APT

Kanalga Telegram’da o‘tish

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Ko'proq ko'rsatish

Rossiya45 663 Texnologiyalar & Aralashmalar8 841...

📈 Telegram kanali APT analitikasi

APT (@apt_notes) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 14 650 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 8 841-o'rinni va Rossiya mintaqasida 45 663-o'rinni egallagan.

📊 Auditoriya ko‘rsatkichlari va dinamika

невідомо sanasidan buyon loyiha tez o‘sib, 14 650 obunachiga ega bo‘ldi.

11 Iyun, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 406 ga, so‘nggi 24 soatda esa 16 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.

Tasdiqlash holati: Tasdiqlanmagan
Jalb etish (ER): Auditoriya o‘rtacha 48.83% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining N/A% ini tashkil etuvchi reaksiyalarni to‘playdi.
Post qamrovi: Har bir post o‘rtacha 7 154 marta ko‘riladi; birinchi sutkada odatda 0 ta ko‘rish yig‘iladi.
Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 18 ta reaksiya keladi.

📝 Tavsif va kontent siyosati

Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Yuqori yangilanish chastotasi (oxirgi ma’lumot 12 Iyun, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.

14 650

Obunachilar

+1624 soatlar

+1087 kunlar

+40630 kunlar

7 154

Post ko'rishlar

Ma'lumot yo'q24 soatlar

Ma'lumot yo'q48 soatlar

48.83%

Muloqot nisbati

Ma'lumot yo'q

Kuniga postlar

Ads index

beta

Postlar arxiv

14 650

Repost from RedTeam brazzers

Всем доброго вторника! Помните, друзья, как круто было, когда вышел KrbRelay , a за ним KrbrelayUp? Казалось, что в тот день эксплуатация AD перевернулась с ног на голову. Или с головы на ноги.... :)) Не суть!) Недавно я выкладывал статью, в которой постарался максимально просто описать процесс ретрансляции керберос аутентификации. Но ещё раньше появились интересные атаки: CertifiedDCOM и SilverPotato . Была лишь одна проблема - нет POCов. А что делают студенты, когда нет POCов? Правильно! Их пишут :)) Поэтому хочу вам с радостью представить тулзу RemoteKrbRelay, которая не просто совмещает в себе и SilverPotato и CertifiedDCOM, а является полноценным фреймворком для обнаружения уязвимых DCOM-обьектов! Я добавил чекер, который выводит абсолютно всю информацию о DCOM-объектах системы в удобно читаемом виде (csv / xlsx). Помимо этого, присутствует встроенный функционал кросс-сессионной активации. Представляете? Есть два компьютера. На одном вы, а на втором ДА. И вы можете со своего компьютера триггерить керберос аутентификацию ДА, абсолютно удаленно!) 🙂 Что ж, отмечу, что это лишь minimal POC и ему ещё есть куда расти :) Например, я пока не допилил функционал по релею керберос аутентификации из OXID Initial Resolution Request (а там вообще-то RPC_C_IMP_LEVEL_IMPERSONATE🤫). Впрочем, я готов принимать PR :))

14 650

Repost from Offensive Xwitter

😈 [ Daniel @0x64616e ] Did you know curl on Windows can authenticate via SSPI? Proxy auth works as well. 🐥 [ tweet ]

14 650

👩‍💻Apache Kafka UI RCE (CVE-2023-52251, CVE-2024-32030) Kafka UI is affected by two remote code execution vulnerabilities. The first vulnerability in the message filtering component leads to execution of arbitrary unsandboxed groovy script. The second vulnerability can be exploited by abusing Kafka UI to connect to a malicious JMX server, which leads to RCE via unsafe deserialization. This is particularly dangerous, as Kafka UI does not have authentication enabled by default. 🔗 Source: https://securitylab.github.com/advisories/GHSL-2023-229_GHSL-2023-230_kafka-ui/ #apache #kafka #ui #rce

14 650

Repost from Offensive Xwitter

😈 [ X-C3LL @TheXC3LL ] You can find my slides for "Offensive VBA" talk here 🔗 https://github.com/X-C3LL/congresos-slides/blob/master/Offensive%20VBA.pdf 🐥 [ tweet ]

14 650

Repost from 1N73LL1G3NC3

LogHunter Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN) Youtube POC

14 650

🔥 VMware vCenter Server RCE + PrivEsc Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol. They could allow a bad actor with network access to vCenter Server to achieve remote code execution by sending a specially crafted network packet. — CVE-2024-37079: A heap-overflow vulnerability in the DCERPC protocol implementation of vCenter Server that allows a malicious actor with network access to send specially crafted packets, potentially leading to remote code execution. (CVSS v3.1 score: 9.8 "critical"); — CVE-2024-37080: Another heap overflow vulnerability in the DCERPC protocol of vCenter Server. Similar to CVE-2024-37079, it allows an attacker with network access to exploit heap overflow by sending crafted packets, potentially resulting in remote code execution. (CVSS v3.1 score: 9.8 "critical"); — CVE-2024-37081: This vulnerability arises from a misconfiguration of sudo in vCenter Server, permitting an authenticated local user to exploit this flaw to elevate their privileges to root on the vCenter Server Appliance. (CVSS v3.1 score: 7.8 "high"). Nuclei Template (PoC): 🔗 https://gist.github.com/tothi/0ff034b254aca527c3a1283ff854592a Nmap Script (PoC): 🔗 https://github.com/nmap/nmap/blob/4b28defac6e3eb8b8eb4704f506949806d784f73/scripts/vmware-version.nse Shodan

product:"VMware vCenter Server"

