All Security Engineering Courses

Kanalga Telegram’da o‘tish

This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmark me!

Ko'proq ko'rsatish

Rossiya35 927 Texnologiyalar & Aralashmalar7 149...

📈 Telegram kanali All Security Engineering Courses analitikasi

All Security Engineering Courses (@allsecurityengineeringcourses) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 18 804 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 7 149-o'rinni va Rossiya mintaqasida 35 927-o'rinni egallagan.

📊 Auditoriya ko‘rsatkichlari va dinamika

невідомо sanasidan buyon loyiha tez o‘sib, 18 804 obunachiga ega bo‘ldi.

16 Iyun, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 139 ga, so‘nggi 24 soatda esa 6 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.

Tasdiqlash holati: Tasdiqlanmagan
Jalb etish (ER): Auditoriya o‘rtacha 10.11% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining 2.89% ini tashkil etuvchi reaksiyalarni to‘playdi.
Post qamrovi: Har bir post o‘rtacha 1 901 marta ko‘riladi; birinchi sutkada odatda 544 ta ko‘rish yig‘iladi.
Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 3 ta reaksiya keladi.
Tematik yo‘nalishlar: Kontent git, strace, github, linux, docker kabi asosiy mavzularga jamlangan.

📝 Tavsif va kontent siyosati

Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmar...”

Yuqori yangilanish chastotasi (oxirgi ma’lumot 17 Iyun, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.

18 804

Obunachilar

+624 soatlar

+347 kunlar

+13930 kunlar

1 901

Post ko'rishlar

~ 54424 soatlar

~ 71048 soatlar

10.11%

Muloqot nisbati

Ma'lumot yo'q

Kuniga postlar

Ads index

beta

Postlar arxiv

18 804

Repost from Freedom Fox 🏴‍☠

MSSQLBOF #BOF (Beacon Object File) для взаимодействия с #MSSQL. Не требует msodbcsql.dll, sqloledb.dll, .NET CLR или PowerShell. Интегрируется в любой популярный C2: Cobalt Strike; Havoc; Sliver; BruteRatel; Nighthawk; AdaptixC2; Metasploit; PoshC2. Чат в МАХ Канал в МАХ Telegram ✉️ @freedomfox

18 804

Repost from cobaltstrike

A BOF that's a BOF Loader and more https://github.com/0xTriboulet/InlineExecuteEx

18 804

HackSmarter - Hands on Phishing 🔥🆕 👨‍💻 Password : @WickHelps 👍 Exam Guide : link ❗️ Backup all channels link 👨‍💻 Proof of work Link 🚀 Any-Issues: Chat Here 🖥 Download Here1 Here2

18 804

Repost from CVE

CVE-2025-8088 A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. GitHub Link: https://github.com/lennertdefauw/CVE-2025-8088

18 804

Repost from Библиотека Cobalt Strike

A Cobalt Strike RL built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. https://github.com/kapla0011/KaplaStrike #статьи_ссылки_scripts

18 804

Repost from OSCP+ Exam Resources👩‍💻

🔴 A Web-Based OSCP/OSEP Cheat Sheet https://anshu19981.github.io/Pentestcheatsheet/

18 804

Repost from 1N73LL1G3NC3

LOLEXFIL Living off the land Data Exfiltration methods (189 trusted tools).

18 804

Repost from cobaltstrike

Bypassing EDR in a Crystal Clear Way This blog takes you from how C2 payloads actually work under the hood all the way to building a fully evasive reflective loader that bypasses one of the best EDR's, covering module overloading with .pdata registration, NtContinue entry transfer, API call stack spoofing with Draugr, sleep masking, and Crystal Palace YARA signature removal. Every technique explained from why it exists, not just how it works. A Cobalt Strike Reflective Loader built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. https://github.com/kapla0011/KaplaStrike

18 804

Repost from CodeGuard: Academy

🔒 Безопасная настройка OpenSSH: запрет root, ограничение IP, ключи 99% взломов SSH из-за дефолтных настроек. Боты бьют по root:22 24/7. За 10 минут превратим sshd_config в крепость: без root, только ключи, белый список IP. 1️⃣Бэкап и редактирование /etc/ssh/sshd_config

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak
sudo nano /etc/ssh/sshd_config

2️⃣ Запрет root и паролей

PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes

3️⃣Ограничение по IP (AllowUsers)

# Только с вашего офиса и VPS
AllowUsers admin@192.168.1.100 admin@203.0.113.5 deploy@10.0.0.50
# Или подсети
AllowUsers *@203.0.113.0/24

Root всё равно заблокирован, но можно @ваш_IP для root при необходимости. 4️⃣ Смена порта (обязательно) Port 2222 Боты сканируют 22, ваш 2222 игнорят. Откройте в ufw: sudo ufw allow 2222/tcp 5️⃣ Современные алгоритмы 2025

# Только сильные шифры
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
KexAlgorithms curve25519-sha256,[email protected]

6️⃣ Таймауты и лимиты

ClientAliveInterval 300
ClientAliveCountMax 0
MaxAuthTries 3
LoginGraceTime 30
MaxSessions 2

🔑 Генерация и настройка ключей На локальной машине:

ssh-keygen -t ed25519 -C "admin@server" -f ~/.ssh/server_key
ssh-copy-id -i ~/.ssh/server_key.pub [email protected] -p 2222

Права на сервере:

chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys
chown -R $USER:$USER ~/.ssh

