APT

Ir al canal en Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Rusia45 631 Tecnologías y Aplicaciones8 841...

📈 Análisis del canal de Telegram APT

El canal APT (@apt_notes) en el segmento lingüístico de Inglés es un actor destacado. Actualmente la comunidad reúne a 14 658 suscriptores, ocupando la posición 8 841 en la categoría Tecnologías y Aplicaciones y el puesto 45 631 en la región Rusia.

📊 Métricas de audiencia y dinámica

Desde su creación el невідомо, el proyecto ha mostrado un crecimiento acelerado, reuniendo a 14 658 suscriptores.

Según los últimos datos del 12 junio, 2026, el canal mantiene una actividad estable. En los últimos 30 días la variación de miembros fue de 406, y en las últimas 24 horas de 7, conservando un alto alcance.

Estado de verificación: No verificado
Tasa de interacción (ER): El promedio de interacción de la audiencia es 49.89%. Durante las primeras 24 horas tras publicar, el contenido suele obtener N/A% de reacciones respecto al total de suscriptores.
Alcance de las publicaciones: Cada publicación recibe en promedio 7 313 visualizaciones. En el primer día suele acumular 0 visualizaciones.
Reacciones e interacción: La audiencia responde de forma activa: el promedio de reacciones por publicación es 20.

📝 Descripción y política de contenido

El autor describe el recurso como un espacio para expresar opiniones subjetivas:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Gracias a la alta frecuencia de actualizaciones (últimos datos recibidos el 13 junio, 2026), el canal mantiene la vigencia y un amplio alcance. La analítica demuestra que la audiencia interactúa activamente con el contenido, lo que lo convierte en un punto de referencia dentro de la categoría Tecnologías y Aplicaciones.

14 658

Suscriptores

+724 horas

+1007 días

+40630 días

7 313

Visitas de la publicación

Sin datos24 horas

Sin datos48 horas

49.89%

Tasa de compromiso

Sin datos

Mensajes por día

Ads index

beta

Archivo de publicaciones

14 667

⚔️ Remote Code Injection by Abusing CreateProcess and GetEnvironmentVariable New method of injecting code into a remote process without using WriteProcessMemory. CreateProcess: https://www.x86matthew.com/view_post?id=proc_env_injection GetEnvironmentVariable: https://x-c3ll.github.io/posts/GetEnvironmentVariable-Process-Injection/ #maldev #process #inject #pinvoke #winapi

14 667

📜 Defused That SAN Flag One more post about Microsoft's recent security updates - re changes to Kerberos and the new certificate extension containing the requester's SID. The changes 'defuse' the impact of the flag that allows adding custom subject alternative names to any certificate (including the ones that 'actually' should be auto-enrolled). https://elkement.blog/2022/06/13/defused-that-san-flag/ #ad #adcs #privesc #redteam

14 667

🔍 GitHub Dorks Many people ask me how to do GitHub reconnaissance, find credentials and other information Pentest or RedTeam might need. This post will look at some ways to search GitHub. #github #dorks #recon #osint

14 667

🔑 Extracting Credentials from Chrome Memory An excellent study on how Chrome's memory works and how to extract credentials, cookies, etc. in а low privileges plain text format. https://www.cyberark.com/resources/threat-research-blog/extracting-clear-text-credentials-directly-from-chromium-s-memory #chrome #memory #dump #creds

14 667

Repost from Codeby

🔥 Фильм о команде Codeby на The Standoff 2022 Друзья, уже в скором времени мы будем готовы представить вам документальный фильм об участии команды Codeby на мероприятии The Standoff 2022! Вспомним, какие эмоции испытывали все мы каждый день соревнований, а также узнаем, что происходило в эти дни от лица игроков. А пока предлагаем вам насладиться просмотром небольшого трейлера!

14 667

⚙️ Active Directory Delegation Management Tool Is an Active Directory delegation management tool. It allows you to make a detailed inventory of delegations set up so far in a forest, along with their potential issues: — Objects owned by users — Objects with ACEs for users — Non canonical ACL — Disabled ACL inheritance — Default ACL modified in schema — Deleted delegation trustees It also allows you to document your delegation model in JSON files, to obtain a more readable view: https://github.com/mtth-bfft/adeleg #ad #delegations #ace #acl #tools

14 667

Repost from 1N73LL1G3NC3

Malware development: persistence - part 4. Windows services. Simple C++ example. Malware development: persistence - part 5. AppInit_DLLs. Simple C++ example. Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example.

