Available now! Telegram Research 2025 — the year's key insights 
Proxy Bar
Open in Telegram
Exploits, Hacking and Leaks Чат группы - https://t.me/chat_proxy_bar Связь с администрацией и реклама: @NULL_vm Поддержать проект: BTC bc1qmrt229eghjyj9wqa7nmr9j8zuq6khz6km2pker
Show more📈 Analytical overview of Telegram channel Proxy Bar
Channel Proxy Bar (@proxy_bar) in the Russian language segment is an active participant. Currently, the community unites 20 635 subscribers, ranking 6 561 in the Technologies & Applications category and 32 787 in the Russia region.
📊 Audience metrics and dynamics
Since its creation on невідомо, the project has demonstrated rapid growth, gathering an audience of 20 635 subscribers.
According to the latest data from 10 June, 2026, the channel demonstrates stable activity. Although there has been a change in the number of participants by 170 over the last 30 days and by 5 over the last 24 hours, overall reach remains high.
- Verification status: Not verified
- Engagement rate (ER): The average audience engagement rate is 19.35%. Within the first 24 hours after publication, content typically collects 12.60% reactions from the total number of subscribers.
- Post reach: On average, each post receives 3 993 views. Within the first day, a publication typically gains 2 600 views.
- Reactions and interaction: The audience actively supports content: the average number of reactions per post is 11.
- Thematic interests: Content is focused on key topics such as cve-2025, exploit, linux, birth, define.
📝 Description and content policy
The author describes the resource as a platform for expressing subjective opinions:
“Exploits, Hacking and Leaks
Чат группы - https://t.me/chat_proxy_bar
Связь с администрацией и реклама:
@NULL_vm
Поддержать проект:
BTC bc1qmrt229eghjyj9wqa7nmr9j8zuq6khz6km2pker”
Thanks to the high frequency of updates (latest data received on 11 June, 2026), the channel maintains relevance and a high level of publication reach. Analytics show that the audience actively interacts with content, making it an important point of influence in the Technologies & Applications category.
20 635
Subscribers
+524 hours
+177 days
+17030 days
Data loading in progress...
Similar Channels
Tags Cloud
Incoming and Outgoing Mentions
---
---
---
---
---
---
Attracting Subscribers
June '26
June '26
+72
in 3 channels
May '26
+309
in 4 channels
Get PRO
April '26
+349
in 14 channels
Get PRO
March '26
+392
in 13 channels
Get PRO
February '26
+362
in 11 channels
Get PRO
January '26
+310
in 12 channels
Get PRO
December '25
+262
in 8 channels
Get PRO
November '25
+332
in 8 channels
Get PRO
October '25
+268
in 6 channels
Get PRO
September '25
+256
in 6 channels
Get PRO
August '25
+275
in 9 channels
Get PRO
July '25
+303
in 8 channels
Get PRO
June '25
+312
in 11 channels
Get PRO
May '25
+299
in 9 channels
Get PRO
April '25
+400
in 7 channels
Get PRO
March '25
+506
in 14 channels
Get PRO
February '25
+403
in 9 channels
Get PRO
January '25
+292
in 12 channels
Get PRO
December '24
+229
in 8 channels
Get PRO
November '24
+362
in 14 channels
Get PRO
October '24
+368
in 8 channels
Get PRO
September '24
+300
in 9 channels
Get PRO
August '24
+510
in 13 channels
Get PRO
July '24
+484
in 10 channels
Get PRO
June '24
+398
in 10 channels
Get PRO
May '24
+600
in 15 channels
Get PRO
April '24
+411
in 11 channels
Get PRO
March '24
+503
in 6 channels
Get PRO
February '24
+578
in 13 channels
Get PRO
January '24
+211
in 3 channels
Get PRO
December '23
+321
in 12 channels
Get PRO
November '23
+452
in 11 channels
Get PRO
October '23
+521
in 10 channels
Get PRO
September '23
+325
in 0 channels
Get PRO
August '23
+417
in 0 channels
Get PRO
July '23
+508
in 0 channels
Get PRO
June '23
+402
in 0 channels
Get PRO
May '23
+623
in 0 channels
Get PRO
April '23
+293
in 0 channels
Get PRO
March '23
+890
in 0 channels
Get PRO
February '23
+336
in 0 channels
Get PRO
January '23
+680
in 0 channels
Get PRO
December '22
+371
in 0 channels
Get PRO
November '22
+403
in 0 channels
Get PRO
October '22
+862
in 0 channels
Get PRO
September '22
+461
in 0 channels
Get PRO
August '22
+264
in 0 channels
Get PRO
July '22
+228
in 0 channels
Get PRO
June '22
+395
in 0 channels
Get PRO
May '22
+664
in 0 channels
Get PRO
April '22
+1 013
in 0 channels
Get PRO
March '22
+2 137
in 0 channels
Get PRO
February '22
+1 158
in 0 channels
Get PRO
January '22
+646
in 0 channels
Get PRO
December '21
+622
in 0 channels
| Date | Subscriber Growth | Mentions | Channels | |
| 11 June | +3 | |||
| 10 June | +11 | |||
| 09 June | +5 | |||
| 08 June | +4 | |||
| 07 June | +4 | |||
| 06 June | +2 | |||
| 05 June | +1 | |||
| 04 June | +7 | |||
| 03 June | +14 | |||
| 02 June | +9 | |||
| 01 June | +12 |
Channel Posts
GreatXML: Bypassing BitLocker on Windows 11 via a Recovery-Partition unattend.xml
Original text: “GreatXML — BitLocker bypass vulnerability” — NightmareEclipse (GitHub handle MSNightmare), released under the MIT license. The README, the unattend.xml, the ReAgent.xml and both screenshots below are reproduced verbatim with attribution captions, in line with the project’s MIT terms.
Executive Summary
GreatXML is a one-file BitLocker bypass against Windows 11 (build 10.0.26100, the 24H2…
https://core-jmp.org/2026/06/greatxml-bitlocker-bypass-winre-unattend-xml/
| 2 |  ITScape: Guest-to-Host Escape in KVM/arm64
*
ALL in ONE | 2 349 |
| 3 | ЧТО то мне эта копирка сильно напоминает, ну слово в слово
read
#damage #рукалицо | 2 310 |
| 4 |  Covert Kernel/User Communication Channels on Windows: Rootkits, Game Cheats, and Detection
Original text: “Covert Kernel/User Communication Channels on Windows: Rootkits, Game Cheats, and Detection” — kernullist, Kernullist’s Blog (Jun 10, 2026). Classification tables, ASCII flow diagrams, and C-language structure declarations below are reproduced verbatim with attribution captions.
Executive Summary
A modern Windows kernel-assisted threat is almost never a single user-mode binary doing all the work. It…
https://core-jmp.org/2026/06/covert-kernel-user-communication-channels-windows-rootkits-cheats-detection/ | 2 479 |
| 5 |  No text... | 3 213 |
| 6 |  Patching the Windows Kernel via BYOVD: ThrottleStop.sys, MmMapIoSpace and the NtAddAtom Trampoline
Original text: “Whoops! I did it again. I patched Windows Kernel at Milan0day 2026” — zer0matt, zer0matt’s blog (29 May 2026). PoC: github.com/zer0matt/Milan0day2026. Diagrams below are reproduced from the original with attribution; prose is paraphrased.
Executive Summary
zer0matt’s Milan0day 2026 talk and accompanying writeup demonstrate a clean Bring Your Own Vulnerable Driver (BYOVD) chain that…
https://core-jmp.org/2026/06/patching-windows-kernel-byovd-throttlestop-mmmapiospace-ntaddatom/ | 3 366 |
| 7 | Client-Side Container Attack: DLL Sideloading wab.exe via Email Archive Delivery
Original text: “Initial access. Client side container attack” — Leigh Gilbert, Exploitz (exploitz.ca, June 2026). The diagrams below are reproduced with attribution; prose is paraphrased. MITRE ATT&CK reference: T1574.001 — DLL Search Order Hijacking.
