ch
Feedback
APT

APT

前往频道在 Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

显示更多
俄罗斯45 631技术与应用8 841

📈 Telegram 频道 APT 的分析概览

频道 APT (@apt_notes) 英语 语言赛道中的 是活跃参与者。目前社区聚集了 14 658 名订阅者,在 技术与应用 类别中位列第 8 841,并在 俄罗斯 地区排名第 45 631

📊 受众指标与增长动态

невідомо 创建以来,项目保持高速增长,吸引了 14 658 名订阅者。

根据 12 六月, 2026 的最新数据,频道保持稳定运转。过去 30 天订阅人数变化为 406,过去 24 小时变化为 7,整体触达仍然可观。

  • 认证状态: 未认证
  • 互动率 (ER): 平均受众互动率为 49.89%。内容发布后 24 小时内通常能获得 N/A% 的反应,占订阅者总量。
  • 帖子覆盖: 每篇帖子平均可获得 7 313 次浏览,首日通常累积 0 次浏览。
  • 互动与反馈: 受众积极参与,单帖平均反应数为 20

📝 描述与内容策略

作者将该频道定位为表达主观观点的平台:
This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

凭借高频更新(最新数据采集于 13 六月, 2026),频道始终保持新鲜度与高覆盖。分析显示受众积极互动,使其成为 技术与应用 类别中的关键影响点。

14 658
订阅者
+724 小时
+1007
+40630
帖子存档
APT
APT
14 667
⚔️ Remote Code Injection by Abusing CreateProcess and GetEnvironmentVariable New method of injecting code into a remote process without using WriteProcessMemory. CreateProcess: https://www.x86matthew.com/view_post?id=proc_env_injection GetEnvironmentVariable: https://x-c3ll.github.io/posts/GetEnvironmentVariable-Process-Injection/ #maldev #process #inject #pinvoke #winapi

APT
APT
14 667
📜 Defused That SAN Flag One more post about Microsoft's recent security updates - re changes to Kerberos and the new certifi
📜 Defused That SAN Flag One more post about Microsoft's recent security updates - re changes to Kerberos and the new certificate extension containing the requester's SID. The changes 'defuse' the impact of the flag that allows adding custom subject alternative names to any certificate (including the ones that 'actually' should be auto-enrolled). https://elkement.blog/2022/06/13/defused-that-san-flag/ #ad #adcs #privesc #redteam

APT
APT
14 667
🔍 GitHub Dorks Many people ask me how to do GitHub reconnaissance, find credentials and other information Pentest or RedTeam
+3
🔍 GitHub Dorks Many people ask me how to do GitHub reconnaissance, find credentials and other information Pentest or RedTeam might need. This post will look at some ways to search GitHub. #github #dorks #recon #osint

APT
APT
14 667
🔑 Extracting Credentials from Chrome Memory An excellent study on how Chrome's memory works and how to extract credentials, cookies, etc. in а low privileges plain text format. https://www.cyberark.com/resources/threat-research-blog/extracting-clear-text-credentials-directly-from-chromium-s-memory #chrome #memory #dump #creds

APT
APT
14 667
Repost from Codeby
🔥 Фильм о команде Codeby на The Standoff 2022 Друзья, уже в скором времени мы будем готовы представить вам документальный фильм об участии команды Codeby на мероприятии The Standoff 2022! Вспомним, какие эмоции испытывали все мы каждый день соревнований, а также узнаем, что происходило в эти дни от лица игроков. А пока предлагаем вам насладиться просмотром небольшого трейлера!

APT
APT
14 667
⚙️ Active Directory Delegation Management Tool Is an Active Directory delegation management tool. It allows you to make a det
⚙️ Active Directory Delegation Management Tool Is an Active Directory delegation management tool. It allows you to make a detailed inventory of delegations set up so far in a forest, along with their potential issues: — Objects owned by users — Objects with ACEs for users — Non canonical ACL — Disabled ACL inheritance — Default ACL modified in schema — Deleted delegation trustees It also allows you to document your delegation model in JSON files, to obtain a more readable view: https://github.com/mtth-bfft/adeleg #ad #delegations #ace #acl #tools

APT
APT
14 667
Repost from 1N73LL1G3NC3

APT
APT
14 667
Repost from 1N73LL1G3NC3

APT
APT
14 667
🕵️ OSINT Collection Collection of 4000+ OSINT resources https://metaosint.github.io/table/ #osint #recon #collection
🕵️ OSINT Collection Collection of 4000+ OSINT resources https://metaosint.github.io/table/ #osint #recon #collection

