All Security Engineering Courses

Ir al canal en Telegram

This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmark me!

Rusia35 979 Tecnologías y Aplicaciones7 164...

📈 Análisis del canal de Telegram All Security Engineering Courses

El canal All Security Engineering Courses (@allsecurityengineeringcourses) en el segmento lingüístico de Inglés es un actor destacado. Actualmente la comunidad reúne a 18 788 suscriptores, ocupando la posición 7 164 en la categoría Tecnologías y Aplicaciones y el puesto 35 979 en la región Rusia.

📊 Métricas de audiencia y dinámica

Desde su creación el невідомо, el proyecto ha mostrado un crecimiento acelerado, reuniendo a 18 788 suscriptores.

Según los últimos datos del 13 junio, 2026, el canal mantiene una actividad estable. En los últimos 30 días la variación de miembros fue de 123, y en las últimas 24 horas de 4, conservando un alto alcance.

Estado de verificación: No verificado
Tasa de interacción (ER): El promedio de interacción de la audiencia es 10.31%. Durante las primeras 24 horas tras publicar, el contenido suele obtener 3.09% de reacciones respecto al total de suscriptores.
Alcance de las publicaciones: Cada publicación recibe en promedio 1 937 visualizaciones. En el primer día suele acumular 580 visualizaciones.
Reacciones e interacción: La audiencia responde de forma activa: el promedio de reacciones por publicación es 2.
Intereses temáticos: El contenido se centra en temas clave como git, strace, github, linux, docker.

📝 Descripción y política de contenido

El autor describe el recurso como un espacio para expresar opiniones subjetivas:
“This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmar...”

Gracias a la alta frecuencia de actualizaciones (últimos datos recibidos el 14 junio, 2026), el canal mantiene la vigencia y un amplio alcance. La analítica demuestra que la audiencia interactúa activamente con el contenido, lo que lo convierte en un punto de referencia dentro de la categoría Tecnologías y Aplicaciones.

18 788

Suscriptores

+424 horas

+287 días

+12330 días

1 937

Visitas de la publicación

~ 58024 horas

~ 75048 horas

10.31%

Tasa de compromiso

Sin datos

Mensajes por día

Ads index

beta

Archivo de publicaciones

18 792

Repost from cobaltstrike

A BOF that's a BOF Loader and more https://github.com/0xTriboulet/InlineExecuteEx

18 792

HackSmarter - Hands on Phishing 🔥🆕 👨‍💻 Password : @WickHelps 👍 Exam Guide : link ❗️ Backup all channels link 👨‍💻 Proof of work Link 🚀 Any-Issues: Chat Here 🖥 Download Here1 Here2

18 792

Repost from CVE

CVE-2025-8088 A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. GitHub Link: https://github.com/lennertdefauw/CVE-2025-8088

18 792

Repost from Библиотека Cobalt Strike

A Cobalt Strike RL built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. https://github.com/kapla0011/KaplaStrike #статьи_ссылки_scripts

18 792

Repost from OSCP+ Exam Resources👩‍💻

🔴 A Web-Based OSCP/OSEP Cheat Sheet https://anshu19981.github.io/Pentestcheatsheet/

18 792

Repost from 1N73LL1G3NC3

LOLEXFIL Living off the land Data Exfiltration methods (189 trusted tools).

18 792

Repost from cobaltstrike

Bypassing EDR in a Crystal Clear Way This blog takes you from how C2 payloads actually work under the hood all the way to building a fully evasive reflective loader that bypasses one of the best EDR's, covering module overloading with .pdata registration, NtContinue entry transfer, API call stack spoofing with Draugr, sleep masking, and Crystal Palace YARA signature removal. Every technique explained from why it exists, not just how it works. A Cobalt Strike Reflective Loader built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. https://github.com/kapla0011/KaplaStrike

18 792

Repost from CodeGuard: Academy

🔒 Безопасная настройка OpenSSH: запрет root, ограничение IP, ключи 99% взломов SSH из-за дефолтных настроек. Боты бьют по root:22 24/7. За 10 минут превратим sshd_config в крепость: без root, только ключи, белый список IP. 1️⃣Бэкап и редактирование /etc/ssh/sshd_config

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sudo nano /etc/ssh/sshd_config

2️⃣ Запрет root и паролей

PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes

3️⃣Ограничение по IP (AllowUsers)

# Только с вашего офиса и VPS
AllowUsers admin@192.168.1.100 admin@203.0.113.5 deploy@10.0.0.50
# Или подсети
AllowUsers *@203.0.113.0/24

Root всё равно заблокирован, но можно @ваш_IP для root при необходимости. 4️⃣ Смена порта (обязательно) Port 2222 Боты сканируют 22, ваш 2222 игнорят. Откройте в ufw: sudo ufw allow 2222/tcp 5️⃣ Современные алгоритмы 2025

# Только сильные шифры
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
KexAlgorithms curve25519-sha256,[email protected]

6️⃣ Таймауты и лимиты

ClientAliveInterval 300
ClientAliveCountMax 0
MaxAuthTries 3
LoginGraceTime 30
MaxSessions 2

🔑 Генерация и настройка ключей На локальной машине:

ssh-keygen -t ed25519 -C "admin@server" -f ~/.ssh/server_key
ssh-copy-id -i ~/.ssh/server_key.pub [email protected] -p 2222

Права на сервере:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chown -R $USER:$USER ~/.ssh

✅Тестирование перед рестартом

sudo sshd -t  
# синтаксис конфига
sshd -T | grep -E "(permitrootlogin|passwordauthentication)"  
# эффективные настройки

Подключитесь с нового терминала: ssh -p 2222 admin@server 🔄Применение

sudo systemctl restart sshd
sudo ufw deny 22  # закройте старый порт
sudo ufw reload

