Уже доступно! Исследование Telegram 2025 — ключевые инсайты года 
APT
Открыть в Telegram
This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat
Больше📈 Аналитический обзор Telegram-канала APT
Канал APT (@apt_notes) языкового сегмента Английский является активным участником. Сейчас сообщество объединяет 14 682 подписчиков, занимая 8 834 место в категории Технологии и приложения и 45 554 место в регионе Россия.
📊 Показатели аудитории и динамика
С момента создания невідомо проект демонстрирует стремительный рост, собрав аудиторию из 14 682 подписчиков.
Согласно последним данным от 13 июня, 2026, канал показывает стабильную активность. За последние 30 дней изменение числа участников составило 414, а за последние 24 часа — 17, при этом общий охват остаётся высоким.
- Статус верификации: Не верифицирован
- Уровень вовлечённости (ER): Средний показатель вовлечённости аудитории составляет 50.76%. В первые 24 часа после публикации контент обычно набирает N/A% реакций от общего числа подписчиков.
- Охват публикаций: В среднем каждый пост получает 7 449 просмотров. В течение первых суток публикация набирает 0 просмотров.
- Реакции и взаимодействия: Аудитория активно поддерживает контент: среднее количество реакций на один пост — 20.
📝 Описание и контентная политика
Автор описывает ресурс как площадку для выражения субъективного мнения:
“This channel discusses:
— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc
Disclaimer:
t.me/APT_Notes/6
Chat Link:
t.me/APT_Notes_PublicChat”
Благодаря высокой частоте обновлений (последние данные получены 14 июня, 2026) канал поддерживает актуальность и высокий уровень охвата публикаций. Аналитика показывает, что аудитория активно взаимодействует с контентом, что делает его важной точкой влияния в категории Технологии и приложения.
14 682
Подписчики
+1724 часа
+1027 дней
+41430 день
Архив постов
14 682
Decoding PDF Injection
This article talks about PDF injection from scratch to the execution of XSS and SSRF via PDF injection.
https://medium.com/@urshilaravindran/pdf-injection-in-simple-words-8c399f92593c
#pdf #xss #ssrf #injection
14 682
ADExplorerSnapshot
ADExplorerSnapshot is an AD Explorer snapshot ingestor for BloodHound.
AD Explorer allows you to connect to a DC and browse LDAP data. It can also create snapshots of the server you are currently attached to. This tool allows you to convert those snapshots to BloodHound-compatible JSON files.
https://github.com/c3c/ADExplorerSnapshot.py
#adexplorer #ldap #json #bloodhound
14 682
Apache APISIX Dashboard — Unauthorized RCE (CVE-2021-45232)
Attackers can access certain interfaces without logging in to Apache APISIX Dashboard, thus making unauthorized changes or obtaining relevant configuration information such as Apache APISIX Route, Upstream, Service, etc., and cause problems such as SSRF, malicious traffic proxies built by attackers, and arbitrary code execution.
Shodan Dorks:
title:"Apache APISIX Dashboard"PoC:
curl http://IP:9000/apisix/admin/migrate/exporthttps://apisix.apache.org/blog/2021/12/28/dashboard-cve-2021-45232/ #apache #apisix #cve #poc
14 682
ldap2json — Offline Analysis Tool
The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Features:
— Authenticate with password
— Authenticate with LM:NT hashes
— Authenticate with kerberos ticket
— Save ldap content in json format
https://github.com/p0dalirius/ldap2json
#ldap #json #tools #redteam
14 682
GoWard
GoWard proxies HTTP C2 traffic to specified Red Team servers based on the HTTP header of the traffic.
https://github.com/chdav/GoWard
#c2 #proxy #redteam
14 682
PHP LFI with Nginx Assistance
This post presents a new method to exploit local file inclusion (LFI) vulnerabilities in utmost generality, assuming only that PHP is running in combination with Nginx under a common standard configuration.
