¡Ya disponible! Investigación de Telegram 2025 — los principales insights del año 
APT
Ir al canal en Telegram
This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat
Mostrar más📈 Análisis del canal de Telegram APT
El canal APT (@apt_notes) en el segmento lingüístico de Inglés es un actor destacado. Actualmente la comunidad reúne a 14 682 suscriptores, ocupando la posición 8 834 en la categoría Tecnologías y Aplicaciones y el puesto 45 554 en la región Rusia.
📊 Métricas de audiencia y dinámica
Desde su creación el невідомо, el proyecto ha mostrado un crecimiento acelerado, reuniendo a 14 682 suscriptores.
Según los últimos datos del 13 junio, 2026, el canal mantiene una actividad estable. En los últimos 30 días la variación de miembros fue de 414, y en las últimas 24 horas de 17, conservando un alto alcance.
- Estado de verificación: No verificado
- Tasa de interacción (ER): El promedio de interacción de la audiencia es 50.76%. Durante las primeras 24 horas tras publicar, el contenido suele obtener N/A% de reacciones respecto al total de suscriptores.
- Alcance de las publicaciones: Cada publicación recibe en promedio 7 449 visualizaciones. En el primer día suele acumular 0 visualizaciones.
- Reacciones e interacción: La audiencia responde de forma activa: el promedio de reacciones por publicación es 20.
📝 Descripción y política de contenido
El autor describe el recurso como un espacio para expresar opiniones subjetivas:
“This channel discusses:
— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc
Disclaimer:
t.me/APT_Notes/6
Chat Link:
t.me/APT_Notes_PublicChat”
Gracias a la alta frecuencia de actualizaciones (últimos datos recibidos el 14 junio, 2026), el canal mantiene la vigencia y un amplio alcance. La analítica demuestra que la audiencia interactúa activamente con el contenido, lo que lo convierte en un punto de referencia dentro de la categoría Tecnologías y Aplicaciones.
14 682
Suscriptores
+1724 horas
+1027 días
+41430 días
Archivo de publicaciones
14 682
Decoding PDF Injection
This article talks about PDF injection from scratch to the execution of XSS and SSRF via PDF injection.
https://medium.com/@urshilaravindran/pdf-injection-in-simple-words-8c399f92593c
#pdf #xss #ssrf #injection
14 682
ADExplorerSnapshot
ADExplorerSnapshot is an AD Explorer snapshot ingestor for BloodHound.
AD Explorer allows you to connect to a DC and browse LDAP data. It can also create snapshots of the server you are currently attached to. This tool allows you to convert those snapshots to BloodHound-compatible JSON files.
https://github.com/c3c/ADExplorerSnapshot.py
#adexplorer #ldap #json #bloodhound
14 682
Apache APISIX Dashboard — Unauthorized RCE (CVE-2021-45232)
Attackers can access certain interfaces without logging in to Apache APISIX Dashboard, thus making unauthorized changes or obtaining relevant configuration information such as Apache APISIX Route, Upstream, Service, etc., and cause problems such as SSRF, malicious traffic proxies built by attackers, and arbitrary code execution.
Shodan Dorks:
title:"Apache APISIX Dashboard"PoC:
curl http://IP:9000/apisix/admin/migrate/exporthttps://apisix.apache.org/blog/2021/12/28/dashboard-cve-2021-45232/ #apache #apisix #cve #poc
14 682
ldap2json — Offline Analysis Tool
The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Features:
— Authenticate with password
— Authenticate with LM:NT hashes
— Authenticate with kerberos ticket
— Save ldap content in json format
https://github.com/p0dalirius/ldap2json
#ldap #json #tools #redteam
14 682
GoWard
GoWard proxies HTTP C2 traffic to specified Red Team servers based on the HTTP header of the traffic.
https://github.com/chdav/GoWard
#c2 #proxy #redteam
14 682
PHP LFI with Nginx Assistance
This post presents a new method to exploit local file inclusion (LFI) vulnerabilities in utmost generality, assuming only that PHP is running in combination with Nginx under a common standard configuration.
