fa
Feedback
APT

APT

رفتن به کانال در Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

نمایش بیشتر
روسيا45 663فناوری و برنامه‌ها8 841

📈 تحلیل کانال تلگرام APT

کانال APT (@apt_notes) در بخش زبانی انگلیسی بازیگری فعال است. در حال حاضر جامعه شامل 14 653 مشترک است و جایگاه 8 841 را در دسته فناوری و برنامه‌ها و رتبه 45 663 را در منطقه روسيا دارد.

📊 شاخص‌های مخاطب و پویایی

از زمان ایجاد در невідомо، پروژه رشد سریعی داشته و 14 653 مشترک جذب کرده است.

بر اساس آخرین داده‌ها در تاریخ 11 ژوئن, 2026، کانال فعالیت پایداری دارد. در ۳۰ روز گذشته تغییر اعضا برابر 406 و در ۲۴ ساعت گذشته برابر 16 بوده و همچنان دسترسی گسترده‌ای حفظ شده است.

  • وضعیت تأیید: تأیید نشده
  • نرخ تعامل (ER): میانگین تعامل مخاطب 48.83% است و در ۲۴ ساعت نخست پس از انتشار، محتوا معمولاً N/A% واکنش نسبت به کل مشترکان کسب می‌کند.
  • دسترسی پست‌ها: هر پست به طور میانگین 7 154 بازدید دریافت می‌کند. در اولین روز معمولاً 0 بازدید جمع‌آوری می‌شود.
  • واکنش‌ها و تعامل: مخاطبان به‌طور فعال حمایت می‌کنند؛ میانگین واکنش به هر پست 18 است.

📝 توضیح و سیاست محتوایی

نویسنده این فضا را محل بیان دیدگاه‌های شخصی توصیف می‌کند:
This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

به لطف به‌روزرسانی‌های پرتکرار (آخرین داده در تاریخ 12 ژوئن, 2026)، کانال همواره به‌روز و دارای دسترسی بالاست. تحلیل‌ها نشان می‌دهد مخاطبان به‌طور فعال با محتوا تعامل دارند و آن را به نقطه اثرگذاری مهم در دسته فناوری و برنامه‌ها تبدیل کرده‌اند.

14 653
مشترکین
+1624 ساعت
+1087 روز
+40630 روز
آرشیو پست ها
APT
APT
14 658
Repost from Ralf Hacker Channel
Для дампа памяти процессов, защищённых PPL. Работает с Windows 11 25346.1001 (April 2023). https://github.com/gabriellandau/PPLFault #creds #git #soft

APT
APT
14 658
🕳 Resocks This is a reverse/back-connect SOCKS5 proxy tunnel that can be used to route traffic through a system that can't b
🕳 Resocks This is a reverse/back-connect SOCKS5 proxy tunnel that can be used to route traffic through a system that can't be directly accessed (e.g. due to NAT). The channel is secured by mutually trusted TLS with auto-generated certificates based on a connection key. Blog: https://blog.redteam-pentesting.de/2023/introducing-resocks/ Source: https://github.com/RedTeamPentesting/resocks #socks #proxy #tunnel #mtls

APT
APT
14 658
🥶 Freeze Freeze.rs is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealth
🥶 Freeze Freeze.rs is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. Freeze.rs utilizes multiple techniques to not only remove Userland EDR hooks, but to also execute shellcode in such a way that it circumvents other endpoint monitoring controls. Research: https://www.optiv.com/insights/source-zero/blog/sacrificing-suspended-processes Source: https://github.com/optiv/Freeze.rs #av #edr #etw #windows #maldev

APT
APT
14 658
Repost from 1N73LL1G3NC3
ETWHash ETWHash is a C# POC that is able to extract NetNTLMv2 hashes of incoming authentications via SMB, by consuming ETW ev
ETWHash ETWHash is a C# POC that is able to extract NetNTLMv2 hashes of incoming authentications via SMB, by consuming ETW events from the Microsoft-Windows-SMBServer provider {D48CE617-33A2-4BC3-A5C7-11AA4F29619E} https://labs.nettitude.com/blog/etwhash-he-who-listens-shall-receive/

