es
Feedback
ThreatXEd Security

ThreatXEd Security

Ir al canal en Telegram

Welcome to ThreatXEd Security! At ThreatXEd , we don’t just hand you the solutions; we equip you with the skills to solve challenges on your own, for a lifetime. DM us on @threatx_support

Mostrar más
1 347
Suscriptores
Sin datos24 horas
+277 días
+2930 días

Carga de datos en curso...

Canales Similares
Sin datos
¿Algún problema? Por favor, actualice la página o contacte a nuestro gerente de soporte.
Menciones Entrantes y Salientes
---
---
---
---
---
---
Atraer Suscriptores
julio '26
julio '26
+44
en 0 canales
junio '26
+54
en 0 canales
Get PRO
mayo '26
+53
en 0 canales
Get PRO
abril '26
+11
en 0 canales
Get PRO
marzo '26
+19
en 1 canales
Get PRO
febrero '26
+18
en 0 canales
Get PRO
enero '26
+49
en 3 canales
Get PRO
diciembre '25
+33
en 0 canales
Get PRO
noviembre '25
+15
en 0 canales
Get PRO
octubre '25
+25
en 0 canales
Get PRO
septiembre '25
+49
en 2 canales
Get PRO
agosto '25
+125
en 1 canales
Get PRO
julio '25
+122
en 1 canales
Get PRO
junio '25
+51
en 0 canales
Get PRO
mayo '25
+58
en 0 canales
Get PRO
abril '25
+103
en 1 canales
Get PRO
marzo '25
+219
en 0 canales
Get PRO
febrero '25
+879
en 0 canales
Get PRO
enero '250
en 2 canales
Get PRO
diciembre '240
en 2 canales
Get PRO
noviembre '24
+10
en 1 canales
Fecha
Crecimiento de Suscriptores
Menciones
Canales
13 julio0
12 julio0
11 julio+2
10 julio+3
09 julio+19
08 julio+7
07 julio+1
06 julio0
05 julio+2
04 julio0
03 julio+5
02 julio+3
01 julio+2
Publicaciones del Canal
🕥ThreatXEd Friday Challenge: Defeating the "Smart" Rate Limiter 🎯 The Scenario You're testing an admin login panel at /admi
🕥ThreatXEd Friday Challenge: Defeating the "Smart" Rate Limiter 🎯 The Scenario You're testing an admin login panel at /admin/login. The app has a rate limiter: more than 5 failed logins from one IP in 60 seconds → instant HTTP 429 Too Many Requests, connection dropped. You fire up Hydra or Burp Intruder against a weak password list... and get walled on attempt #6. 🔍 The Twist You look closer at the 429 response headers and spot something the app leaks back to you:
X-Forwarded-For: 127.0.0.1
🧠 Think it through 1️⃣ What assumption did the developer make when they wired up the rate-limiter relative to reverse proxies? 2️⃣ How would you manually adjust your brute-force request headers to slip past this limiter — without rotating your public IP? 📣 Your move Drop your conceptual payload logic or Python pseudocode in the comments. No copy-pasted tool syntax — we want to see the structural reasoning behind the bypass.
Most accurate answer gets pinned Monday.
#ThreatXEd#FirdayChallenge

