APT

Открыть в Telegram

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Больше

Россия45 631 Технологии и приложения8 841...

📈 Аналитический обзор Telegram-канала APT

Канал APT (@apt_notes) языкового сегмента Английский является активным участником. Сейчас сообщество объединяет 14 658 подписчиков, занимая 8 841 место в категории Технологии и приложения и 45 631 место в регионе Россия.

📊 Показатели аудитории и динамика

С момента создания невідомо проект демонстрирует стремительный рост, собрав аудиторию из 14 658 подписчиков.

Согласно последним данным от 12 июня, 2026, канал показывает стабильную активность. За последние 30 дней изменение числа участников составило 406, а за последние 24 часа — 7, при этом общий охват остаётся высоким.

Статус верификации: Не верифицирован
Уровень вовлечённости (ER): Средний показатель вовлечённости аудитории составляет 49.89%. В первые 24 часа после публикации контент обычно набирает N/A% реакций от общего числа подписчиков.
Охват публикаций: В среднем каждый пост получает 7 313 просмотров. В течение первых суток публикация набирает 0 просмотров.
Реакции и взаимодействия: Аудитория активно поддерживает контент: среднее количество реакций на один пост — 20.

📝 Описание и контентная политика

Автор описывает ресурс как площадку для выражения субъективного мнения:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Благодаря высокой частоте обновлений (последние данные получены 13 июня, 2026) канал поддерживает актуальность и высокий уровень охвата публикаций. Аналитика показывает, что аудитория активно взаимодействует с контентом, что делает его важной точкой влияния в категории Технологии и приложения.

14 658

Подписчики

+724 часа

+1007 дней

+40630 день

7 313

Просмотры поста

Нет данных24 часа

Нет данных48 часов

49.89%

Коэффициент вовлеченности

Нет данных

Постов в день

Ads index

beta

Архив постов

14 667

⚔️ Remote Code Injection by Abusing CreateProcess and GetEnvironmentVariable New method of injecting code into a remote process without using WriteProcessMemory. CreateProcess: https://www.x86matthew.com/view_post?id=proc_env_injection GetEnvironmentVariable: https://x-c3ll.github.io/posts/GetEnvironmentVariable-Process-Injection/ #maldev #process #inject #pinvoke #winapi

14 667

📜 Defused That SAN Flag One more post about Microsoft's recent security updates - re changes to Kerberos and the new certificate extension containing the requester's SID. The changes 'defuse' the impact of the flag that allows adding custom subject alternative names to any certificate (including the ones that 'actually' should be auto-enrolled). https://elkement.blog/2022/06/13/defused-that-san-flag/ #ad #adcs #privesc #redteam

14 667

🔍 GitHub Dorks Many people ask me how to do GitHub reconnaissance, find credentials and other information Pentest or RedTeam might need. This post will look at some ways to search GitHub. #github #dorks #recon #osint

14 667

🔑 Extracting Credentials from Chrome Memory An excellent study on how Chrome's memory works and how to extract credentials, cookies, etc. in а low privileges plain text format. https://www.cyberark.com/resources/threat-research-blog/extracting-clear-text-credentials-directly-from-chromium-s-memory #chrome #memory #dump #creds

14 667

Repost from Codeby

🔥 Фильм о команде Codeby на The Standoff 2022 Друзья, уже в скором времени мы будем готовы представить вам документальный фильм об участии команды Codeby на мероприятии The Standoff 2022! Вспомним, какие эмоции испытывали все мы каждый день соревнований, а также узнаем, что происходило в эти дни от лица игроков. А пока предлагаем вам насладиться просмотром небольшого трейлера!

14 667

⚙️ Active Directory Delegation Management Tool Is an Active Directory delegation management tool. It allows you to make a detailed inventory of delegations set up so far in a forest, along with their potential issues: — Objects owned by users — Objects with ACEs for users — Non canonical ACL — Disabled ACL inheritance — Default ACL modified in schema — Deleted delegation trustees It also allows you to document your delegation model in JSON files, to obtain a more readable view: https://github.com/mtth-bfft/adeleg #ad #delegations #ace #acl #tools

14 667

Repost from 1N73LL1G3NC3

Malware development: persistence - part 4. Windows services. Simple C++ example. Malware development: persistence - part 5. AppInit_DLLs. Simple C++ example. Malware development: persistence - part 6. Windows netsh helper DLL. Simple C++ example.

14 667

Repost from 1N73LL1G3NC3

Malware development: persistence - part 1. Registry run keys. C++ example. Malware development: persistence - part 2. Screensaver hijack. C++ example. Malware development: persistence - part 3. COM DLL hijack.