https://bierbaumer.net/security/php-lfi-with-nginx-assistance/
#lfi #nginx #php
14 682
ADCS: Playing with ESC4
ADCS cert template modification and ACL enumeration
https://www.fortalicesolutions.com/posts/adcs-playing-with-esc4
https://github.com/fortalice/modifyCertTemplate
#adcs #certificates #esc4 #acl
14 682
Executing Code Using Microsoft Teams Updater
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/executing-code-using-microsoft-teams-updater/
#teams #redteam #research
14 682
Сaldera — Automated Adversary Emulation Platform
Сaldera is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response.
https://github.com/mitre/caldera
#blueteam #redteam #automated
14 682
DetectionLab
DetectionLab is a repository containing a variety of Packer, Vagrant, Powershell, Ansible, and Terraform scripts that allow you to automate the process of bringing an ActiveDirectory environment online complete with logging and security tooling using a variety of different platforms.
DetectionLab can currently be deployed to the following platforms:
— Virtualbox (Windows, MacOS, Linux)
— VMware Workstation/Fusion (Windows, MacOS, Linux)
— HyperV
— ESXi
— AWS
— Azure
— LibVirt (Not officially supported)
— Proxmox (Not officially supported)
https://detectionlab.network/
#lab #cloud #blueteam #redteam
14 682
MultiPotato
Another Potato to get SYSTEM via SeImpersonate privileges
https://github.com/S3cur3Th1sSh1t/MultiPotato
#windows #lpi #potato #tools
14 682
Arsenal of AWS Security Tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
https://github.com/toniblyx/my-arsenal-of-aws-security-tools
#aws #security #benchmarks #blueteam
14 682
A (not so deep) Dive into Grafana CVE-2021-43798
This post will cover some details behind the recent Grafana vulnerability (CVE-2021-43798), which is a directory traversal bug allowing unauthenticated attackers to read files on the target server filesystem. This post will also discuss some real world scenario and attack surface of the Grafana.
https://nusgreyhats.org/posts/writeups/a-not-so-deep-dive-in-to-grafana-cve-2021-43798/
#grafana #lfi #cve
14 682
Windows 10 Hardening
The project started as a simple hardening list for Windows 10. After some time, HardeningKitty was created to simplify the hardening of Windows. Now, HardeningKitty supports guidelines from Microsoft, CIS Benchmarks, DoD STIG and BSI SiSyPHuS Win10
https://github.com/0x6d69636b/windows_hardening/
#blueteam #windows #hardening #benchmarks
14 682
ADCS: Playing with ESC4
Enumeration and abuse of Linux-based ADCS ESC4
Research:
https://www.fortalicesolutions.com/posts/adcs-playing-with-esc4
Source:
https://github.com/fortalice/modifyCertTemplate
#adcs #abuse #pentest #tools
14 682
Docem
A utility to embed XXE and XSS payloads in docx, odt, pptx, etc - any documents that is a zip archive with bunch of xml files inside.
https://github.com/whitel1st/docem
#xxe #xss #doc #file #upload
14 682
Invoke-WinSATBypass
This script will create a mock directory of "
C:\Windows\System32" and copy a legitimate application of Windows (WinSAT.exe) into it.
It will after try to download a DLL called version.dll, which is loaded by default by WinSAT.exe, in order to perform a UAC Bypass by doing some DLL Hijacking.
https://github.com/b4keSn4ke/Invoke-WinSATBypass
#uac #bypass #winsat #tools14 682
#tools
CVE Trends
One cool guy made this tool to monitor CVE trends in twitter. He shared this tool in his russian channel.
https://cvetrends.com/
14 682
mssqlproxy
Toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server.
https://github.com/blackarrowsec/mssqlproxy
#mssql #proxy #pentest #tools
14 682
RogueAssemblyHunter
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
https://github.com/bohops/RogueAssemblyHunter
#dotnet #blueteam #threadhunting