APT
APT
14 658
Repost from Offensive Xwitter
😈 [ mpgn_x64, mpgn ] The sponsor version of CrackMapExec just receive an update from @MJHallenbeck 🚀 ▶️ cme is now using ri
😈 [ mpgn_x64, mpgn ] The sponsor version of CrackMapExec just receive an update from @MJHallenbeck 🚀 ▶️ cme is now using rich logging from @willmcgugan ▶️ a progress bar has been added 🚄🚃🚃 ▶️ protocol ssh is now working with a key ▶️ cmedb now store creds found with ssh @porchetta_ind 🪂 🐥 [ tweet ]

APT
APT
14 658
Repost from PT SWARM
Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707) 👤 by testanull While analyzing CVE-20
Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707) 👤 by testanull While analyzing CVE-2022-41082, also known as Proxy Not Shell, researcher discovered CVE-2023-21707 vulnerability which he has detailed in this blog. The vulnerability allows a privileged user to trigger RCE during a deserialization of untrusted data. 📝 Contents: ● Introduction ● The new variant ● Payload delivery ● Demo ● References https://starlabs.sg/blog/2023/04-microsoft-exchange-powershell-remoting-deserialization-leading-to-rce-cve-2023-21707/

APT
APT
14 658
🕸️ PowerShell Obfuscation Bible A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion. https://github.com/t3l3machus/PowerShell-Obfuscation-Bible #powershell #obfuscation #redteam

APT
APT
14 658

APT
APT
14 658
Repost from Ralf Hacker Channel
В семействе картошек пополнение - GodPotato. Windows LPE: * Windows Server 2012 - Windows Server 2022 ; * Windows8 - Windows 11 https://github.com/BeichenDream/GodPotato #git #soft #lpe

APT
APT
14 658
Repost from Offensive Xwitter
😈 [ _Kudaes_, Kurosh Dabbagh ] I've found that fibers may be something to look at when it comes to execute local in-memory code. This is a simple PoC of how you can leverage fibers to execute in-memory code without spawning threads and hiding suspicious thread stacks among others. https://t.co/kjIPOunGun 🔗 https://github.com/Kudaes/Fiber 🐥 [ tweet ]

APT
APT
14 658
🕳 Ngrok: SSH Reverse Tunnel Agent Did you know that you can run ngrok without even installing ngrok? You can start tunnels v
🕳 Ngrok: SSH Reverse Tunnel Agent Did you know that you can run ngrok without even installing ngrok? You can start tunnels via SSH without downloading an ngrok agent by running an SSH reverse tunnel command: ssh -i ~/.ssh/id_ed25519 -R 80:localhost:80 v2@tunnel.us.ngrok.com http Source: https://ngrok.com/docs/secure-tunnels/tunnels/ssh-reverse-tunnel-agent/ #ngrok #ssh #reverse #tunnel

APT
APT
14 658
Repost from Ralf Hacker Channel
Запись нашего стрима про пентест и redteam с крутыми ребятами: * @clevergod – вице-капитан команды Codeby с колоссальным опытом в ред тим проектах; * @Riocool – создатель Telegram канала RedTeam Brazzers, участник команды True0xA3; * @Acrono – создатель Telegram канала APT и автор нескольких CVE; * @puni1337 - ведущий стримов Codeby. https://www.youtube.com/live/ITtiyhA0rwU?feature=share Интересно пообщались, не без смешных историй)) #stream #video

APT
APT
14 658
Repost from Offensive Xwitter
😈 [ elkement, elkement ] Hi Active Directory / ADCS hackers, I've published something! You can add the new SID extension manually if certificate templates allow for custom names: https://t.co/SndcHH3Kz7 🔗 https://elkement.blog/2023/03/30/lord-of-the-sid-how-to-add-the-objectsid-attribute-to-a-certificate-manually/ 🐥 [ tweet ]