Executive Summary
Leigh Gilbert’s walkthrough chains together a long-known but still effective initial-access pattern: ship a signed Microsoft binary that has…
https://core-jmp.org/2026/06/client-side-container-attack-dll-sideloading-wab-exe-email-archive/ | 3 128 |
| 8 |  Microsoft Defender Now Monitors Remote RPC Activity: What It Catches and How to Hunt
Original text: “Microsoft Defender now monitors RPC activity” — EdanZwick, Microsoft Tech Community / Microsoft Defender for Endpoint Blog (08 Jun 2026). The three KQL hunting queries below are reproduced verbatim with attribution. Prose is paraphrased; for the Defender XDR alert / detection screenshots, see the original post.
Executive Summary
Microsoft has extended Defender’s existing…
https://core-jmp.org/2026/06/microsoft-defender-monitors-remote-rpc-activity/ | 2 871 |
| 9 | OOBdump: Single-Shot Heap-OOB Exploitation of objdump -g via FR30 Relocations
Original text: “OOBdump: Relocation Oriented Programming” — Calif, blog.calif.io (08 Jun 2026, no individual byline). PoCs and writeups: github.com/califio/publications/…/oobdump. Short illustrative code excerpts and the original article’s diagrams are reproduced with attribution; the prose is paraphrased.
Executive Summary
The Calif team has been quietly collecting trophy bugs in reverse-engineering tooling for a while — IDA…
https://core-jmp.org/2026/06/oobdump-objdump-fr30-relocation-oriented-programming/ | 2 705 |
| 10 |  BusyWork: Replacing Sleep with Real Work to Break Behavioral Detection
Original text: “BusyWork: Replacing Sleep with Real Work to Break Behavioral Detection” — patchi.fyi (07 Jun 2026, byline shows only the site handle — author not publicly attributed). Library source: github.com/PatchRequest/BusyWork. Short illustrative code excerpts are reproduced with attribution; longer routines are summarised — consult the upstream repo for full sources.
Executive Summary
A thread…
https://core-jmp.org/2026/06/busywork-replacing-sleep-with-real-work-behavioral-detection/ | 2 778 |
| 11 | BOF Cocktails in Cobalt Strike: Instrumenting BOFs with BEACON_INLINE_EXECUTE and Crystal Palace
Original text: “BOF Cocktails in Cobalt Strike” — Rasta Mouse, rastamouse.me (05 Jun 2026). Code blocks and the screenshot below are reproduced verbatim from the source with attribution.
Executive Summary
Post-exploitation Beacon Object Files (BOFs) historically inherited their evasion posture from whatever agent or loader executed them. If the loader took care of unhooking, masking,…
https://core-jmp.org/2026/06/bof-cocktails-cobalt-strike-beacon-inline-execute-crystal-palace/ | 3 022 |
| 12 |  Qualcomm QAIC Kernel Driver Page Use-After-Free: From Stale Mmap to Pipe-Buffer-Backed Kernel R/W (Walk-through of Lukas Maar’s Linux v6.18 Exploit)
Original text: “Privilege Escalation via a Page Use-After-Free in Qualcomm’s AI Accelerator Linux Kernel Driver” — Lukas Maar, Security Blog (23 May 2026). Code blocks and figures below are reproduced verbatim with attribution captions.
Executive Summary
Lukas Maar’s post writes up a clean page-level use-after-free in the upstream drivers/accel/qaic Linux kernel driver. The bug is…
https://core-jmp.org/2026/06/qualcomm-qaic-kernel-driver-page-uaf-pipe-buffer-kernel-rw-lukas-maar/ | 4 589 |
| 13 | CVE-2026-23631 DarkReplica
*
Redis Post-Auth RCE Exploit | 4 881 |
| 14 | Social Engineering: Attacking Networks with a BadUSB-ETH, Part 2
Original text by CO11ATERAL
A small USB device can cause a lot of damage when it’s physically plugged into a machine. In this scenario, a BadUSB turns a connection into a bridge for capturing authentication data and gaining network access, even on locked systems.
