SentinelOne Hunter

SentinelOne Hunter

Hunter works with SentinelOne Deep Visibility to hunt for indicators of interest, captured right from your browser.

SentinelOne Hunter
What is SentinelOne Hunter?
"SentinelOne Hunter" is a Chrome extension that enhances cybersecurity investigations by allowing SentinelOne Deep Visibility admins to identify and track digital indicators, such as IP addresses, DNS names, and hashes, directly from their browser. It integrates with the SentinelOne console, making it easier to initiate queries and probe for potential threats across their networks without personal data capture.
Stats
Users: 10,000+
Rating: 4.33 (12)
Version: 2.3.0 (Last updated: 2023-07-11)
Creation date: 2023-07-11
Risk impact: Moderate risk impact
Risk likelihood: Low risk likelihood
Manifest version: 2
Permissions:
  • tabs
  • activeTab
  • storage
Size: 6.75M
Stats date:

Chrome-Stats Rank

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension
Summary

Hunter works with SentinelOne Deep Visibility to hunt for indicators of interest, captured right from your browser page. The Hunter Chrome Extension lets you easily scrape data from your browser and opens a query in your SentinelOne Management Console to search for that data across your organization. Hunter captures these indicators from information open in your current browser tab: IP addresses, DNS names, and hashes (MD5, SHA-1, and SHA-256).

The Hunter extension does not capture any personal or private data from the browser or the user. When the indicators of interest are captured, they are redirected to your SentinelOne Management Console. The data is not saved. The only permission the extension requires is to scrape the browsed pages, get the indicators, and send them to the SentinelOne Management Console.

How to use: To use Hunter, you must be an Admin user in an active SentinelOne Management Console with Deep Visibility. Open Hunter and select the indicators to hunt for. When you click Hunt, a new query opens in Deep Visibility in your SentinelOne Management Console. You can edit the query or run it as is to search for the indicators in your environment.

Steps:

  1. Download Hunter by SentinelOne from the Chrome Web Store.
  2. The first time you open Hunter, enter the URL of your SentinelOne Management Console.
  3. Click Hunter and you’ll see all indicators in your current browser tab.
  4. Hover over one and click Hunt. Or select multiple items and then click Hunt Now.
  5. A new query opens in Deep Visibility in your SentinelOne Management Console. You can edit the query or run it as is to search for the indicators in your environment.
User reviews
No documentation on how to configure or how to use. UI asks for a Management URL? No submit button. I put one in. Nothing happens? Probably a great tool. Just can't get it off the ground.
by Erik Herrera Erik Herrera, 2022-01-17

This makes it very easy to search for large sets of IOC. I like the new feature of getting queries from their threat research team
by Ryan Merrick Ryan Merrick, 2021-03-04

Easy and efficient threat hunting in a SentinelOne protected environment
by Andre Noordam Andre Noordam, 2021-03-04
View all user reviews
Safety
Risk impact

SentinelOne Hunter may not be safe to use and it requires some risky permissions. Exercise caution when installing this extension. Review carefully before installing.

Risk likelihood

SentinelOne Hunter has earned a fairly good reputation and likely can be trusted.

Upgrade to see risk analysis details
Similar extensions

Here are some Chrome extensions that are similar to SentinelOne Hunter: