ch
Feedback
APT

APT

前往频道在 Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

显示更多
俄罗斯45 631技术与应用8 841

📈 Telegram 频道 APT 的分析概览

频道 APT (@apt_notes) 英语 语言赛道中的 是活跃参与者。目前社区聚集了 14 658 名订阅者,在 技术与应用 类别中位列第 8 841,并在 俄罗斯 地区排名第 45 631

📊 受众指标与增长动态

невідомо 创建以来,项目保持高速增长,吸引了 14 658 名订阅者。

根据 12 六月, 2026 的最新数据,频道保持稳定运转。过去 30 天订阅人数变化为 406,过去 24 小时变化为 7,整体触达仍然可观。

  • 认证状态: 未认证
  • 互动率 (ER): 平均受众互动率为 49.89%。内容发布后 24 小时内通常能获得 N/A% 的反应,占订阅者总量。
  • 帖子覆盖: 每篇帖子平均可获得 7 313 次浏览,首日通常累积 0 次浏览。
  • 互动与反馈: 受众积极参与,单帖平均反应数为 20

📝 描述与内容策略

作者将该频道定位为表达主观观点的平台:
This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

凭借高频更新(最新数据采集于 13 六月, 2026),频道始终保持新鲜度与高覆盖。分析显示受众积极互动,使其成为 技术与应用 类别中的关键影响点。

14 658
订阅者
+724 小时
+1007
+40630
帖子存档
APT
APT
14 663
⚙️ Determining AD domain name via NTLM Auth If you have nmap (http-ntlm-info) unable to determine the FQND of an Active Direc
⚙️ Determining AD domain name via NTLM Auth If you have nmap (http-ntlm-info) unable to determine the FQND of an Active Directory domain via OWA, for example due to Citrix NetScaler or other SSO solutions, do it manually! 
1) curl -I -k -X POST -H 'Authorization: NTLM TlRMTVNTUAABAAAAB4IIogAAAAAAAAAAAAAAAAAAAAAKANc6AAAADw==' -H 'Content-Length: 0' https://autodiscover.exmaple.com/ews

2) echo 'TlRMTVNTUAACAAAADAAMAD...' | python2 ./ntlmdecoder.py
Source: ntlmdecoder.py #ntlm #auth #sso #tricks #pentest

APT
APT
14 663
🔑 Cobalt Strike Token Vault This Beacon Object File (BOF) creates in-memory storage for stolen/duplicated Windows access tok
🔑 Cobalt Strike Token Vault This Beacon Object File (BOF) creates in-memory storage for stolen/duplicated Windows access tokens allow you to: — Hot swap/re-use already stolen tokens without re-duplicating; — Store tokens for later use in case of a person log out. https://github.com/Henkru/cs-token-vault #ad #tokens #c2 #cobalt #redteam

APT
APT
14 663
💉ClipboardInject Abusing the clipboard to inject code into remote processes This PoC uses the clipboard to copy a payload into a remote process, eliminating the need for VirtualAllocEx/WriteProcessMemory https://www.x86matthew.com/view_post?id=clipboard_inject #maldev #injection #clipboard #redteam

APT
APT
14 663
🦮 BlueHound It is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining
🦮 BlueHound It is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network It is a fork of NeoDash, reimagined, to make it suitable for defensive security purposes. Blog: 🔗 https://zeronetworks.com/blog/bluehound-community-driven-resilience/ Tool: 🔗 https://github.com/zeronetworks/BlueHound #ad #sharphound #blueteam

APT
APT
14 663
🔔 TamperingSyscalls This is a 2 part novel project consisting of argument spoofing and syscall retrival which both abuse EH
🔔 TamperingSyscalls This is a 2 part novel project consisting of argument spoofing and syscall retrival which both abuse EH in order to subvert EDRs. This project consists of both of these projects in order to provide an alternative solution to direct syscalls. https://github.com/rad9800/TamperingSyscalls #edr #evasion #maldev #syscall #tampering

APT
APT
14 663
🛡 On Detection: Tactical to Functional The goal of this series is to facilitate a conversation about the more technical aspects of attacks and how a deeper understanding at the more foundational levels helps to provide a batter base to build assumptions from. 🔗 Part 1: Discovering API Function Usage through Source Code Review 🔗 Part 2: Operations #maldev #pinvoke #winapi #detection #blueteam #ttp

APT
APT
14 663
Certipy 4.0: ESC9 & ESC10, BloodHound GUI, New Authentication and Request Methods — and more! https://research.ifcr.dk/certipy-4-0-esc9-esc10-bloodhound-gui-new-authentication-and-request-methods-and-more-7237d88061f7 #ad #adcs #certypy #bloodhound

APT
APT
14 663

APT
APT
14 663
🔐 PPLDump RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows. https://github.com/last-byte/RIPPL #ad #ppl #lsass #tools