✅Тестирование перед рестартом

sudo sshd -t  
# синтаксис конфига
sshd -T | grep -E "(permitrootlogin|passwordauthentication)"  
# эффективные настройки

Подключитесь с нового терминала: ssh -p 2222 admin@server 🔄Применение

sudo systemctl restart sshd
sudo ufw deny 22  # закройте старый порт
sudo ufw reload

🚨Fail2ban как вишенка

sudo apt install fail2ban
sudo systemctl enable fail2ban

В /etc/fail2ban/jail.local:

[sshd]
enabled = true
port = 2222

💥Результат: 0% брутфорса, только ваши ключи с ваших IP. Логи чистые. 🖥 CodeGuard: Academy | Чат

18 804

Repost from 1N73LL1G3NC3

KaplaStrike A Cobalt Strike Reflective Loader built with Crystal Palace — module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and static signature removal. Bypassing EDR in a Crystal Clear Way This blog takes you from how C2 payloads actually work under the hood all the way to building a fully evasive reflective loader that bypasses one of the best EDR's, covering module overloading with .pdata registration, NtContinue entry transfer, API call stack spoofing with Draugr, sleep masking, and Crystal Palace YARA signature removal. Every technique explained from why it exists, not just how it works.

18 804

Repost from Библиотека Cobalt Strike

Keylogger-BOF An async keylogger implemented as a Beacon Object File (BOF) for AdaptixC2. Захватывает нажатия клавиш по всей системе с помощью низкоуровневого захвата для клавиатуры (WH_KEYBOARD_LL) без появления каких-либо дополнительных процессов. Все собранные данные хранятся в именованной общей памяти — никогда не касается диска. https://github.com/DarksBlackSk/Keylogger-BOF #статьи_ссылки_scripts

18 804

Repost from 1N73LL1G3NC3

WatchDogKiller PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD Blog: Researching an APT Attack and Weaponizing It: The WatchDog BYOVD Story

18 804

Repost from 1N73LL1G3NC3

PatchReview MS patch checking tool

18 804

Repost from 1N73LL1G3NC3

Gaining Initial Access and Outsmarting SmartScreen .zip email attachment that includes a VHDX (Hard Disk Image File) + Mark of the Web and SmartScreen bypass using Trusted Executable Reputation and DLL Sideloading. Tools: https://github.com/g3tsyst3m/CodefromBlog/tree/main/2026-2-21-Initial%20Access%20and%20Outsmarting%20SmartScreen

18 804

Repost from Whitehat Lab

🏃 AD CS LOLBAS Toolkit

Native Windows toolkit for AD CS enumeration and exploitation. Everything runs through built-in OS components (certreq.exe, certutil.exe, PowerShell AD module, .NET Framework) - no third-party tools needed. Build with a sprinkle of FAFO and some finding out in lab env

Скрипты:

🐥adcs-common.ps1 🐥Invoke-Enumerate.ps1 🐥Invoke-SnapshotAudit.ps1 🐥Invoke-RemoteAudit.ps1 🐥Invoke-ESC1.ps1 .. Invoke-ESC13.ps1 🐥Invoke-FindTemplates.ps1 🐥Invoke-PassTheCert.ps1 🐥Invoke-ShadowCredentials.ps1 🐥Invoke-Kerberoast.ps1 🐥Invoke-DomainRecon.ps1

😹 Repo #adcs #windows #powershell ✈️ Whitehat Lab 💬Chat

18 804

Repost from 1N73LL1G3NC3

The Mimikatz Missing Manual My goal was to create the "Missing Manual" — the documentation that explains not just the commands, but the why and the how of the Windows protocols being manipulated. Parts:

• Foundations: Setting up your environment and the basic syntax. • System Internals: How Windows handles tokens, processes, and services. • LSASS & Credentials: The heart of Mimikatz—extracting secrets from memory. • Kerberos Deep Dive: Tickets, forgery, and delegation. • PKI & Certificates: Hardware and software-based identities. • Domain Persistence: Owning the directory through replication. •DPAPI: Unlocking the secrets at rest.

18 804

Repost from 1N73LL1G3NC3

CVE-2025-61155: Arbitrary Process Termination in GameDriverX64.sys (BYOVD) The GameDriverX64.sys kernel-mode anti-cheat driver (v7.23.4.7 and earlier) contains an access control vulnerability in one of its IOCTL handlers. A user-mode process can open a handle to the driver device and send specially crafted IOCTL requests. These requests are executed in kernel-mode context, allowing the attacker to terminate arbitrary processes, including critical system and security services (AV / EDR), without requiring administrative privileges. Blog: https://vespalec.com/blog/tower-of-flaws/

18 804

Repost from 1N73LL1G3NC3

360WFP_Exploit BYOVD: Use 360 Security WFP driver (360netmon_x64_wfp.sys) to block EDR/XDR network connection.

18 804

Repost from 1N73LL1G3NC3

Lnk-it-up Project for generating and identifying deceptive LNK files. Blog post: Trust Me, I'm A Shortcut. Windows’ primary mechanism for shortcuts, LNK files, is frequently abused by threat actors for payload delivery and persistence. This blog post introduces several new LNK file flaws that, amongst other things, allow attackers to fully spoof an LNK’s target and hide any command-line arguments provided.

18 804

Repost from OSCP+ Exam Resources👩‍💻

🔴 OSCP Challenge Lab 2 - Relia Complete Walkthrough ❌ Please don't share it.