Kirk Trychel
@Teach2Breach
Followers
689
Following
379
Media
56
Statuses
982
Explore trending content on Musk Viewer
Michigan
• 310201 Tweets
Arsenal
• 270745 Tweets
Tennessee
• 118774 Tweets
Francis
• 81592 Tweets
Nico
• 79878 Tweets
Usher
• 61445 Tweets
#precure
• 44243 Tweets
Norris
• 43922 Tweets
Romero
• 39945 Tweets
O Vasco
• 37200 Tweets
Arnold Palmer
• 33471 Tweets
Russell
• 32993 Tweets
Hulk
• 29528 Tweets
Bama
• 29358 Tweets
Inter Miami
• 23850 Tweets
Copa do Brasil
• 22513 Tweets
Gago
• 20679 Tweets
#仮面ライダーガヴ
• 19692 Tweets
Milroe
• 16939 Tweets
Tigre
• 15935 Tweets
Saban
• 14653 Tweets
São Januário
• 14218 Tweets
Vegetti
• 12506 Tweets
Rossi
• 10007 Tweets
Pinned Tweet
The remote process injection from Tempest c2, as a rust library, you can use in your own framework:
0
3
26
Thanks to everyone who came to my talks at defcon on the Tempest c2. Below are some links to the slides, 1st blog post, and repo. More on the way:
slides:
Tempest c2 intro blog:
repo:
9
86
286
This week on whoami, we're doing something a little different. In this special episode, I give a virtual presentation of my recent defcon talks on the newly released Tempest c2 framework.
3
5
133
@arithmoquine
I’m pretty sure 4chan could have figured out your location from the same image with closer approximation 10 years ago. stop worrying about things AI can do that people have already been doing?
10
4
112
On episode 7 of whoami, I am joined by Michael Aguilar (
@v3ga_hax
) to learn from his expertise in medical device hacking. Full episode below. You can also check it out on youtube and spotify.
0
15
88
For episode 3 of 'whoami', I'm joined by the legendary
@HackingLZ
of
@TrustedSec
, so we're also going to try something different and I'm uploading the entire video right here on X. We talk early hacking days, red team trends and balancing R&D with operations. Check it out!
1
9
81
For Ep6 of 'whoami', I spoke with
@atomicz3r0day
about Social Engineering tactics. Check it out and learn from an expert in the art of deceiving people to obtain initial access!
2
6
68
Ep5 of 'whoami' is out. I'm joined by Nicole Carignan, VP of AI Strategy at Darktrace. Check it out as we discuss AI Security and alignment! She was also nice enough to provide a list of great resources on the topic, which I've posted on my blog:
1
4
60
Excited to be a speaker at
@defcon
@RedTeamVillage_
this year. I'll be talking tradecraft and releasing my private c2 framework. It has the expected features, and will release with docs, demos, and exhaustively commented code for helping ppl learn maldev.
See you in Vegas!
6
7
43
On Episode 4 of 'whoami', I'm joined by
@Adam_Logue
to talk about his early hacking days, bug bounty, and car hacking. Adam is an amazing researcher, and I learned a lot on this one. You can check it out right here on X.
4
5
41
@arekfurt
@EricaZelic
But aren’t they the ones who introduced those vulns in the first place? Are we really going to keep giving Msft a pat on the back for plugging holes that they themselves created?
1
0
33
I'm consolidating some code snippets and starting to release more open source. You can catch most my new code on 1 of 2 repos:
Nothing too fancy yet, but you may find some useful snippets for maldev, in C, Rust, or Swift (so far).
0
10
31
Implemented RtlCreateProcessReflection in Rust and combined with postrequest’s version of safetydump (with some tweaks) for a stealthy lsass dumper. Mostly as an exercise, but it probably performs quite well against EDR.
1
10
29
Check out my blog about using to build Red Team tools: .
I pasted the whole blog to Assistant who provided my first review:
0
1
28
My weekend Red Team tip is read Windows internals. Here’s a link to 7th ed. at , but I’m sure its posted lots of places.
1
4
25
My first talk on this topic was recently posted. It actually took place in March, so my SANS talks are more up to date, but I also had more time and more Q&A in this one.
AI for Red Team and Malware Development - Kirk Trychel | CypherCon 6.0 via
@YouTube
3
4
20
I'd like to give a shout-out to those who have shared repos that I used a lot learning maldev.