APT
APT
14 663
🐚 PSAsyncShell: Asynchronous Firewall Bypass PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell. U
🐚 PSAsyncShell: Asynchronous Firewall Bypass PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell. Unlike other reverse shells, all the communication and execution flow is done asynchronously, allowing to bypass some firewalls and some countermeasures against this kind of remote connections. 🔗 Research: https://darkbyte.net/psasyncshell-bypasseando-firewalls-con-una-shell-tcp-asincrona/ 🔗 Source: https://github.com/JoelGMSec/PSAsyncShell #ad #powershell #reverse #shell

APT
APT
14 663
Repost from Offensive Xwitter
😈 [ mpgn_x64, mpgn ] Me after writing ONE vulnerablity out of 10 for the pentest report 🐥 [ tweet ] Жиза же ну
😈 [ mpgn_x64, mpgn ] Me after writing ONE vulnerablity out of 10 for the pentest report 🐥 [ tweet ] Жиза же ну

APT
APT
14 663
🔍 OSINT Tools Today I'm going to talk about two excellent resources for photo editing during OSINT/IMINT. Remini: The image
🔍 OSINT Tools Today I'm going to talk about two excellent resources for photo editing during OSINT/IMINT. Remini: The image unblurring/sharpening tool could help yield better reverse image search and facial recognition result. https://app.remini.ai/ Cleanup.Pictures: One of the best online photo object removal tools I've ever seen. https://cleanup.pictures/ #OSINT #IMINT #ImageAnalysis #tools

APT
APT
14 663
💉 Apache Spark RCE (CVE-2022-33891) Apache Spark could allow an attacker to execute arbitrary commands on the system, caused
💉 Apache Spark RCE (CVE-2022-33891) Apache Spark could allow an attacker to execute arbitrary commands on the system, caused by improper input validation of code path in HttpSecurityFilter when ACSs are enabled. This affects Apache Spark versions 3.0.3 and earlier, versions 3.1.1 to 3.1.2, and versions 3.2.0 to 3.2.1. PoC (Sleep 10): http://localhost:8080/?doAs=`echo%20%22c2xlZXAgMTAK%22%20|%20base64%20-d%20|%20bash` Exploits: https://github.com/HuskyHacks/cve-2022-33891 https://github.com/W01fh4cker/cve-2022-33891 https://github.com/west-wind/CVE-2022-33891 Shodan Dorks: http.favicon.hash:856048515 #apache #spark #rce #cve

APT
APT
14 663
🔓 Unprotect A project that is meant to provide Malware Analysts and Defenders with actionable insights and detection capabil
🔓 Unprotect A project that is meant to provide Malware Analysts and Defenders with actionable insights and detection capabilities to shorten their response times. A catalog of over 200 tricks used by malware to bypass detection and protection tools. There are also rules for detecting these tricks. https://unprotect.it/ #maldev #evasion #redteam #blueteam

APT
APT
14 663
👨‍👩‍👦 Book Can Save A Life I will be very happy if this book helps at least one person to gain knowledge and learn the sci
👨‍👩‍👦 Book Can Save A Life I will be very happy if this book helps at least one person to gain knowledge and learn the science of cybersecurity. The book is mostly practice oriented. This book is dedicated to my wife, Laura, and my children, Yerzhan and Munira. Also, thanks to everyone who is helping me through these difficult times. The proceeds from the sale of this book will be used to treat Munira (my daughter), who is currently battling for her life at a hospital in Istanbul, Turkey. The book is divided into three logical chapters: — Malware development tricks and techniques; — AV evasion tricks; — Persistence techniques. This book costs $16 but you can pay as much as you want. All money will go to the treatment of her daughter. https://cocomelonc.github.io/book/2022/07/16/mybook.html Channel author's preface: Dear cocomelonc (@abuyerzh) I wish you and your daughter health and well-being!

APT
APT
14 663
🪲 Abuse Cloudflare Zerotrust for C2 channels https://0xsp.com/offensive/red-ops-techniques/abuse-cloudflare-zerotrust-for-c2
🪲 Abuse Cloudflare Zerotrust for C2 channels https://0xsp.com/offensive/red-ops-techniques/abuse-cloudflare-zerotrust-for-c2-channels/ #c2 #cloudflare #zerotrust #redteam

APT
APT
14 663
👀 PowerView.py This is an alternative for the awesome original PowerView script. Most of the modules used in PowerView are a
👀 PowerView.py This is an alternative for the awesome original PowerView script. Most of the modules used in PowerView are available in this project. https://github.com/aniqfakhrul/powerview.py #ad #powerview #python #tools

APT
APT
14 663
Repost from Caster
Моя статья по пост-эксплуатации взломанного оборудования Cisco вышла в свет. https://habr.com/ru/post/676942/

APT
APT
14 663
🎲 Abusing forgotten permissions on computer objects in Active Directory The post is a dive into permissions that are set when you pre-create computer accounts the wrong way, why BloodHound missed those and how to abuse, fix, or monitor for this. Resource: 🔗 https://dirkjanm.io/abusing-forgotten-permissions-on-precreated-computer-objects-in-active-directory/ 🔗 https://www.trustedsec.com/blog/diving-into-pre-created-computer-accounts/ #ad #permission #acl

APT
APT
14 663
🧦 Chisel Strike A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities. https://github.com/m3rcer/Chisel-Strike #cobaltstrike #socks #proxy #redteam