Skip to content
View McL0vinn's full-sized avatar
4 followers · 0 following

Block or report McL0vinn

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Popular repositories Loading

  1. Windows-Forensic-Examination-and-Threat-Hunting Windows-Forensic-Examination-and-Threat-Hunting Public

    Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can also be used to create a baseline for your environment.For the…

    10 1

  2. Incident_Response_Script Incident_Response_Script Public

    Small Incident Response Powershell script that collects various data from the system.Good alternative to run on a system while waiting for an approved AV scan( or instead of a scan)

    PowerShell 4

  3. MicrosoftDefender-DiscordCNC MicrosoftDefender-DiscordCNC Public

    Threat-Hunting KQL query which identifies machines that utilize powershell, cmd or wmic to connect to any URL that includes “cdn.discordapp.com” ,where the action was initiated by a script executio…

    1

  4. MicrosoftDefender-Kaseya_IOCs MicrosoftDefender-Kaseya_IOCs Public

    Simple KQL query that can be run either in MD for Endpoint (Threat hunting or Custom indicator) or in Azure Sentinel (Threat hunting or analytics rule).It's looking for 4 known IOCs related to the …

    1

  5. Splunk Splunk Public

    useful notes and commands for navigating Splunk with a focus on Incident Response

    1

  6. MicrosoftDefender-Egregor MicrosoftDefender-Egregor Public

    Custom made Query which you can run in your Microsoft Defender - Advanced Hunting tool to look for network activity related to Egregor Ransomware.