APT
APT
14 667
📒Simulating attacks with Sysmon SysmonSimulator is an Open source Windows event simulation utility created in C language, th
📒Simulating attacks with Sysmon SysmonSimulator is an Open source Windows event simulation utility created in C language, that can be used to simulate most of the attacks using WINAPIs. This can be used by Blue teams for testing the EDR detections and correlation rules. I have created it to generate attack data for the relevant Sysmon Event IDs. Attack coverage: — Process Events — File Events — Named Pipes Events — Registry Actions — Image Loading — Network Connections — Create Remote Thread — Raw Access Read — DNS Query — WMI Events — Clipboard Capture — Process Image Tampering Research: https://rootdse.org/posts/understanding-sysmon-events/ Tool: https://github.com/ScarredMonk/SysmonSimulator #sysmon #simulator #blueteam #lab

APT
APT
14 667
🔥 MS-MSDT Office RCE MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "
🔥 MS-MSDT Office RCE MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters). The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros). PoC: https://github.com/JohnHammond/msdt-follina https://github.com/chvancooten/follina.py Demo Follina with Cobalt Strike: https://www.youtube.com/watch?v=oM4GHtVvv1c For BlueTeam: https://gist.github.com/kevthehermit/5c8d52af388989cfa0ea38feace977f2 #office #rce #msmsdt #nomacro

APT
APT
14 667
🩸Max (BloodHound) Maximizing BloodHound with a simple suite of tools https://github.com/knavesec/Max #bloodhound #neo4j #cyp
🩸Max (BloodHound) Maximizing BloodHound with a simple suite of tools https://github.com/knavesec/Max #bloodhound #neo4j #cypher

APT
APT
14 667
🔍 Find Uncommon Shares This Python tool equivalent of PowerView Invoke-ShareFinder.ps1 allows to quickly find uncommon share
🔍 Find Uncommon Shares This Python tool equivalent of PowerView Invoke-ShareFinder.ps1 allows to quickly find uncommon shares in vast Windows Active Directory Domains. https://github.com/p0dalirius/FindUncommonShares #ad #enum #shares #tools

APT
APT
14 667
Combination of 2 PoCs for bypassing Credential Guard with in-memory invocation PoC 1 (patch wdigest.dll): https://gist.github
Combination of 2 PoCs for bypassing Credential Guard with in-memory invocation PoC 1 (patch wdigest.dll): https://gist.github.com/N4kedTurtle/8238f64d18932c7184faa2d0af2f1240 PoC 2 (find variable offsets in runtime): https://github.com/itm4n/Pentest-Windows/blob/main/CredGuardBypassOffsets/poc.cpp Merged: https://gist.github.com/snovvcrash/43e976779efdd20df1596c6492198c99 #lsass #wdigest #credguard

APT
APT
14 667
🎁 Application Security Pipelines (Now with guides) Scan your code, infrastructure configs and domains with many open source
🎁 Application Security Pipelines (Now with guides) Scan your code, infrastructure configs and domains with many open source scanners. Currently supported: trufflehog, gitleaks, bandit, gosec, spotbugs, terrascan, hadolint, retirejs, eslint, phpcs, sonarqube integration, semgrep, arachni, zap, subfinder, nuclei.. All reports will be passed to defectdojo Guides: https://github.com/Whitespots-OU/DevSecOps-Pipelines Integration examples: https://gitlab.com/whitespots-public/vulnerable-apps #appsec #devsecops #pipelines

APT
APT
14 667
😴 DeepSleep A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC https://github.com/thefLink/DeepSl
😴 DeepSleep A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC https://github.com/thefLink/DeepSleep #memory #evasion #maldev

APT
APT
14 667
⚙️ WTFBins WTFBin(n): a binary that behaves exactly like malware, except, somehow, it's not? Site detailing noisy, false positive binaries created that's super helpful in getting filter ideas together for monitoring and hunting rules. https://wtfbins.wtf/ #wtfbins #blueteam

APT
APT
14 667
🔐 Credential Guard Bypass The well-known WDigest module, which is loaded by LSASS, has two interesting global variables: g_I
🔐 Credential Guard Bypass The well-known WDigest module, which is loaded by LSASS, has two interesting global variables: g_IsCredGuardEnabled and g_fParameter_UseLogonCredential. Their name is rather self explanatory, the first one holds the state of Credential Guard within the module, the second one determines whether clear-text passwords should be stored in memory. By flipping these two values, you can trick the WDigest module into acting as if Credential Guard was not enabled. Research: https://itm4n.github.io/credential-guard-bypass/ PoC: https://github.com/itm4n/Pentest-Windows/blob/main/CredGuardBypassOffsets/poc.cpp #lsass #wdigest #credential #guard #research

APT
APT
14 667
Repost from Кавычка
Уязвимости и атаки на CMS Bitrix 1. Особенности 2. Уязвимости 3. Методы атак Приятного чтения!

APT
APT
14 667
🔗 Active Directory ACL Attack Paths Through LDAP Relaying Attacks This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external internet-facing IP address. https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/ #ad #ldap #relay #acl #research