14 667

🕵️ OSINT Collection Collection of 4000+ OSINT resources https://metaosint.github.io/table/ #osint #recon #collection

14 667

📒Simulating attacks with Sysmon SysmonSimulator is an Open source Windows event simulation utility created in C language, that can be used to simulate most of the attacks using WINAPIs. This can be used by Blue teams for testing the EDR detections and correlation rules. I have created it to generate attack data for the relevant Sysmon Event IDs. Attack coverage: — Process Events — File Events — Named Pipes Events — Registry Actions — Image Loading — Network Connections — Create Remote Thread — Raw Access Read — DNS Query — WMI Events — Clipboard Capture — Process Image Tampering Research: https://rootdse.org/posts/understanding-sysmon-events/ Tool: https://github.com/ScarredMonk/SysmonSimulator #sysmon #simulator #blueteam #lab

14 667

🔥 MS-MSDT Office RCE MS Office docx files may contain external OLE Object references as HTML files. There is an HTML sceme "ms-msdt:" which invokes the msdt diagnostic tool, what is capable of executing arbitrary code (specified in parameters). The result is a terrifying attack vector for getting RCE through opening malicious docx files (without using macros). PoC: https://github.com/JohnHammond/msdt-follina https://github.com/chvancooten/follina.py Demo Follina with Cobalt Strike: https://www.youtube.com/watch?v=oM4GHtVvv1c For BlueTeam: https://gist.github.com/kevthehermit/5c8d52af388989cfa0ea38feace977f2 #office #rce #msmsdt #nomacro

14 667

🩸Max (BloodHound) Maximizing BloodHound with a simple suite of tools https://github.com/knavesec/Max #bloodhound #neo4j #cypher

14 667

🔍 Find Uncommon Shares This Python tool equivalent of PowerView Invoke-ShareFinder.ps1 allows to quickly find uncommon shares in vast Windows Active Directory Domains. https://github.com/p0dalirius/FindUncommonShares #ad #enum #shares #tools

14 667

Combination of 2 PoCs for bypassing Credential Guard with in-memory invocation PoC 1 (patch wdigest.dll): https://gist.github.com/N4kedTurtle/8238f64d18932c7184faa2d0af2f1240 PoC 2 (find variable offsets in runtime): https://github.com/itm4n/Pentest-Windows/blob/main/CredGuardBypassOffsets/poc.cpp Merged: https://gist.github.com/snovvcrash/43e976779efdd20df1596c6492198c99 #lsass #wdigest #credguard

14 667

🎁 Application Security Pipelines (Now with guides) Scan your code, infrastructure configs and domains with many open source scanners. Currently supported: trufflehog, gitleaks, bandit, gosec, spotbugs, terrascan, hadolint, retirejs, eslint, phpcs, sonarqube integration, semgrep, arachni, zap, subfinder, nuclei.. All reports will be passed to defectdojo Guides: https://github.com/Whitespots-OU/DevSecOps-Pipelines Integration examples: https://gitlab.com/whitespots-public/vulnerable-apps #appsec #devsecops #pipelines

14 667

😴 DeepSleep A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC https://github.com/thefLink/DeepSleep #memory #evasion #maldev

14 667

⚙️ WTFBins WTFBin(n): a binary that behaves exactly like malware, except, somehow, it's not? Site detailing noisy, false positive binaries created that's super helpful in getting filter ideas together for monitoring and hunting rules. https://wtfbins.wtf/ #wtfbins #blueteam

14 667

🔐 Credential Guard Bypass The well-known WDigest module, which is loaded by LSASS, has two interesting global variables: g_IsCredGuardEnabled and g_fParameter_UseLogonCredential. Their name is rather self explanatory, the first one holds the state of Credential Guard within the module, the second one determines whether clear-text passwords should be stored in memory. By flipping these two values, you can trick the WDigest module into acting as if Credential Guard was not enabled. Research: https://itm4n.github.io/credential-guard-bypass/ PoC: https://github.com/itm4n/Pentest-Windows/blob/main/CredGuardBypassOffsets/poc.cpp #lsass #wdigest #credential #guard #research

14 667

Repost from Кавычка

Уязвимости и атаки на CMS Bitrix 1. Особенности 2. Уязвимости 3. Методы атак Приятного чтения!

14 667

🔗 Active Directory ACL Attack Paths Through LDAP Relaying Attacks This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external internet-facing IP address. https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/ #ad #ldap #relay #acl #research