🚨Fail2ban как вишенка

sudo apt install fail2ban
sudo systemctl enable fail2ban

В /etc/fail2ban/jail.local:

[sshd]
enabled = true
port = 2222

💥Результат: 0% брутфорса, только ваши ключи с ваших IP. Логи чистые. 🖥 CodeGuard: Academy | Чат

18 792

Repost from 1N73LL1G3NC3

KaplaStrike A Cobalt Strike Reflective Loader built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. Bypassing EDR in a Crystal Clear Way This blog takes you from how C2 payloads actually work under the hood all the way to building a fully evasive reflective loader that bypasses one of the best EDR's, covering module overloading with .pdata registration, NtContinue entry transfer, API call stack spoofing with Draugr, sleep masking, and Crystal Palace YARA signature removal. Every technique explained from why it exists, not just how it works.

18 792

Repost from Библиотека Cobalt Strike

Keylogger-BOF An async keylogger implemented as a Beacon Object File (BOF) for AdaptixC2. Захватывает нажатия клавиш по всей системе с помощью низкоуровневого захвата для клавиатуры (WH_KEYBOARD_LL) без появления каких-либо дополнительных процессов. Все собранные данные хранятся в именованной общей памяти — никогда не касается диска. https://github.com/DarksBlackSk/Keylogger-BOF #статьи_ссылки_scripts

18 792

Repost from 1N73LL1G3NC3

WatchDogKiller PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD Blog: Researching an APT Attack and Weaponizing It: The WatchDog BYOVD Story

18 792

Repost from 1N73LL1G3NC3

PatchReview MS patch checking tool

18 792

Repost from 1N73LL1G3NC3

Gaining Initial Access and Outsmarting SmartScreen .zip email attachment that includes a VHDX (Hard Disk Image File) + Mark of the Web and SmartScreen bypass using Trusted Executable Reputation and DLL Sideloading. Tools: https://github.com/g3tsyst3m/CodefromBlog/tree/main/2026-2-21-Initial%20Access%20and%20Outsmarting%20SmartScreen

18 792

Repost from Whitehat Lab

🏃 AD CS LOLBAS Toolkit

Native Windows toolkit for AD CS enumeration and exploitation. Everything runs through built-in OS components (certreq.exe, certutil.exe, PowerShell AD module, .NET Framework) - no third-party tools needed. Build with a sprinkle of FAFO and some finding out in lab env

Скрипты:

🐥adcs-common.ps1 🐥Invoke-Enumerate.ps1 🐥Invoke-SnapshotAudit.ps1 🐥Invoke-RemoteAudit.ps1 🐥Invoke-ESC1.ps1 .. Invoke-ESC13.ps1 🐥Invoke-FindTemplates.ps1 🐥Invoke-PassTheCert.ps1 🐥Invoke-ShadowCredentials.ps1 🐥Invoke-Kerberoast.ps1 🐥Invoke-DomainRecon.ps1

😹 Repo #adcs #windows #powershell ✈️ Whitehat Lab 💬Chat

18 792

Repost from 1N73LL1G3NC3

The Mimikatz Missing Manual My goal was to create the "Missing Manual" — the documentation that explains not just the commands, but the why and the how of the Windows protocols being manipulated. Parts:

• Foundations: Setting up your environment and the basic syntax. • System Internals: How Windows handles tokens, processes, and services. • LSASS & Credentials: The heart of Mimikatz—extracting secrets from memory. • Kerberos Deep Dive: Tickets, forgery, and delegation. • PKI & Certificates: Hardware and software-based identities. • Domain Persistence: Owning the directory through replication. •DPAPI: Unlocking the secrets at rest.

18 792

Repost from 1N73LL1G3NC3

CVE-2025-61155: Arbitrary Process Termination in GameDriverX64.sys (BYOVD) The GameDriverX64.sys kernel-mode anti-cheat driver (v7.23.4.7 and earlier) contains an access control vulnerability in one of its IOCTL handlers. A user-mode process can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel-mode context, allowing the attacker to terminate arbitrary processes, including critical system and security services (AV / EDR), without requiring administrative privileges. Blog: https://vespalec.com/blog/tower-of-flaws/

18 792

Repost from 1N73LL1G3NC3

360WFP_Exploit BYOVD: Use 360 Security WFP driver (360netmon_x64_wfp.sys) to block EDR/XDR network connection.

18 792

Repost from 1N73LL1G3NC3

Lnk-it-up Project for generating and identifying deceptive LNK files. Blog post: Trust Me, I'm A Shortcut. Windows’ primary mechanism for shortcuts, LNK files, is frequently abused by threat actors for payload delivery and persistence. This blog post introduces several new LNK file flaws that, amongst other things, allow attackers to fully spoof an LNK’s target and hide any command-line arguments provided.

18 792

Repost from OSCP+ Exam Resources👩‍💻

🔴 OSCP Challenge Lab 2 - Relia Complete Walkthrough ❌ Please don't share it.

18 792

Repost from Freedom Fox 🏴‍☠

#ad #collector ADWSDomainDump - инструмент для дампа инфы об AD через протокол ADWS. Позволяет извлекать данные и генерировать вывод в формате ldapdomaindump поверх легитимного HTTP-based протокола Использование:

adwsdomaindump -u 'thewoods.local\mathijs.verschuuren' -p 'password' -n 10.10.10.1 dc01.thewoods.local
[*] Connecting to ADWS host...
[+] ADWS port 9389 is reachable
[*] Binding to ADWS host
[+] Bind OK
[*] Starting domain dump
[+] Domain dump finished

https://github.com/mverschu/adwsdomaindump Чат в МАХ Канал в МАХ Telegram ✉️ @freedomfox