APT

Kanalga Telegram’da o‘tish

This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat

Ko'proq ko'rsatish

Rossiya45 554 Texnologiyalar & Aralashmalar8 834...

📈 Telegram kanali APT analitikasi

APT (@apt_notes) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 14 682 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 8 834-o'rinni va Rossiya mintaqasida 45 554-o'rinni egallagan.

📊 Auditoriya ko‘rsatkichlari va dinamika

невідомо sanasidan buyon loyiha tez o‘sib, 14 682 obunachiga ega bo‘ldi.

13 Iyun, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 414 ga, so‘nggi 24 soatda esa 17 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.

Tasdiqlash holati: Tasdiqlanmagan
Jalb etish (ER): Auditoriya o‘rtacha 50.76% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining N/A% ini tashkil etuvchi reaksiyalarni to‘playdi.
Post qamrovi: Har bir post o‘rtacha 7 449 marta ko‘riladi; birinchi sutkada odatda 0 ta ko‘rish yig‘iladi.
Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 20 ta reaksiya keladi.

📝 Tavsif va kontent siyosati

Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“This channel discusses: — Offensive Security — RedTeam — Malware Research — OSINT — etc Disclaimer: t.me/APT_Notes/6 Chat Link: t.me/APT_Notes_PublicChat”

Yuqori yangilanish chastotasi (oxirgi ma’lumot 14 Iyun, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.

14 682

Obunachilar

+1724 soatlar

+1027 kunlar

+41430 kunlar

7 449

Post ko'rishlar

Ma'lumot yo'q24 soatlar

Ma'lumot yo'q48 soatlar

50.76%

Muloqot nisbati

Ma'lumot yo'q

Kuniga postlar

Ads index

beta

Postlar arxiv

14 682

Decoding PDF Injection This article talks about PDF injection from scratch to the execution of XSS and SSRF via PDF injection. https://medium.com/@urshilaravindran/pdf-injection-in-simple-words-8c399f92593c #pdf #xss #ssrf #injection

14 682

ADExplorerSnapshot ADExplorerSnapshot is an AD Explorer snapshot ingestor for BloodHound. AD Explorer allows you to connect to a DC and browse LDAP data. It can also create snapshots of the server you are currently attached to. This tool allows you to convert those snapshots to BloodHound-compatible JSON files. https://github.com/c3c/ADExplorerSnapshot.py #adexplorer #ldap #json #bloodhound

14 682

Apache APISIX Dashboard — Unauthorized RCE (CVE-2021-45232) Attackers can access certain interfaces without logging in to Apache APISIX Dashboard, thus making unauthorized changes or obtaining relevant configuration information such as Apache APISIX Route, Upstream, Service, etc., and cause problems such as SSRF, malicious traffic proxies built by attackers, and arbitrary code execution. Shodan Dorks:

title:"Apache APISIX Dashboard"

PoC:

curl http://IP:9000/apisix/admin/migrate/export

https://apisix.apache.org/blog/2021/12/28/dashboard-cve-2021-45232/ #apache #apisix #cve #poc

14 682

ldap2json — Offline Analysis Tool The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file. Features: — Authenticate with password — Authenticate with LM:NT hashes — Authenticate with kerberos ticket — Save ldap content in json format https://github.com/p0dalirius/ldap2json #ldap #json #tools #redteam

14 682

GoWard GoWard proxies HTTP C2 traffic to specified Red Team servers based on the HTTP header of the traffic. https://github.com/chdav/GoWard #c2 #proxy #redteam

14 682

PHP LFI with Nginx Assistance This post presents a new method to exploit local file inclusion (LFI) vulnerabilities in utmost generality, assuming only that PHP is running in combination with Nginx under a common standard configuration. https://bierbaumer.net/security/php-lfi-with-nginx-assistance/ #lfi #nginx #php

14 682

ADCS: Playing with ESC4 ADCS cert template modification and ACL enumeration https://www.fortalicesolutions.com/posts/adcs-playing-with-esc4 https://github.com/fortalice/modifyCertTemplate #adcs #certificates #esc4 #acl

14 682

Executing Code Using Microsoft Teams Updater https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/executing-code-using-microsoft-teams-updater/ #teams #redteam #research

14 682

Сaldera — Automated Adversary Emulation Platform Сaldera is a cyber security platform designed to easily automate adversary emulation, assist manual red-teams, and automate incident response. https://github.com/mitre/caldera #blueteam #redteam #automated

14 682

DetectionLab DetectionLab is a repository containing a variety of Packer, Vagrant, Powershell, Ansible, and Terraform scripts that allow you to automate the process of bringing an ActiveDirectory environment online complete with logging and security tooling using a variety of different platforms. DetectionLab can currently be deployed to the following platforms: — Virtualbox (Windows, MacOS, Linux) — VMware Workstation/Fusion (Windows, MacOS, Linux) — HyperV — ESXi — AWS — Azure — LibVirt (Not officially supported) — Proxmox (Not officially supported) https://detectionlab.network/ #lab #cloud #blueteam #redteam

14 682

MultiPotato Another Potato to get SYSTEM via SeImpersonate privileges https://github.com/S3cur3Th1sSh1t/MultiPotato #windows #lpi #potato #tools

14 682

Arsenal of AWS Security Tools List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. https://github.com/toniblyx/my-arsenal-of-aws-security-tools #aws #security #benchmarks #blueteam

14 682

A (not so deep) Dive into Grafana CVE-2021-43798 This post will cover some details behind the recent Grafana vulnerability (CVE-2021-43798), which is a directory traversal bug allowing unauthenticated attackers to read files on the target server filesystem. This post will also discuss some real world scenario and attack surface of the Grafana. https://nusgreyhats.org/posts/writeups/a-not-so-deep-dive-in-to-grafana-cve-2021-43798/ #grafana #lfi #cve

14 682

Windows 10 Hardening The project started as a simple hardening list for Windows 10. After some time, HardeningKitty was created to simplify the hardening of Windows. Now, HardeningKitty supports guidelines from Microsoft, CIS Benchmarks, DoD STIG and BSI SiSyPHuS Win10 https://github.com/0x6d69636b/windows_hardening/ #blueteam #windows #hardening #benchmarks

14 682

ADCS: Playing with ESC4 Enumeration and abuse of Linux-based ADCS ESC4 Research: https://www.fortalicesolutions.com/posts/adcs-playing-with-esc4 Source: https://github.com/fortalice/modifyCertTemplate #adcs #abuse #pentest #tools

14 682

Docem A utility to embed XXE and XSS payloads in docx, odt, pptx, etc - any documents that is a zip archive with bunch of xml files inside. https://github.com/whitel1st/docem #xxe #xss #doc #file #upload

14 682

Invoke-WinSATBypass This script will create a mock directory of "C:\Windows\System32" and copy a legitimate application of Windows (WinSAT.exe) into it. It will after try to download a DLL called version.dll, which is loaded by default by WinSAT.exe, in order to perform a UAC Bypass by doing some DLL Hijacking. https://github.com/b4keSn4ke/Invoke-WinSATBypass #uac #bypass #winsat #tools

14 682

#tools CVE Trends One cool guy made this tool to monitor CVE trends in twitter. He shared this tool in his russian channel. https://cvetrends.com/

14 682

mssqlproxy Toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. https://github.com/blackarrowsec/mssqlproxy #mssql #proxy #pentest #tools

14 682

RogueAssemblyHunter Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes. https://github.com/bohops/RogueAssemblyHunter #dotnet #blueteam #threadhunting