Welcome back, aspiring cyberwarriors!
In Part 1, we set the foundation…
https://core-jmp.org/2026/06/social-engineering-attacking-networks-with-a-badusb-eth-part-2/ | 4 747 |
| 15 | Reverse-engineering Valorant’s Vanguard Guarded Regions: PML4 Cloning, CR3 Swaps, and the SwapContext Hook PoC (Walk-through of Xyrem’s Post)
Original text: “In-depth analysis on Valorant’s Guarded Regions” — Xyrem, reversing.info (2023). Code blocks and figures below are reproduced verbatim with attribution captions.
Executive Summary
Riot’s Vanguard anti-cheat keeps a slice of Valorant’s game state in memory that is, from any other process or unprivileged thread’s point of view, simply not mapped. Xyrem’s post walks…
https://core-jmp.org/2026/06/reverse-engineering-valorant-vanguard-guarded-regions-pml4-cr3-swap-context-hook/ | 4 294 |
| 16 |  Red Team Tactics: Utilizing Syscalls in C# — Writing the Code (Walk-through of Jack Halon’s Direct-Syscall PoC)
Original text: “Red Team Tactics: Utilizing Syscalls in C# – Writing The Code” — Jack Halon, Jack Hacks (16 April 2020, updated). Code blocks and figures below are reproduced verbatim with attribution captions.
Executive Summary
Jack Halon’s second “Utilizing Syscalls in C#” post is the implementation half of the series: take the conceptual understanding of…
https://core-jmp.org/2026/06/red-team-tactics-utilizing-syscalls-in-csharp-writing-the-code/ | 4 128 |
| 17 | Hidden HTTP/2 Bomb
*
FOR nginx, Apache httpd, Microsoft IIS, Envoy, Cloudflare Pingora
*
WriteUP + LABs + PoCs | 4 117 |
| 18 | One Click, One Hash: Unpatched NTLM Coercion in Windows Search URI Handler
Original text by Andrew Schwartz
Key Takeaways
Same bug class. No CVE. No fix. The NTLM coercion primitive in the Windows search: URI handler is technically identical to CVE-2026-33829 in the Snipping Tool. Same severity rating, same mechanism, same potential impact. Microsoft closed it without a CVE or a patch, describing its triage process as…
https://core-jmp.org/2026/06/one-click-one-hash-unpatched-ntlm-coercion-in-windows-search-uri-handler/ | 4 520 |
| 19 | Bypassing Windows Defender and AMSI: A Practical Defense Evasion Guide for Red Team Operators
Original text: “Обход Windows Defender и AMSI: практический гайд по defense evasion для Red Team” — Сергей Попов, Codeby.net (21 April 2026). Code blocks below are reproduced verbatim with attribution captions.
Executive Summary
Modern Microsoft Defender is not a single antivirus process — it is a stack of independent layers (static engine, kernel-mode filesystem filter,…
https://core-jmp.org/2026/06/bypassing-windows-defender-amsi-defense-evasion-red-team-guide/ | 4 054 |
| 20 |  Two-Shot Kernel Shellcode: Bypassing CR4 Pinning With KProbes for Linux Kernel Control-Flow Hijack to Shellcode
Original text: “Revisiting Two-Shot Kernel Shellcode Execution From Control Flow Hijacking” — zolutal, zolutal’s blog (10 February 2026). Code blocks below are reproduced verbatim with attribution captions.
Executive Summary
Andrey Konovalov’s 2017 Project Zero write-up showed a clean way to turn a control-flow hijack on the Linux kernel into shellcode execution: pivot into native_write_cr4 with…
https://core-jmp.org/2026/06/two-shot-kernel-shellcode-cr4-pinning-bypass-kprobes/ | 3 662 |