2
Tools like Responder don't succeed because of complex exploit payloads; they succeed by hijacking built-in fallback protocols+6
Tools like Responder don't succeed because of complex exploit payloads; they succeed by hijacking built-in fallback protocols that are left enabled by default #ThreatXEd
237
3
https://t.me/Ethiopiastartup
236
4
🚨 The Excel File That Shook Global 2FA 🧬 Cyber Autopsy: The 2011 RSA SecurID Breach One Excel file. One employee. Millions of authentication tokens put at risk. 🎯 The Bait Attackers skipped the executives and targeted a handful of mid-level employees with a convincing email titled: "2011 Recruitment Plan" and what was attached was an innocent-looking .xls spreadsheet. 💥 The Exploit The spreadsheet secretly contained an embedded Adobe Flash object exploiting the zero-day vulnerability CVE-2011-0609. The moment it was opened: - Flash triggered a buffer overflow - A custom Poison Ivy RAT was executed in memory - The attackers gained a stealthy foothold No password theft. No noisy ransomware. Just quiet access. 🕵️ The Pivot Instead of grabbing credentials, the attackers patiently mapped RSA's internal network. Their real objective? 🔑 The master seed values used to generate RSA SecurID tokens. Once those seeds were compromised, the security of countless 2FA deployments around the world was called into question. The real failure wasn't the phishing email. It was the architecture. Once the endpoint was compromised, the attackers moved laterally with too few barriers in their way. Zero Trust + Strong Network Segmentation > Perimeter-Only Security #CyberSecurity #ThreatXEd #BlueTeam #ZeroTrust #NetworkSegmentation
320
5
Agentic AI + Cybersecurity = The Future of Defense Traditional security tools wait for humans to react. Agentic AI changes that. Agentic AI can autonomously observe, reason, decide, and act helping detect threats, investigate attacks, and respond in real time. Imagine AI agents that hunt threats 24/7, analyze malware, and stop attacks before damage happens. The future of cybersecurity isn’t just automation it’s intelligent autonomous defense. #AI #Cybersecurity #AgenticAI #ThreatXed @ThreatXSecurity
538
6
https://youtu.be/rT2iGGuuorc?si=8cVBVUrBWyHnCOQZ
469
7
🚨 ALERT - A critical Splunk Enterprise flaw can go from “no login required” to remote code execution. Tracked as CVE-2026-20
🚨 ALERT - A critical Splunk Enterprise flaw can go from “no login required” to remote code execution. Tracked as CVE-2026-20253, the bug carries a 9.8 CVSS score and affects vulnerable Splunk Enterprise servers through exposed PostgreSQL sidecar endpoints. The exploit chain is now public. Read the full story: https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html
555
8
🛑 Google says a Chinese cybercrime network turned Gemini into a phishing helper. The service, called Outsider, was tied to:
🛑 Google says a Chinese cybercrime network turned Gemini into a phishing helper. The service, called Outsider, was tied to: > 1.59M fraudulent URLs > 9,000 fake websites > 100,000+ victims > $88/week phishing kits sold on Telegram Read: https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html
495
9
THE INTERVIEW IS OUT! 🔥 My full ... https://vt.tiktok.com/ZSQeWtXVp/
651
10
THE INTERVIEW IS OUT! 🔥 My full ... https://vt.tiktok.com/ZSQeWtXVp/
