APT ANALYSIS

Open in Telegram

Анализ APT с фокусом на моделирование, обнаружение и управление сложными атаками. Предоставление точных данных и решений для прогнозирования угроз с реальным опытом в области безопасности.

USA11 516 Technologies & Applications33 286

1 725

Subscribers

-2524 hours

-207 days

-82230 days

269

Post views

No data24 hours

No data48 hours

15.39%

Engagement rate

No data

Posts per day

Ads index

beta

Posts Archive

1 725

♣️Create Vulnerable Looking Endpoints to Detect and Mislead Attackers 🌟Blog : https://utkusen.substack.com/p/how-to-create-vulnerable-looking ♣️Microsoft Configuration Manager (ConfigMgr) 2403 Unauthenticated SQL injections (CVE-2024-43468) ⚰️Blog/PoC : https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections ⭐️@APTANALYSIS

1 725

♣️Deep Dive Into a Linux Rootkit Malware 🖤Blog : https://www.fortinet.com/blog/threat-research/deep-dive-into-a-linux-rootkit-malware ⭐️@APTANALYSIS

1 725

Repost from N/a

🗝KeyCopier https://github.com/zinongli/KeyCopier

1 725

♣️Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282) 🤍Blog : https://labs.watchtowr.com/exploitation-walkthrough-and-techniques-ivanti-connect-secure-rce-cve-2025-0282 ⭐️@APTANALYSIS

1 725

♣️Rusty PE Packer 🌟Repo : https://github.com/Azr43lKn1ght/Rusty-PE-Packer ⭐️@APTANALYSIS

1 725

♣️Exploiting SSTI in a Modern Spring Boot Application (3.3.4) 🚬Blog : https://modzero.com/en/blog/spring_boot_ssti ⭐️@APTANALYSIS

1 725

♣️Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation ⚰️Blog : https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day ⭐️@APTANALYSIS

1 725

♣️Dumping LSASS.exe Process Memory (Windows Defender Bypass) 📹 Video : https://youtu.be/GoxR7W6vjns?si=D9b_rpN4tqRb_0rd ⭐️@APTANALYSIS

1 725

♣️ksmbd vulnerability research(CVE-2024-5028x) 👁Blog : https://blog.doyensec.com/2025/01/07/ksmbd-1.html ⭐️@APTANALYSIS

1 725

♣️Building a RuntimeInstaller Payload Pipeline to Evade AV Detection 👁‍🗨Blog : https://practicalsecurityanalytics.com/building-a-runtimeinstaller-payload-pipeline-to-evade-av-detection ⭐️@APTANALYSIS

1 725

♣️Bypass BitLocker encryption on Windows 11 (Memory Dump) 😂Blog : https://noinitrd.github.io/Memory-Dump-UEFI ⭐️@APTANALYSIS

1 725

♣️Clematis : converting PE files (EXE/DLL) into position-independent shellcode 🌟Repo : https://github.com/CBLabresearch/clematis ⭐️@APTANALYSIS

1 725

♣️Hide DDE-Based Attacks in MS Word 🤩Blog : https://null-byte.wonderhowto.com/how-to/hide-dde-based-attacks-ms-word-0180784 ⭐️@APTANALYSIS

1 725

♣️CVE-2024-12908 : Delinea Protocol Handler - Remote Code Execution via Update Process 😈Blog : https://blog.amberwolf.com/blog/2024/december/cve-2024-12908-delinea-protocol-handler---remote-code-execution-via-update-process ⭐️@APTANALYSIS

1 725

♣️Fancy Bear APT28 Adversary Simulation ⛓Blog : https://medium.com/@S3N4T0R/fancy-bear-apt28-adversary-simulation-e5b019668dfa ⭐️@APTANALYSIS

1 725

♣️CVE-2024-54150 : Another JWT Algorithm Confusion 🌟Blog : https://pentesterlab.com/blog/another-jwt-algorithm-confusion-cve-2024-54150 ⭐️@APTANALYSIS

1 725

♣️.NET tool for remotely killing EDR with WDAC 🐈‍⬛Repo : https://github.com/logangoins/Krueger 🌟Blog : https://beierle.win/2024-12-20-Weaponizing-WDAC-Killing-the-Dreams-of-EDR ⭐️@APTANALYSIS

1 725

♣️Active Directory (Guide) 😈Blog : https://mayfly277.github.io/categories ⭐️@APTANALYSIS

1 725

♣️How an obscure PHP footgun led to RCE in Craft CMS 💥Blog : https://www.assetnote.io/resources/research/how-an-obscure-php-footgun-led-to-rce-in-craft-cms ⭐️@APTANALYSIS