HackHunter sensors use inbuilt algorithms designed to detect the signatures and behaviour of hacking methods and tools in real-time.
Malicious WiFi networks are detected using safelist comparisons and beacon characteristics, while correlating other attack information such as deauthentication attempts to accurately identify an attack, its type and even the attacking tool used.
Real-time attack data is encrypted and relayed as JSON objects via our cloud MQTT server to the SOC, SIEM, Syslog or MSSP. Additional analysis can be performed at this stage. A separate dashboard, monitoring and alert service is available if required.
The signal strength of attacks is continuously measured, allowing the portable tracker, equipped with a highly sensitive directional antenna, to physically locate the attacker.
Note: On-premise server options are available. We are always researching attack methods and tools to ensure HackHunter stays a step ahead.