APT

رفتن به کانال در Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

نمایش بیشتر

روسيا45 631 فناوری و برنامه‌ها8 841...

📈 تحلیل کانال تلگرام APT

کانال APT (@apt_notes) در بخش زبانی انگلیسی بازیگری فعال است. در حال حاضر جامعه شامل 14 658 مشترک است و جایگاه 8 841 را در دسته فناوری و برنامه‌ها و رتبه 45 631 را در منطقه روسيا دارد.

📊 شاخص‌های مخاطب و پویایی

از زمان ایجاد در невідомо، پروژه رشد سریعی داشته و 14 658 مشترک جذب کرده است.

بر اساس آخرین داده‌ها در تاریخ 12 ژوئن, 2026، کانال فعالیت پایداری دارد. در ۳۰ روز گذشته تغییر اعضا برابر 406 و در ۲۴ ساعت گذشته برابر 7 بوده و همچنان دسترسی گسترده‌ای حفظ شده است.

وضعیت تأیید: تأیید نشده
نرخ تعامل (ER): میانگین تعامل مخاطب 49.89% است و در ۲۴ ساعت نخست پس از انتشار، محتوا معمولاً N/A% واکنش نسبت به کل مشترکان کسب می‌کند.
دسترسی پست‌ها: هر پست به طور میانگین 7 313 بازدید دریافت می‌کند. در اولین روز معمولاً 0 بازدید جمع‌آوری می‌شود.
واکنش‌ها و تعامل: مخاطبان به‌طور فعال حمایت می‌کنند؛ میانگین واکنش به هر پست 20 است.

📝 توضیح و سیاست محتوایی

نویسنده این فضا را محل بیان دیدگاه‌های شخصی توصیف می‌کند:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

به لطف به‌روزرسانی‌های پرتکرار (آخرین داده در تاریخ 13 ژوئن, 2026)، کانال همواره به‌روز و دارای دسترسی بالاست. تحلیل‌ها نشان می‌دهد مخاطبان به‌طور فعال با محتوا تعامل دارند و آن را به نقطه اثرگذاری مهم در دسته فناوری و برنامه‌ها تبدیل کرده‌اند.

14 658

مشترکین

+724 ساعت

+1007 روز

+40630 روز

7 313

نمایش های پست

اطلاعاتی وجود ندارد24 ساعت

اطلاعاتی وجود ندارد48 ساعت

49.89%

نرخ مشارکت

اطلاعاتی وجود ندارد

پست های در روز

Ads index

beta

آرشیو پست ها

14 667

⚔️ Remote Code Injection by Abusing CreateProcess and GetEnvironmentVariable New method of injecting code into a remote process without using WriteProcessMemory. CreateProcess: https://www.x86matthew.com/view_post?id=proc_env_injection GetEnvironmentVariable: https://x-c3ll.github.io/posts/GetEnvironmentVariable-Process-Injection/ #maldev #process #inject #pinvoke #winapi

14 667

📜 Defused That SAN Flag One more post about Microsoft's recent security updates - re changes to Kerberos and the new certificate extension containing the requester's SID. The changes 'defuse' the impact of the flag that allows adding custom subject alternative names to any certificate (including the ones that 'actually' should be auto-enrolled). https://elkement.blog/2022/06/13/defused-that-san-flag/ #ad #adcs #privesc #redteam

14 667

🔍 GitHub Dorks Many people ask me how to do GitHub reconnaissance, find credentials and other information Pentest or RedTeam might need. This post will look at some ways to search GitHub. #github #dorks #recon #osint

14 667

🔑 Extracting Credentials from Chrome Memory An excellent study on how Chrome's memory works and how to extract credentials, cookies, etc. in а low privileges plain text format. https://www.cyberark.com/resources/threat-research-blog/extracting-clear-text-credentials-directly-from-chromium-s-memory #chrome #memory #dump #creds

14 667

Repost from Codeby

🔥 Фильм о команде Codeby на The Standoff 2022 Друзья, уже в скором времени мы будем готовы представить вам документальный фильм об участии команды Codeby на мероприятии The Standoff 2022! Вспомним, какие эмоции испытывали все мы каждый день соревнований, а также узнаем, что происходило в эти дни от лица игроков. А пока предлагаем вам насладиться просмотром небольшого трейлера!

14 667

⚙️ Active Directory Delegation Management Tool Is an Active Directory delegation management tool. It allows you to make a detailed inventory of delegations set up so far in a forest, along with their potential issues: — Objects owned by users — Objects with ACEs for users — Non canonical ACL — Disabled ACL inheritance — Default ACL modified in schema — Deleted delegation trustees It also allows you to document your delegation model in JSON files, to obtain a more readable view: https://github.com/mtth-bfft/adeleg #ad #delegations #ace #acl #tools

14 667

Repost from 1N73LL1G3NC3

Malware development: persistence - part 4. Windows services. Simple C++ example. Malware development: persistence - part 5. AppInit_DLLs. Simple C++ example. Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example.