FOFA

app="vmware-vCenter"

#vmware #vcenter #rce #lpe #cve

14 650

Repost from Just Security

Дедлайн близко 😱 Продолжаем поиск самых выдающихся работ, относящихся к разным стадиям имитации хакерских атак. Браво, всем, кто уже прислал заявки: форма и содержание, креативная подача, мемные иллюстрации и точные метафоры — все это божественно прекрасно. Не зря мы твердим, что пентест самая творческая ИБ-профессия. Гордимся всеми участниками за ум, инициативность и смелость! Не упускайте шанс побороться за звание лучшего этичного хакера, получить призы и потусить с единомышленниками в камерной атмосфере на церемонии награждения. Делитесь своими наработками — https://award.awillix.ru/ #pentestaward

14 650

🌀Voidgate A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page. 🔗 Source https://github.com/vxCrypt0r/Voidgate?tab=readme-ov-file #av #edr #evasion #hwbp #cpp

14 650

Repost from Offensive Xwitter

😈 [ Marc-André Moreau @awakecoding ] New blog post! 📰 Mac RDP Client: Kerberos and Protected Users Guide 🍎 Are you trying to harden your Active Directory environment by eliminating NTLM usage, but RDP from Macs stands in the way? Read this! ☀️💻👇 🔗 https://awakecoding.com/posts/mac-rdp-client-kerberos-and-protected-users-guide/ 🐥 [ tweet ]

14 650

Repost from 1N73LL1G3NC3

CVE-2024-28995: High-Severity Directory Traversal Vulnerability affecting SolarWinds Serv-U. SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. POC: https://github.com/rapid7/metasploit-framework/pull/19255 Query:

Hunter: protocol.banner="Serv-U FTP"
FOFA: app="SolarWinds-Serv-U-FTP"
SHODAN: product:"Serv-U ftpd"

14 650

🔑 RdpStrike The project aims to extract clear text passwords from mstsc.exe, and the shellcode uses Hardware Breakpoint to hook APIs. It is a complete positional independent code, and when the shellcode injects into the mstsc.exe process, it is going to put Hardware Breakpoint onto three different APIs, ultimately capturing any clear-text credentials and then saving them to a file. 🔗 Source: https://github.com/0xEr3bus/RdpStrike #rdp #creds #bof #cobaltstrike

14 650

🖥 Assembly for Hackers "Assembly Unleashed: A Hacker's Handbook" is a definitive resource tailored specifically for hackers and security researchers seeking to master the art of assembly programming language. Authored by seasoned practitioners in the field, this book offers a comprehensive journey into the depths of assembly, unraveling its complexities and exposing its potential for exploitation and defense. 🔗 Source: https://redteamrecipe.com/assembly-for-hackers #asm #syscalls #dll #apc #injection #redteam

14 650

🌐 DLHell DLHell is a tool for performing local and remote DCOM Windows DLL proxying. It can intercept DLLs on remote objects to execute arbitrary commands. The tool supports various authentication methods and provides capabilities for local and remote DLL proxying, as well as DCOM DLL proxying. 🔗 Source: https://github.com/synacktiv/DLHell #windows #dll #proxing #dcom

14 650

Repost from Ralf Hacker Channel

CVE-2024-26229: Windows LPE PATCHED: Apr 9, 2024 https://github.com/RalfHacker/CVE-2024-26229-exploit P.S. Чуть поправил оригинальный эксплоит #git #exploit #lpe #pentest #redteam

14 650

🖥 Veeam Enterprise Manager Authentication Bypass May 21st, Veeam published an advisory stating that all the versions BEFORE Veeam Backup Enterprise Manager 12.1.2.172 is affected by an authentication bypass allowing an unauthenticated attacker to bypass the authentication and log in to the Veeam Backup Enterprise Manager web interface as any user. , the CVSS for this vulnerability is 9.8. 🔗 Source: https://summoning.team/blog/veeam-enterprise-manager-cve-2024-29849-auth-bypass/ 🔗 PoC: https://github.com/sinsinology/CVE-2024-29849 #veeam #authentication #bypass #cve

14 650

Repost from Ralf Hacker Channel

CVE-2024-4577: PHP CGI Argument Injection (RCE)

on Windows PHP 8.3 < 8.3.8 PHP 8.2 < 8.2.20 PHP 8.1 < 8.1.29

PoC: https://github.com/watchtowrlabs/CVE-2024-4577 Blog: blog1 & blog2 #exploit #rce

14 650

🔐 Spray Passwords, Avoid Lockouts In this blog post, learn how to effectively use password spraying in Active Directory environments without triggering account lockouts. Dive into authentication mechanisms, password policies, GPO and PSOs. Research 🔗 https://en.hackndo.com/password-spraying-lockout/ Tool 🔗 https://github.com/login-securite/conpass #ad #spraying #passpol

14 650

Repost from Offensive Xwitter

😈 [ V❄️ @vincenzosantuc1 ] In-memory sleeping technique using threads created in suspended state and timers that work with the ResumeThread function in order to adapt SWAPPALA to the Reflective DLL context. 🔗 https://oldboy21.github.io/posts/2024/06/sleaping-issues-swappala-and-reflective-dll-friends-forever/ 🐥 [ tweet ]

14 650

🖥 smbclient-ng Fast and user friendly way to interact with SMB shares. 🔗https://github.com/p0dalirius/smbclient-ng #smb #smbclient #share #windows