All Security Engineering Courses

Open in Telegram

This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmark me!

Russia35 862 Technologies & Applications7 138...

📈 Analytical overview of Telegram channel All Security Engineering Courses

Channel All Security Engineering Courses (@allsecurityengineeringcourses) in the English language segment is an active participant. Currently, the community unites 18 817 subscribers, ranking 7 138 in the Technologies & Applications category and 35 862 in the Russia region.

📊 Audience metrics and dynamics

Since its creation on невідомо, the project has demonstrated rapid growth, gathering an audience of 18 817 subscribers.

According to the latest data from 19 June, 2026, the channel demonstrates stable activity. Although there has been a change in the number of participants by 133 over the last 30 days and by 6 over the last 24 hours, overall reach remains high.

Verification status: Not verified
Engagement rate (ER): The average audience engagement rate is 11.29%. Within the first 24 hours after publication, content typically collects 2.64% reactions from the total number of subscribers.
Post reach: On average, each post receives 2 125 views. Within the first day, a publication typically gains 496 views.
Reactions and interaction: The audience actively supports content: the average number of reactions per post is 3.
Thematic interests: Content is focused on key topics such as git, strace, github, linux, docker.

📝 Description and content policy

The author describes the resource as a platform for expressing subjective opinions:
“This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmar...”

Thanks to the high frequency of updates (latest data received on 20 June, 2026), the channel maintains relevance and a high level of publication reach. Analytics show that the audience actively interacts with content, making it an important point of influence in the Technologies & Applications category.

18 817

Subscribers

+624 hours

+337 days

+13330 days

2 125

Post views

~ 49624 hours

~ 66148 hours

11.29%

Engagement rate

No data

Posts per day

Ads index

beta

Posts Archive

18 817

Repost from Freedom Fox 🏴‍☠

#apt #report Отличный анализ нового механизма UDC2 для создания кастомных каналов коммуникации для C2 https://whiteknightlabs.com/2026/01/06/the-new-chapter-of-egress-communication-with-cobalt-strike-user-defined-c2/ Чат в МАХ Канал в МАХ Telegram ✉️ @freedomfox

18 817

Repost from Freedom Fox 🏴‍☠

MSSQLBOF #BOF (Beacon Object File) для взаимодействия с #MSSQL. Не требует msodbcsql.dll, sqloledb.dll, .NET CLR или PowerShell. Интегрируется в любой популярный C2: Cobalt Strike; Havoc; Sliver; BruteRatel; Nighthawk; AdaptixC2; Metasploit; PoshC2. Чат в МАХ Канал в МАХ Telegram ✉️ @freedomfox

18 817

Repost from cobaltstrike

A BOF that's a BOF Loader and more https://github.com/0xTriboulet/InlineExecuteEx

18 817

HackSmarter - Hands on Phishing 🔥🆕 👨‍💻 Password : @WickHelps 👍 Exam Guide : link ❗️ Backup all channels link 👨‍💻 Proof of work Link 🚀 Any-Issues: Chat Here 🖥 Download Here1 Here2

18 817

Repost from CVE

CVE-2025-8088 A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. GitHub Link: https://github.com/lennertdefauw/CVE-2025-8088

18 817

Repost from Библиотека Cobalt Strike

A Cobalt Strike RL built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. https://github.com/kapla0011/KaplaStrike #статьи_ссылки_scripts

18 817

Repost from OSCP+ Exam Resources👩‍💻

🔴 A Web-Based OSCP/OSEP Cheat Sheet https://anshu19981.github.io/Pentestcheatsheet/

18 817

Repost from 1N73LL1G3NC3

LOLEXFIL Living off the land Data Exfiltration methods (189 trusted tools).

18 817

Repost from cobaltstrike

Bypassing EDR in a Crystal Clear Way This blog takes you from how C2 payloads actually work under the hood all the way to building a fully evasive reflective loader that bypasses one of the best EDR's, covering module overloading with .pdata registration, NtContinue entry transfer, API call stack spoofing with Draugr, sleep masking, and Crystal Palace YARA signature removal. Every technique explained from why it exists, not just how it works. A Cobalt Strike Reflective Loader built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. https://github.com/kapla0011/KaplaStrike

18 817

Repost from CodeGuard: Academy

🔒 Безопасная настройка OpenSSH: запрет root, ограничение IP, ключи 99% взломов SSH из-за дефолтных настроек. Боты бьют по root:22 24/7. За 10 минут превратим sshd_config в крепость: без root, только ключи, белый список IP. 1️⃣Бэкап и редактирование /etc/ssh/sshd_config

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sudo nano /etc/ssh/sshd_config

2️⃣ Запрет root и паролей

PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes

3️⃣Ограничение по IP (AllowUsers)

# Только с вашего офиса и VPS
AllowUsers admin@192.168.1.100 admin@203.0.113.5 deploy@10.0.0.50
# Или подсети
AllowUsers *@203.0.113.0/24

Root всё равно заблокирован, но можно @ваш_IP для root при необходимости. 4️⃣ Смена порта (обязательно) Port 2222 Боты сканируют 22, ваш 2222 игнорят. Откройте в ufw: sudo ufw allow 2222/tcp 5️⃣ Современные алгоритмы 2025

# Только сильные шифры
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
KexAlgorithms curve25519-sha256,[email protected]

6️⃣ Таймауты и лимиты

ClientAliveInterval 300
ClientAliveCountMax 0
MaxAuthTries 3
LoginGraceTime 30
MaxSessions 2