14 667

Repost from 1N73LL1G3NC3

Malware development: persistence - part 1. Registry run keys. C++ example. Malware development: persistence - part 2. Screensaver hijack. C++ example. Malware development: persistence - part 3. COM DLL hijack.

14 667

🕵️ OSINT Collection Collection of 4000+ OSINT resources https://metaosint.github.io/table/ #osint #recon #collection

14 667

📒Simulating attacks with Sysmon SysmonSimulator is an Open source Windows event simulation utility created in C language, that can be used to simulate most of the attacks using WINAPIs. This can be used by Blue teams for testing the EDR detections and correlation rules. I have created it to generate attack data for the relevant Sysmon Event IDs. Attack coverage: — Process Events — File Events — Named Pipes Events — Registry Actions — Image Loading — Network Connections — Create Remote Thread — Raw Access Read — DNS Query — WMI Events — Clipboard Capture — Process Image Tampering Research: https://rootdse.org/posts/understanding-sysmon-events/ Tool: https://github.com/ScarredMonk/SysmonSimulator #sysmon #simulator #blueteam #lab

14 667

🔥 MS-MSDT Office RCE MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters). The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros). PoC: https://github.com/JohnHammond/msdt-follina https://github.com/chvancooten/follina.py Demo Follina with Cobalt Strike: https://www.youtube.com/watch?v=oM4GHtVvv1c For BlueTeam: https://gist.github.com/kevthehermit/5c8d52af388989cfa0ea38feace977f2 #office #rce #msmsdt #nomacro

14 667

🩸Max (BloodHound) Maximizing BloodHound with a simple suite of tools https://github.com/knavesec/Max #bloodhound #neo4j #cypher

14 667

🔍 Find Uncommon Shares This Python tool equivalent of PowerView Invoke-ShareFinder.ps1 allows to quickly find uncommon shares in vast Windows Active Directory Domains. https://github.com/p0dalirius/FindUncommonShares #ad #enum #shares #tools

14 667

Combination of 2 PoCs for bypassing Credential Guard with in-memory invocation PoC 1 (patch wdigest.dll): https://gist.github.com/N4kedTurtle/8238f64d18932c7184faa2d0af2f1240 PoC 2 (find variable offsets in runtime): https://github.com/itm4n/Pentest-Windows/blob/main/CredGuardBypassOffsets/poc.cpp Merged: https://gist.github.com/snovvcrash/43e976779efdd20df1596c6492198c99 #lsass #wdigest #credguard

14 667

🎁 Application Security Pipelines (Now with guides) Scan your code, infrastructure configs and domains with many open source scanners. Currently supported: trufflehog, gitleaks, bandit, gosec, spotbugs, terrascan, hadolint, retirejs, eslint, phpcs, sonarqube integration, semgrep, arachni, zap, subfinder, nuclei.. All reports will be passed to defectdojo Guides: https://github.com/Whitespots-OU/DevSecOps-Pipelines Integration examples: https://gitlab.com/whitespots-public/vulnerable-apps #appsec #devsecops #pipelines

14 667

😴 DeepSleep A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC https://github.com/thefLink/DeepSleep #memory #evasion #maldev

14 667

⚙️ WTFBins WTFBin(n): a binary that behaves exactly like malware, except, somehow, it's not? Site detailing noisy, false positive binaries created that's super helpful in getting filter ideas together for monitoring and hunting rules. https://wtfbins.wtf/ #wtfbins #blueteam

14 667

🔐 Credential Guard Bypass The well-known WDigest module, which is loaded by LSASS, has two interesting global variables: g_IsCredGuardEnabled and g_fParameter_UseLogonCredential. Their name is rather self explanatory, the first one holds the state of Credential Guard within the module, the second one determines whether clear-text passwords should be stored in memory. By flipping these two values, you can trick the WDigest module into acting as if Credential Guard was not enabled. Research: https://itm4n.github.io/credential-guard-bypass/ PoC: https://github.com/itm4n/Pentest-Windows/blob/main/CredGuardBypassOffsets/poc.cpp #lsass #wdigest #credential #guard #research

14 667

Repost from Кавычка

Уязвимости и атаки на CMS Bitrix 1. Особенности 2. Уязвимости 3. Методы атак Приятного чтения!

14 667

🔗 Active Directory ACL Attack Paths Through LDAP Relaying Attacks This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external internet-facing IP address. https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/ #ad #ldap #relay #acl #research