ThreatXEd Security
رفتن به کانال در Telegram
Welcome to ThreatXEd Security! At ThreatXEd , we don’t just hand you the solutions; we equip you with the skills to solve challenges on your own, for a lifetime. DM us on @threatx_support
نمایش بیشتر1 347
مشترکین
اطلاعاتی وجود ندارد24 ساعت
+277 روز
+2930 روز
در حال بارگیری داده...
کانالهای مشابه
هیچ دادهای
مشکلی وجود دارد؟ لطفاً صفحه را تازه کنید یا با مدیر پشتیبانی ما تماس بگیرید.
ابر برچسبها
اشارات ورودی و خروجی
---
---
---
---
---
---
جذب مشترکین
ژوئیه '26
ژوئیه '26
+44
در 0 کانالها
ژوئن '26
+54
در 0 کانالها
Get PRO
مه '26
+53
در 0 کانالها
Get PRO
آوریل '26
+11
در 0 کانالها
Get PRO
مارس '26
+19
در 1 کانالها
Get PRO
فوریه '26
+18
در 0 کانالها
Get PRO
ژانویه '26
+49
در 3 کانالها
Get PRO
دسامبر '25
+33
در 0 کانالها
Get PRO
نوامبر '25
+15
در 0 کانالها
Get PRO
اکتبر '25
+25
در 0 کانالها
Get PRO
سپتامبر '25
+49
در 2 کانالها
Get PRO
اوت '25
+125
در 1 کانالها
Get PRO
ژوئیه '25
+122
در 1 کانالها
Get PRO
ژوئن '25
+51
در 0 کانالها
Get PRO
مه '25
+58
در 0 کانالها
Get PRO
آوریل '25
+103
در 1 کانالها
Get PRO
مارس '25
+219
در 0 کانالها
Get PRO
فوریه '25
+879
در 0 کانالها
Get PRO
ژانویه '250
در 2 کانالها
Get PRO
دسامبر '240
در 2 کانالها
Get PRO
نوامبر '24
+10
در 1 کانالها
| تاریخ | رشد مشترکین | اشارات | کانالها | |
| 13 ژوئیه | 0 | |||
| 12 ژوئیه | 0 | |||
| 11 ژوئیه | +2 | |||
| 10 ژوئیه | +3 | |||
| 09 ژوئیه | +19 | |||
| 08 ژوئیه | +7 | |||
| 07 ژوئیه | +1 | |||
| 06 ژوئیه | 0 | |||
| 05 ژوئیه | +2 | |||
| 04 ژوئیه | 0 | |||
| 03 ژوئیه | +5 | |||
| 02 ژوئیه | +3 | |||
| 01 ژوئیه | +2 |
پستهای کانال
🕥ThreatXEd Friday Challenge: Defeating the "Smart" Rate Limiter
🎯 The Scenario
You're testing an admin login panel at
/admin/login.
The app has a rate limiter: more than 5 failed logins from one IP in 60 seconds → instant HTTP 429 Too Many Requests, connection dropped.
You fire up Hydra or Burp Intruder against a weak password list... and get walled on attempt #6.
🔍 The Twist
You look closer at the 429 response headers and spot something the app leaks back to you:
X-Forwarded-For: 127.0.0.1🧠 Think it through 1️⃣ What assumption did the developer make when they wired up the rate-limiter relative to reverse proxies? 2️⃣ How would you manually adjust your brute-force request headers to slip past this limiter — without rotating your public IP? 📣 Your move Drop your conceptual payload logic or Python pseudocode in the comments. No copy-pasted tool syntax — we want to see the structural reasoning behind the bypass.
Most accurate answer gets pinned Monday.#ThreatXEd#FirdayChallenge
| 2 | Tools like Responder don't succeed because of complex exploit payloads; they succeed by hijacking built-in fallback protocols that are left enabled by default
#ThreatXEd | 237 |
| 3 | https://t.me/Ethiopiastartup | 236 |
| 4 | 🚨 The Excel File That Shook Global 2FA
🧬 Cyber Autopsy: The 2011 RSA SecurID Breach
One Excel file. One employee. Millions of authentication tokens put at risk.