https://bierbaumer.net/security/php-lfi-with-nginx-assistance/
#lfi #nginx #php
14 682
ADCS: Playing with ESC4
ADCS cert template modification and ACL enumeration
https://www.fortalicesolutions.com/posts/adcs-playing-with-esc4
https://github.com/fortalice/modifyCertTemplate
#adcs #certificates #esc4 #acl
14 682
Executing Code Using Microsoft Teams Updater
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/executing-code-using-microsoft-teams-updater/
#teams #redteam #research
14 682
Сaldera — Automated Adversary Emulation Platform
Сaldera is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.
https://github.com/mitre/caldera
#blueteam #redteam #automated
14 682
DetectionLab
DetectionLab is a repository containing a variety of Packer, Vagrant, Powershell, Ansible, and Terraform scripts that allow you to automate the process of bringing an ActiveDirectory environment online complete with logging and security tooling using a variety of different platforms.
DetectionLab can currently be deployed to the following platforms:
— Virtualbox (Windows, MacOS, Linux)
— VMware Workstation/Fusion (Windows, MacOS, Linux)
— HyperV
— ESXi
— AWS
— Azure
— LibVirt (Not officially supported)
— Proxmox (Not officially supported)
https://detectionlab.network/
#lab #cloud #blueteam #redteam
14 682
MultiPotato
Another Potato to get SYSTEM via SeImpersonate privileges
https://github.com/S3cur3Th1sSh1t/MultiPotato
#windows #lpi #potato #tools
14 682
Arsenal of AWS Security Tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
https://github.com/toniblyx/my-arsenal-of-aws-security-tools
#aws #security #benchmarks #blueteam
14 682
A (not so deep) Dive into Grafana CVE-2021-43798
This post will cover some details behind the recent Grafana vulnerability (CVE-2021-43798), which is a directory traversal bug allowing unauthenticated attackers to read files on the target server filesystem. This post will also discuss some real world scenario and attack surface of the Grafana.
https://nusgreyhats.org/posts/writeups/a-not-so-deep-dive-in-to-grafana-cve-2021-43798/
#grafana #lfi #cve
14 682
Windows 10 Hardening
The project started as a simple hardening list for Windows 10. After some time, HardeningKitty was created to simplify the hardening of Windows. Now, HardeningKitty supports guidelines from Microsoft, CIS Benchmarks, DoD STIG and BSI SiSyPHuS Win10
https://github.com/0x6d69636b/windows_hardening/
#blueteam #windows #hardening #benchmarks
14 682
ADCS: Playing with ESC4
Enumeration and abuse of Linux-based ADCS ESC4
Research:
https://www.fortalicesolutions.com/posts/adcs-playing-with-esc4
Source:
https://github.com/fortalice/modifyCertTemplate
#adcs #abuse #pentest #tools
14 682
Docem
A utility to embed XXE and XSS payloads in docx, odt, pptx, etc - any documents that is a zip archive with bunch of xml files inside.
https://github.com/whitel1st/docem
#xxe #xss #doc #file #upload
14 682
Invoke-WinSATBypass
This script will create a mock directory of "
C:\Windows\System32" and copy a legitimate application of Windows (WinSAT.exe) into it.
It will after try to download a DLL called version.dll, which is loaded by default by WinSAT.exe, in order to perform a UAC Bypass by doing some DLL Hijacking.
https://github.com/b4keSn4ke/Invoke-WinSATBypass
#uac #bypass #winsat #tools14 682
#tools
CVE Trends
One cool guy made this tool to monitor CVE trends in twitter. He shared this tool in his russian channel.
https://cvetrends.com/
14 682
mssqlproxy
Toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server.
https://github.com/blackarrowsec/mssqlproxy
#mssql #proxy #pentest #tools
14 682
RogueAssemblyHunter
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
https://github.com/bohops/RogueAssemblyHunter
#dotnet #blueteam #threadhunting
