0x6rss (@0x6rss) / X

0x6rss

834 posts

0x6rss

@0x6rss

OSINT & malware enthusiast, CTI analyst cti.monster

Joined March 2020

0x6rss
@0x6rss
Oct 10, 2025
instead of udemy, gather information from hacking/illegal forums, read the articles there, and for every incident you analyze, empathize by putting yourself in the threat actor’s shoes
whitehats
@wh1t3h4ts
Oct 9, 2025
what's one advice you can give to a younger self or a newbie in cybersecurity
152K
0x6rss
@0x6rss
Jul 9, 2024
Android malware (.apk) can be spread through a fake video by manipulating the Telegram file extension. I showed how it is done in the video below.
00:00
181K
0x6rss
@0x6rss
Feb 22, 2025
hi threat hunters and malware analysts! I want to introduce you to my newly developed tool called "Matkap". with this tool, you can infiltrate telegram bots(malbots) associated with malware, gain access to their messages, and extract all their logs! ➡️ github.com/0x6rss/matkap
00:00
192K
0x6rss
@0x6rss
Jul 31, 2024
python dev / c++ dev
73K
0x6rss
@0x6rss
Mar 29, 2025
Messages with .m3u extension may leak your IP (Telegram Desktop/Windows). Telegram warns for .m3u8 ("Opening this file can potentially expose your IP address...") but not for .m3u. Note: .m3u is a simple text-based playlist format
65K
0x6rss
@0x6rss
Jul 14, 2024
Android malware (.apk) can be spread through a fake PDF document by manipulating the file extension in the WhatsApp application. I showed how it is done in the video below.
00:00
103K
0x6rss
@0x6rss
Jun 24, 2024
Tek bir aramadan bankanızdan para kaybetme riski… ‼️Dolandırıcılar, sanki banka arıyormuş gibi kurbanları arayarak IVR yoluyla Veri/OTP bilgilerini çalmak için telefon görüşmelerini aşağıdaki videoda kodlayıp simüle ettiğim gibi kullanır.
00:00
246K
0x6rss
@0x6rss
Mar 18, 2025
CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: cti.monster/blog/2025/03/1… PoC: github.com/0x6rss/CVE-202…
00:00
46K
0x6rss
@0x6rss
Jul 25, 2024
My first blog post: Creating a PDF Dropper by Injecting Malicious JavaScript into a PDF with a Cobalt Strike Payload For the source code and PoC, check out my blog post:👇 cti.monster/blog/2024/07/2…
00:00
77K
0x6rss
@0x6rss
Feb 27, 2025
Hunting tips 🔴 Using "matkap" tool, you can search for the parameter body="api.telegram.org" on @fofa to infiltrate the malicious Telegram bots to which fake/phishing pages send logs! Happy Hunting!
00:00
01:27
0x6rss
@0x6rss
Feb 22, 2025
hi threat hunters and malware analysts! I want to introduce you to my newly developed tool called "Matkap". with this tool, you can infiltrate telegram bots(malbots) associated with malware, gain access to their messages, and extract all their logs! ➡️ github.com/0x6rss/matkap
90K
0x6rss
@0x6rss
Jul 28, 2025
WhatsApp messages that seem to come from someone even though they never sent anything? No clicks, no permissions. Just a few technical steps! I demonstrated a manipulation technique for digital forensics experts. Blog post: cti.monster/blog/2025/07/2… PoC: github.com/0x6rss/whatsap…
00:00
38K
0x6rss
@0x6rss
Jul 12, 2024
Android Crypto Stealer👇 Malware actors develop methods like the following to steal cryptocurrencies from Android phones.
00:00
40K
0x6rss
@0x6rss
Mar 4, 2025
CVE-2024-7014 Return: Attackers can send messages disguised as fake videos via Telegram, tricking you into downloading malware or exposing your IP address. Blog: cti.monster/blog/2025/03/0… Check PoC: github.com/0x6rss/telegra…
00:00
54K
0x6rss
@0x6rss
Mar 27, 2025
Hey threat hunters and malware analysts! The web version of Matkap is now live! You can now hunt malicious Telegram bots via matkap.cti.monster Happy hunting!
00:00
63K