🎯 The Bait
Attackers skipped the executives and targeted a handful of mid-level employees with a convincing email titled: "2011 Recruitment Plan" and what was attached was an innocent-looking .xls spreadsheet.
💥 The Exploit
The spreadsheet secretly contained an embedded Adobe Flash object exploiting the zero-day vulnerability CVE-2011-0609.
The moment it was opened:
- Flash triggered a buffer overflow
- A custom Poison Ivy RAT was executed in memory
- The attackers gained a stealthy foothold
No password theft. No noisy ransomware. Just quiet access.
🕵️ The Pivot
Instead of grabbing credentials, the attackers patiently mapped RSA's internal network. Their real objective?
🔑 The master seed values used to generate RSA SecurID tokens.
Once those seeds were compromised, the security of countless 2FA deployments around the world was called into question. The real failure wasn't the phishing email. It was the architecture.
Once the endpoint was compromised, the attackers moved laterally with too few barriers in their way.
Zero Trust + Strong Network Segmentation > Perimeter-Only Security
#CyberSecurity #ThreatXEd #BlueTeam #ZeroTrust #NetworkSegmentation | 320 |
| 5 | Agentic AI + Cybersecurity = The Future of Defense
Traditional security tools wait for humans to react. Agentic AI changes that.
Agentic AI can autonomously observe, reason, decide, and act helping detect threats, investigate attacks, and respond in real time.
Imagine AI agents that hunt threats 24/7, analyze malware, and stop attacks before damage happens.
The future of cybersecurity isn’t just automation it’s intelligent autonomous defense.
#AI #Cybersecurity #AgenticAI #ThreatXed @ThreatXSecurity | 538 |
| 6 | https://youtu.be/rT2iGGuuorc?si=8cVBVUrBWyHnCOQZ | 469 |
| 7 | 🚨 ALERT - A critical Splunk Enterprise flaw can go from “no login required” to remote code execution.
Tracked as CVE-2026-20253, the bug carries a 9.8 CVSS score and affects vulnerable Splunk Enterprise servers through exposed PostgreSQL sidecar endpoints.
The exploit chain is now public.
Read the full story: https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html | 555 |
| 8 | 🛑 Google says a Chinese cybercrime network turned Gemini into a phishing helper.
The service, called Outsider, was tied to:
> 1.59M fraudulent URLs
> 9,000 fake websites
> 100,000+ victims
> $88/week phishing kits sold on Telegram
Read: https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html | 495 |
| 9 | THE INTERVIEW IS OUT! 🔥 My full ... https://vt.tiktok.com/ZSQeWtXVp/ | 651 |
| 10 | THE INTERVIEW IS OUT! 🔥 My full ... https://vt.tiktok.com/ZSQeWtXVp/ | 6 |
| 11 | https://vt.tiktok.com/ZSQeWtXVp/ | 1 |
| 12 | THE INTERVIEW IS OUT! 🔥 My full ... https://vt.tiktok.com/ZSQeWtXVp/ | 1 |
| 13 | https://youtu.be/s-D7oPkNf6c | 559 |
| 14 | Hey guys
We’re planning to rebrand our community name from “ThreatX Security” to a fresh new name.
Please suggest modern, unique and professional names related to cybersecurity, ethical hacking, learning, and technology | 746 |
| 15 | ለመላው የእስልምና እምነት ተከታዮች እንኳን ለ1447ኛው የዒድ አል-አድሃ (አረፋ) በዓል በሰላም አደረሳችሁ !
#ThreatX | 668 |
| 16 | 🔔INSA Summer Camp Registration Extended!
Based on the poll results, many candidates requested additional time for registration. Therefore, the INSA Summer Camp registration deadline has been extended by 7 more days.
🗓 New Deadline: May 24, 2026
This program is designed for students who are ready to grow in technology, innovation, and problem-solving through self-awareness, self-development, and challenge-based mentorship.
Participants will gain practical exposure in STEAM fields, guided learning experiences, and hands-on challenges that build real skills.
