K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵

@Teach2Breach

MALicious softWARE

Joined August 2017

481Following

1KFollowers

Pinned

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jul 14

github.com/Teach2Breach/s… Locate function addresses in loaded dlls without walking PEB structures or parsing EAT.

Teach2Breach's tweet card. Locate dlls and function addresses without PEB Walk and EAT parsing - Teach2Breach/stargate

4.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jul 19

how did you get the recording of my defcon talks?

BBryce@bryceabdo · Jul 19

262

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jul 12

Updated both branches of github.com/Teach2Breach/m… Cleaned up main branch library so its op ready and made reliability improvements on opsec branch. If you have been experimenting with moonwalk, please pull latest update.

Teach2Breach's tweet card. find dll base addresses without PEB WALK. Contribute to Teach2Breach/moonwalk development by creating an account on GitHub.

3.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jul 9

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…

55pider@C5pider · Jul 9

9.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jul 7

you can be legit and still like mr robot

2.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵ Retweeted

vx-underground@vxunderground · Jul 4

P.S. LAMERS, I own 3 Flipper Zeros (you probably don't know what that is) I hide them in my ass so the FBI can't stop me from changing display LEDs at the anime store. It's not weird, it's my secret hiding spot P.S.S. I built my own computer. Got a problem with that, lamer?

604

22.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵ Retweeted

Ray [REDACTED]@RayRedacted · Jul 3

Just a friendly reminder that you OpSec sucks. Mine does too, of course, and mine might even be worse than yours.

3.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jul 2

"how do i learn maldev?" go insane. when other ppl sleep, you read windows api index. you just read it. you crawl @vxunderground and @github for gems in the rough. deep dive some process you never noticed before. you know its illegal and for nerds, but you're simply compelled

1.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵ Retweeted

Justin Elze@HackingLZ · Jun 26

Beacon Object Files – Five Years On… 🔥 aff-wg.org/2025/06/26/bea…

151

10.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jun 27

"The new Windows capabilities will allow them to start building their solutions to run outside the Windows kernel. This means security products like anti-virus and endpoint protection solutions can run in user mode just as apps do." 👀 blogs.windows.com/windowsexperie…

Teach2Breach's tweet card. Resilience isn’t optional—it’s a strategic imperative. In today’s threat landscape, organizations can’t afford to treat resilience as a reactive measure. It must be built into the foundation of how...

2.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵ Retweeted

S3cur3Th1sSh1t@ShitSecure · Jun 26

After today’s talk at #TROOPERS25 I’m releasing BitlockMove, a PoC to execute code on remote systems in the context of a loggedon user session 🔥 github.com/rtecCyberSec/B… No need to steal credentials, no impersonation, no injection needed 👌

173

443

261

41.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jun 26

🔧 Byont: (PoC) Load clean ntdll.dll from Microsoft symbol servers and execute functions from memory. Manual PE loading without LoadLibrary - bypass userland hooks for security research. github.com/Teach2Breach/b…

Teach2Breach's tweet card. bring your own clean ntdll (or other MS dlls). Contribute to Teach2Breach/byont development by creating an account on GitHub.

116

5.0K

K̵i̵r̵k̵ ̵T̵r̵y̵c̵h̵e̵l̵@Teach2Breach · Jun 26

🔧 NT Unhooker - (PoC) A Windows security tool that detects & removes inline/IAT hooks from NTDLL.dll github.com/Teach2Breach/n…

Teach2Breach's tweet card. demo unhooking functions in ntdll. Contribute to Teach2Breach/nt_unhooker development by creating an account on GitHub.

4.0K