APT
APT
14 658
Repost from Codeby
👩‍💻 За кулисами Red Team. Интересные ситуации в проектах. Друзья, рады вам сообщить, что уже в эту субботу, 1 апреля, мы пр
👩‍💻 За кулисами Red Team. Интересные ситуации в проектах. Друзья, рады вам сообщить, что уже в эту субботу, 1 апреля, мы проведём наш первый стрим в этом году! Мы пригласили экспертов информационной безопасности, которые поделятся опытом работы в Red Team и расскажут о самых интересных и необычных ситуациях, с которыми они сталкивались в проектах по тестированию на проникновение. Вы узнаете, как они решают проблемы и справляются с непредсказуемыми ситуациями в процессе работы. 🌟 У нас в гостях: 🔹 @T3m3t_N0sc3 – гуру инфраструктурных пентестов и автор множества статей по Red Team; 🔹 @clevergod – вице-капитан команды Кодебай с колоссальным опытом в ред тим проектах; 🔹 @Riocool – основатель группы единомышленников RedTeam Brazzers, участник команды True0xA3; 🔹 @Acrono – создатель группы Telegram APT и автор нескольких CVE для Windows. 🎤 И, конечно же, ваш незаменимый ведущий – @puni1337! ⏰ Мы ждем вас 1 апреля в 17:00 по московскому времени! 🌐 Смотрите стрим в нашем Youtube канале #pentest #redteam #stream

APT
APT
14 658
🔄 CertSync New technique in order to dump NTDS remotely, but without DRSUAPI it uses golden certificate and UnPAC the hash.
🔄 CertSync New technique in order to dump NTDS remotely, but without DRSUAPI it uses golden certificate and UnPAC the hash. It does not require to use a Domain Administrator, it only require a CA Administrator. It works in several steps: — Dump user list, CA informations and CRL from LDAP; — Dump CA certificate and private key; — Forge offline a certificate for every user; — UnPAC the hash for every user in order to get NT and LM hashes. https://github.com/zblurx/certsync #ad #adcs #drsuapi #ntds #cert #redteam

APT
APT
14 658
⚙️ Joomla < 4.2.8 — Unauthenticated Information Disclosure (CVE-2023-23752) Research: https://vulncheck.com/blog/joomla-fo
⚙️ Joomla < 4.2.8 — Unauthenticated Information Disclosure (CVE-2023-23752) Research: https://vulncheck.com/blog/joomla-for-rce Exploit: https://github.com/Acceis/exploit-CVE-2023-23752 #joomla #information #disclosure #cve

APT
APT
14 658
👾 HeapCrypt Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap. http
👾 HeapCrypt Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap. https://github.com/TheD1rkMtr/HeapCrypt #maldev #heap #encypt #sleep #cpp

APT
APT
14 658
Veeam Backup and Replication (CVE-2023-27532) Vulnerability in Veeam Backup & Replication component allows encrypted credenti
Veeam Backup and Replication (CVE-2023-27532) Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts. Research: https://www.horizon3.ai/veeam-backup-and-replication-cve-2023-27532-deep-dive/ Exploit: https://github.com/horizon3ai/CVE-2023-27532 #veeam #credentials #rce #cve

APT
APT
14 658
Repost from Offensive Xwitter
😈 [ fr0gger_, Thomas Roccia 🤘 ] New EDR/AV evasion technique added to the #UnprotectProject by @Praetorian_GRD "Unloading M
😈 [ fr0gger_, Thomas Roccia 🤘 ] New EDR/AV evasion technique added to the #UnprotectProject by @Praetorian_GRD "Unloading Module Using FreeLibrary". Check out the detailed description, code snippet and CAPA rule👇 #cybersecurity #malware #infosec cf: @DarkCoderSc https://t.co/Td7ogFwVcZ 🔗 https://unprotect.it/technique/unloading-module-with-freelibrary/ 🐥 [ tweet ]

APT
APT
14 658
Repost from 1N73LL1G3NC3
CVE-2023-23397 Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user. PoC: https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY https://github.com/api0cradle/CVE-2023-23397-POC-Powershell