✅ Free registration
✅ Open for elementary, high school, and university students
✅ Self-awareness & personal development focus
✅ Challenge-based mentorship approach
✅ Skill-building through real-world problems
✅ Networking with talented peers
Don’t miss this chance—complete your registration before the new deadline. 👉 More information: https://t.me/insactc
👉 Registration Portal: https://ctc.insa.gov.et/registration | 653 |
| 17 | የ2018 ኢመደአ ሰመር ካምፕ የምዝገባ መስፈርቶች – INSA Cyber Talent Challenge 2026
• ምዝገባ በብሔራዊ መታወቂያ (National ID) ይደረጋል (ከውጪ ዜጎች በስተቀር)
• በብሔራዊ መታወቂያ (National ID) ከተመዘገቡ/ማራጋገጫ ከጨረሱ ቡሀላ ወደዋናዉ የምዝገባ ፖርታል ገብተዉ ፎርሙን መሙላት እንዳይረሱ
• ከ11 ዓመት ጀምሮ ያለ ማንኛውም ታለንት ያለው ኢትዮጵያዊ መሳተፍ ይችላል
• ሰመር ካምፑ በ6 ዩኒቨርሲቲዎች ይካሄዳል፡
1) አዲስ አበባ ሳይንስ እና ቴክኖሎጂ ዩኒቨርሲቲ
2) ባህርዳር ዩኒቨርሲቲ
3) ሀረሚያ ዩኒቨርሲቲ
4) ጅማ ዩኒቨርሲቲ
5) ደብረብርሀን ዩኒቨርሲቲ
6) ወላይታ ሶዶ ዩኒቨርሲቲ
• በሳይበር ደህንነት፣ ዴቨሎፕመንት፣ ኢምቤድድ ሲስተም፣ ኤሮስፔስ እና ኢመርጂንግ ቴክኖሎጂ ላይ ፍላጎት እና ተሰጥኦ (Talent with passion) ያላቸው
• የተቋሙን ፈተና/ቻሌንጅ ማለፍ የሚችሉ
• አዲስ ነገር የመማር ፍላጎት እና ተግባራዊ ስራ ላይ የመሳተፍ ፈቃደኝነት/ዝግጁነት
• ችግር ፈቺ እና በራስ የመስራት/የመማር ማይንድሴት ያላቸው
• የስነ-ምግባር ችግር የሌለባቸዉ
የስልጠና ዘርፎች
• ሳይበር ደህንነት
• ሶፍትዌር ልማት
• Embedded Systems
• Aerospace
• Emerging Technologies
በምዝገባዉ መሳተፍ የማይችሉ/የማይመለከታቸዉ
1. በሳይበር ደህንነት እና ተዛማጅ ዘርፎች ላይ ፍላጎት እና ታለንት የሌላቸዉ
2. በኢመደአ የ4ዙር የሰመር ካምፕ/ፕሮግራም የተሳተፉ ድጋሜ መመዝገብ አይቻልም
⚠️ ማሳሰቢያ፡
ፎርሙ ስትሞሉ ሙሉ በሙሉ በAI የተፃፈ ይዘት መጠቀም አይፈቀድም። ከአንድ ጊዜ በላይ መሞከር ከምዝገባዉ ሊታገዱ ስለሚችሉ።
🎯 ተሳታፊዎች በINSA የመስራት እድል ፣ የስታርታፕ እድል እና ሌሎች ተጨማሪ እድሎች ተጠቃሚ ይሆናሉ
👉 ተጨማሪ መረጃ: https://t.me/insactc
👉 ለመመዝገብ: https://ctc.insa.gov.et/registration | 489 |
| 18 | Master the Web Proxy. 🖥🔥
A quick carousel guide to Burp Suite architecture, core components, and common vulnerabilities.
#CyberSecurity #BurpSuite #EthicalHacking#ThreatX | 630 |
| 19 | From basic port scans to advanced firewall evasion, here is our 2026 Nmap Cheat Sheet for the community. Essential for every ethical hacker's toolkit.
Save this for your next penetration test or CTF!
#nmap#ethicalhacking#threatx | 0 |
