Skip to content

Instantly share code, notes, and snippets.

View shaeqahmed's full-sized avatar
😎
Coding

Shaeq Ahmed shaeqahmed

😎
Coding
31 followers · 168 following
  • Matano Labs
View GitHub Profile
@ag-michael
ag-michael / FalconHuntqueries.md
Last active November 23, 2023 12:02
Falcon hunt queries

timestamp convert:


 convert ctime(timestamp/1000)

.top,.club,.xyz,.ru domain lookups where the amount of lookup for the domain is more than 1 and less than 4 per computer


aid=* event_simpleName=DnsRequest | regex DomainName=".*\.top$|.*\.club$|.*\.xyz$|.*\.ru$|[0-9]+.*\.\w$" | stats values(ComputerName) count by DomainName| where count <4 | sort – count
@mttaggart
mttaggart / electron-versions.csv
Last active November 18, 2023 03:15
CVE-2023-4863 Electron App Tracker | THIS LIST IS NOW DEPRECATED. PLEASE VISIT https://github.com/mttaggart/electron-app-tracker FOR THE LATEST DATA
app_name repo electron_version vulnerable
1Clipboard https://github.com/wiziple/1clipboard
1Password None 25.8.1 FALSE
3CX Desktop App 19.0.8 TRUE
5EClient None
Abstract None
Account Surfer None
Advanced REST Client https://github.com/advanced-rest-client/arc-electron ^17.0.0 TRUE
Aedron Shrine None
Aeon https://github.com/leinelissen/aeon 23.2.0 TRUE