲ 10

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

Hunter works with SentinelOne Deep Visibility to hunt for indicators of interest, captured right from your browser page. The Hunter Chrome Extension lets you easily scrape data from your browser and opens a query in your SentinelOne Management Console to search for that data across your organization. Hunter captures these indicators from information open in your current browser tab: IP addresses, DNS names, and hashes (MD5, SHA-1, and SHA-256).

The Hunter extension does not capture any personal or private data from the browser or the user. When the indicators of interest are captured, they are redirected to your SentinelOne Management Console. The data is not saved. The only permission the extension requires is to scrape the browsed pages, get the indicators, and send them to the SentinelOne Management Console.

How to use: To use Hunter, you must be an Admin user in an active SentinelOne Management Console with Deep Visibility. Open Hunter and select the indicators to hunt for. When you click Hunt, a new query opens in Deep Visibility in your SentinelOne Management Console. You can edit the query or run it as is to search for the indicators in your environment.

Steps:

Download Hunter by SentinelOne from the Chrome Web Store.
The first time you open Hunter, enter the URL of your SentinelOne Management Console.
Click Hunter and you’ll see all indicators in your current browser tab.
Hover over one and click Hunt. Or select multiple items and then click Hunt Now.
A new query opens in Deep Visibility in your SentinelOne Management Console. You can edit the query or run it as is to search for the indicators in your environment.

User reviews

No documentation on how to configure or how to use. UI asks for a Management URL? No submit button. I put one in. Nothing happens? Probably a great tool. Just can't get it off the ground.

Erik Herrera, 2022-01-17

This makes it very easy to search for large sets of IOC. I like the new feature of getting queries from their threat research team

Ryan Merrick, 2021-03-04

Easy and efficient threat hunting in a SentinelOne protected environment

Andre Noordam, 2021-03-04

View all user reviews

Safety

Risk impact

SentinelOne Hunter may not be safe to use and it requires some risky permissions. Exercise caution when installing this extension. Review carefully before installing.