🔑 Генерация и настройка ключей На локальной машине:

ssh-keygen -t ed25519 -C "admin@server" -f ~/.ssh/server_key
ssh-copy-id -i ~/.ssh/server_key.pub [email protected] -p 2222

Права на сервере:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chown -R $USER:$USER ~/.ssh

✅Тестирование перед рестартом

sudo sshd -t  
# синтаксис конфига
sshd -T | grep -E "(permitrootlogin|passwordauthentication)"  
# эффективные настройки

Подключитесь с нового терминала: ssh -p 2222 admin@server 🔄Применение

sudo systemctl restart sshd
sudo ufw deny 22  # закройте старый порт
sudo ufw reload

🚨Fail2ban как вишенка

sudo apt install fail2ban
sudo systemctl enable fail2ban

В /etc/fail2ban/jail.local:

[sshd]
enabled = true
port = 2222

💥Результат: 0% брутфорса, только ваши ключи с ваших IP. Логи чистые. 🖥 CodeGuard: Academy | Чат

18 817

Repost from 1N73LL1G3NC3

KaplaStrike A Cobalt Strike Reflective Loader built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. Bypassing EDR in a Crystal Clear Way This blog takes you from how C2 payloads actually work under the hood all the way to building a fully evasive reflective loader that bypasses one of the best EDR's, covering module overloading with .pdata registration, NtContinue entry transfer, API call stack spoofing with Draugr, sleep masking, and Crystal Palace YARA signature removal. Every technique explained from why it exists, not just how it works.

18 817

Repost from Библиотека Cobalt Strike

Keylogger-BOF An async keylogger implemented as a Beacon Object File (BOF) for AdaptixC2. Захватывает нажатия клавиш по всей системе с помощью низкоуровневого захвата для клавиатуры (WH_KEYBOARD_LL) без появления каких-либо дополнительных процессов. Все собранные данные хранятся в именованной общей памяти — никогда не касается диска. https://github.com/DarksBlackSk/Keylogger-BOF #статьи_ссылки_scripts

18 817

Repost from 1N73LL1G3NC3

WatchDogKiller PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD Blog: Researching an APT Attack and Weaponizing It: The WatchDog BYOVD Story

18 817

Repost from 1N73LL1G3NC3

PatchReview MS patch checking tool

18 817

Repost from 1N73LL1G3NC3

Gaining Initial Access and Outsmarting SmartScreen .zip email attachment that includes a VHDX (Hard Disk Image File) + Mark of the Web and SmartScreen bypass using Trusted Executable Reputation and DLL Sideloading. Tools: https://github.com/g3tsyst3m/CodefromBlog/tree/main/2026-2-21-Initial%20Access%20and%20Outsmarting%20SmartScreen

18 817

Repost from Whitehat Lab

🏃 AD CS LOLBAS Toolkit

Native Windows toolkit for AD CS enumeration and exploitation. Everything runs through built-in OS components (certreq.exe, certutil.exe, PowerShell AD module, .NET Framework) - no third-party tools needed. Build with a sprinkle of FAFO and some finding out in lab env

Скрипты:

🐥adcs-common.ps1 🐥Invoke-Enumerate.ps1 🐥Invoke-SnapshotAudit.ps1 🐥Invoke-RemoteAudit.ps1 🐥Invoke-ESC1.ps1 .. Invoke-ESC13.ps1 🐥Invoke-FindTemplates.ps1 🐥Invoke-PassTheCert.ps1 🐥Invoke-ShadowCredentials.ps1 🐥Invoke-Kerberoast.ps1 🐥Invoke-DomainRecon.ps1

😹 Repo #adcs #windows #powershell ✈️ Whitehat Lab 💬Chat

18 817

Repost from 1N73LL1G3NC3

The Mimikatz Missing Manual My goal was to create the "Missing Manual" — the documentation that explains not just the commands, but the why and the how of the Windows protocols being manipulated. Parts:

• Foundations: Setting up your environment and the basic syntax. • System Internals: How Windows handles tokens, processes, and services. • LSASS & Credentials: The heart of Mimikatz—extracting secrets from memory. • Kerberos Deep Dive: Tickets, forgery, and delegation. • PKI & Certificates: Hardware and software-based identities. • Domain Persistence: Owning the directory through replication. •DPAPI: Unlocking the secrets at rest.

18 817

Repost from 1N73LL1G3NC3

CVE-2025-61155: Arbitrary Process Termination in GameDriverX64.sys (BYOVD) The GameDriverX64.sys kernel-mode anti-cheat driver (v7.23.4.7 and earlier) contains an access control vulnerability in one of its IOCTL handlers. A user-mode process can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel-mode context, allowing the attacker to terminate arbitrary processes, including critical system and security services (AV / EDR), without requiring administrative privileges. Blog: https://vespalec.com/blog/tower-of-flaws/

18 817

Repost from 1N73LL1G3NC3

360WFP_Exploit BYOVD: Use 360 Security WFP driver (360netmon_x64_wfp.sys) to block EDR/XDR network connection.

18 817

Repost from 1N73LL1G3NC3

Lnk-it-up Project for generating and identifying deceptive LNK files. Blog post: Trust Me, I'm A Shortcut. Windows’ primary mechanism for shortcuts, LNK files, is frequently abused by threat actors for payload delivery and persistence. This blog post introduces several new LNK file flaws that, amongst other things, allow attackers to fully spoof an LNK’s target and hide any command-line arguments provided.