6
11
https://vt.tiktok.com/ZSQeWtXVp/
1
12
THE INTERVIEW IS OUT! 🔥 My full ... https://vt.tiktok.com/ZSQeWtXVp/
1
13
https://youtu.be/s-D7oPkNf6c
559
14
Hey guys We’re planning to rebrand our community name from “ThreatX Security” to a fresh new name. Please suggest modern, unique and professional names related to cybersecurity, ethical hacking, learning, and technology
746
15
ለመላው የእስልምና እምነት ተከታዮች እንኳን ለ1447ኛው የዒድ አል-አድሃ (አረፋ) በዓል በሰላም አደረሳችሁ ! #ThreatX
ለመላው የእስልምና እምነት ተከታዮች እንኳን ለ1447ኛው የዒድ አል-አድሃ (አረፋ) በዓል በሰላም አደረሳችሁ ! #ThreatX
668
16
🔔INSA Summer Camp Registration Extended! Based on the poll results, many candidates requested additional time for registration. Therefore, the INSA Summer Camp registration deadline has been extended by 7 more days. 🗓 New Deadline: May 24, 2026 This program is designed for students who are ready to grow in technology, innovation, and problem-solving through self-awareness, self-development, and challenge-based mentorship. Participants will gain practical exposure in STEAM fields, guided learning experiences, and hands-on challenges that build real skills. ✅ Free registration ✅ Open for elementary, high school, and university students ✅ Self-awareness & personal development focus ✅ Challenge-based mentorship approach ✅ Skill-building through real-world problems ✅ Networking with talented peers Don’t miss this chance—complete your registration before the new deadline. 👉 More information: https://t.me/insactc 👉 Registration Portal: https://ctc.insa.gov.et/registration
653
17
የ2018 ኢመደአ ሰመር ካምፕ የምዝገባ መስፈርቶች – INSA Cyber Talent Challenge 2026 • ምዝገባ በብሔራዊ መታወቂያ (National ID) ይደረጋል (ከውጪ ዜጎች በስተቀር) • በብሔራዊ መታወቂያ (National ID) ከተመዘገቡ/ማራጋገጫ ከጨረሱ ቡሀላ ወደዋናዉ የምዝገባ ፖርታል ገብተዉ ፎርሙን መሙላት እንዳይረሱ • ከ11 ዓመት ጀምሮ ያለ ማንኛውም ታለንት ያለው ኢትዮጵያዊ መሳተፍ ይችላል • ሰመር ካምፑ በ6 ዩኒቨርሲቲዎች ይካሄዳል፡ 1) አዲስ አበባ ሳይንስ እና ቴክኖሎጂ ዩኒቨርሲቲ 2) ባህርዳር ዩኒቨርሲቲ 3) ሀረሚያ ዩኒቨርሲቲ 4) ጅማ ዩኒቨርሲቲ 5) ደብረብርሀን ዩኒቨርሲቲ 6) ወላይታ ሶዶ ዩኒቨርሲቲ • በሳይበር ደህንነት፣ ዴቨሎፕመንት፣ ኢምቤድድ ሲስተም፣ ኤሮስፔስ እና ኢመርጂንግ ቴክኖሎጂ ላይ ፍላጎት እና ተሰጥኦ (Talent with passion) ያላቸው • የተቋሙን ፈተና/ቻሌንጅ ማለፍ የሚችሉ • አዲስ ነገር የመማር ፍላጎት እና ተግባራዊ ስራ ላይ የመሳተፍ ፈቃደኝነት/ዝግጁነት • ችግር ፈቺ እና በራስ የመስራት/የመማር ማይንድሴት ያላቸው • የስነ-ምግባር ችግር የሌለባቸዉ የስልጠና ዘርፎች • ሳይበር ደህንነት • ሶፍትዌር ልማት • Embedded Systems • Aerospace • Emerging Technologies በምዝገባዉ መሳተፍ የማይችሉ/የማይመለከታቸዉ 1. በሳይበር ደህንነት እና ተዛማጅ ዘርፎች ላይ ፍላጎት እና ታለንት የሌላቸዉ 2. በኢመደአ የ4ዙር የሰመር ካምፕ/ፕሮግራም የተሳተፉ ድጋሜ መመዝገብ አይቻልም ⚠️ ማሳሰቢያ፡ ፎርሙ ስትሞሉ ሙሉ በሙሉ በAI የተፃፈ ይዘት መጠቀም አይፈቀድም። ከአንድ ጊዜ በላይ መሞከር ከምዝገባዉ ሊታገዱ ስለሚችሉ። 🎯 ተሳታፊዎች በINSA የመስራት እድል ፣ የስታርታፕ እድል እና ሌሎች ተጨማሪ እድሎች ተጠቃሚ ይሆናሉ 👉 ተጨማሪ መረጃ: https://t.me/insactc 👉 ለመመዝገብ: https://ctc.insa.gov.et/registration
489
18
Master the Web Proxy. 🖥🔥 A quick carousel guide to Burp Suite architecture, core components, and common vulnerabilities. #C+5
Master the Web Proxy. 🖥🔥 A quick carousel guide to Burp Suite architecture, core components, and common vulnerabilities. #CyberSecurity #BurpSuite #EthicalHacking#ThreatX
630
19
From basic port scans to advanced firewall evasion, here is our 2026 Nmap Cheat Sheet for the community. Essential for every+4
From basic port scans to advanced firewall evasion, here is our 2026 Nmap Cheat Sheet for the community. Essential for every ethical hacker's toolkit. Save this for your next penetration test or CTF! #nmap#ethicalhacking#threatx
0