14 667

Repost from 1N73LL1G3NC3

Malware development: persistence - part 1. Registry run keys. C++ example. Malware development: persistence - part 2. Screensaver hijack. C++ example. Malware development: persistence - part 3. COM DLL hijack.

14 667

🕵️ OSINT Collection Collection of 4000+ OSINT resources https://metaosint.github.io/table/ #osint #recon #collection

14 667

📒Simulating attacks with Sysmon SysmonSimulator is an Open source Windows event simulation utility created in C language, that can be used to simulate most of the attacks using WINAPIs. This can be used by Blue teams for testing the EDR detections and correlation rules. I have created it to generate attack data for the relevant Sysmon Event IDs. Attack coverage: — Process Events — File Events — Named Pipes Events — Registry Actions — Image Loading — Network Connections — Create Remote Thread — Raw Access Read — DNS Query — WMI Events — Clipboard Capture — Process Image Tampering Research: https://rootdse.org/posts/understanding-sysmon-events/ Tool: https://github.com/ScarredMonk/SysmonSimulator #sysmon #simulator #blueteam #lab

14 667

🔥 MS-MSDT Office RCE MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters). The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros). PoC: https://github.com/JohnHammond/msdt-follina https://github.com/chvancooten/follina.py Demo Follina with Cobalt Strike: https://www.youtube.com/watch?v=oM4GHtVvv1c For BlueTeam: https://gist.github.com/kevthehermit/5c8d52af388989cfa0ea38feace977f2 #office #rce #msmsdt #nomacro

14 667

🩸Max (BloodHound) Maximizing BloodHound with a simple suite of tools https://github.com/knavesec/Max #bloodhound #neo4j #cypher

14 667

🔍 Find Uncommon Shares This Python tool equivalent of PowerView Invoke-ShareFinder.ps1 allows to quickly find uncommon shares in vast Windows Active Directory Domains. https://github.com/p0dalirius/FindUncommonShares #ad #enum #shares #tools

14 667

Combination of 2 PoCs for bypassing Credential Guard with in-memory invocation PoC 1 (patch wdigest.dll): https://gist.github.com/N4kedTurtle/8238f64d18932c7184faa2d0af2f1240 PoC 2 (find variable offsets in runtime): https://github.com/itm4n/Pentest-Windows/blob/main/CredGuardBypassOffsets/poc.cpp Merged: https://gist.github.com/snovvcrash/43e976779efdd20df1596c6492198c99 #lsass #wdigest #credguard

14 667

🎁 Application Security Pipelines (Now with guides) Scan your code, infrastructure configs and domains with many open source scanners. Currently supported: trufflehog, gitleaks, bandit, gosec, spotbugs, terrascan, hadolint, retirejs, eslint, phpcs, sonarqube integration, semgrep, arachni, zap, subfinder, nuclei.. All reports will be passed to defectdojo Guides: https://github.com/Whitespots-OU/DevSecOps-Pipelines Integration examples: https://gitlab.com/whitespots-public/vulnerable-apps #appsec #devsecops #pipelines

14 667

😴 DeepSleep A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC https://github.com/thefLink/DeepSleep #memory #evasion #maldev

14 667

⚙️ WTFBins WTFBin(n): a binary that behaves exactly like malware, except, somehow, it's not? Site detailing noisy, false positive binaries created that's super helpful in getting filter ideas together for monitoring and hunting rules. https://wtfbins.wtf/ #wtfbins #blueteam

14 667

🔐 Credential Guard Bypass The well-known WDigest module, which is loaded by LSASS, has two interesting global variables: g_IsCredGuardEnabled and g_fParameter_UseLogonCredential. Their name is rather self explanatory, the first one holds the state of Credential Guard within the module, the second one determines whether clear-text passwords should be stored in memory. By flipping these two values, you can trick the WDigest module into acting as if Credential Guard was not enabled. Research: https://itm4n.github.io/credential-guard-bypass/ PoC: https://github.com/itm4n/Pentest-Windows/blob/main/CredGuardBypassOffsets/poc.cpp #lsass #wdigest #credential #guard #research

14 667

Repost from Кавычка

Уязвимости и атаки на CMS Bitrix 1. Особенности 2. Уязвимости 3. Методы атак Приятного чтения!

14 667

🔗 Active Directory ACL Attack Paths Through LDAP Relaying Attacks This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external internet-facing IP address. https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/ #ad #ldap #relay #acl #research