@C5pider
:
@ilove2pwn_
:
@trickster012
:
@_Kudaes_
:
@memN0ps
:
2
3
21
0
0
19
@arithmoquine
ok? But assuming someone has the motivation to use the information, they would get someone who could do it right? I just think all this fearmongering over things that AI does, which people can already do, is sort of pointless.
2
0
19
My talk on using AI for Red Teaming and Malware Dev has been accepted at CypherCon.
Hope to see you hackers there.
2
1
19
Follow Friday. Here's some of my faves in the Red Team / hacking space. 1/2
@HackingLZ
@C5pider
@424f424f
@ilove2pwn_
@ustayready
@simonw
@_xpn_
@the_bit_diddler
@_Kudaes_
@n00py1
@Kharosx0
@q8fawazo
@timmisiak
2
3
18
@vxunderground
Rust makes C devs so upset, that I’m at the point of writing everything I can in Rust just for the troll value.
0
0
16
For those who usually watch the show on youtube or spotify, here's the links to episode 3 w/
@HackingLZ
(full episode is also shared here on X):
youtube:
spotify:
1
1
14
@chbaker1958
@arekfurt
@EricaZelic
I agree. But its a pattern to give Microsoft all this credit for security, for situations they created. I’m not really being critical of the devs as much as how MSFT profits and gains positive rep from just finally fixing their own products.
3
1
13
Slides from my talk at Cyphercon today are now posted at for those who asked for them.
If you didn't see the talk, the slides might not be super helpful. I do a lot of talking off slides when I present. I'm sure video will be out fairly soon though.
1
4
13
@arithmoquine
No, I get it. But what exactly is to be done about it? I think there are very serious pitfalls to be worried about with AI progression, and I dont think our society can keep up with the tech pace to address them. But most the fears I see expressed are not those serious issues.
6
0
12
@PierreIsLying2U
@vxunderground
They should invest in security. I don’t agree with attacking hospitals, but healthcare systems notoriously have terrible security. Same with school systems. They don’t put in the effort or money, so its hard to be sympathetic, esp considering how much revenue healthcare generates
2
0
11
Thanks to everyone for a great
@Cyphercon
, especially the people who help put it together and make it happen. Met some amazing people. Presentation went better than I could have hoped. All in all, it was a great conference.
0
2
12
@HackingLZ
@C5pider
@424f424f
@ilove2pwn_
@ustayready
@simonw
@_xpn_
@the_bit_diddler
@_Kudaes_
@n00py1
@Kharosx0
@q8fawazo
@timmisiak
@DrAzureAD
@gymR4T
@passthehashbrwn
@c3rb3ru5d3d53c
@_RastaMouse
@chompie1337
@vxunderground
@Fox0x01
@Alh4zr3d
@_wald0
@memN0ps
@s4ntiago_p
@33y0re
@theg3ntl3m4n
2/2
0
2
11
Episode 1 w/
@nullg0re
, of my new podcast 'whoami' is now live on spotify and youtube! On whoami, I'm talking with great hackers to find out how they got into hacking and dig into their area of expertise. Check it out:
2
7
11
0
1
10
I'll be speaking at the SANS virtual
#AISummit
( ) on May 31st. It's free so come check it out. Lots of great talks lined up.
0
1
10
Really excited to share this project with the community! Thanks to red team village for the opportunity.
🚨 Join us at RTV for
@teach2breach
's talk: “Tempest C2: Use and Design” during
@decfon
32! 🛡️ Discover how this Rust-based C2 framework prioritizes ease & effectiveness with insights on operational security, EDR evasion & more.
📅 10 Aug 2024, 2:00 PM
📍 Narrows (Track 4)
0
0
6
1
3
10
@passthehashbrwn
Unfortunately, much of the penetration testing / red team industry ends up being the same. From my experience in consulting, what I saw was an unspoken agreement that people work over billed hours, putting 40 on paper and working 65. I feel like it is expected at many shops, too.
1
0
8
@wbm312
@HackingLZ
@kevinmitnick
The legend! The stories of his early exploits, and his book ‘Ghost in the Wires’ were a huge inspiration. Sorry to hear this.
1
1
7
Had someone reach out asking about this, so decided to post it publicly: . It's a proof-of-concept, based on Naksyn's Pyramid. This simplified POC downloads the signed python embeddable package for windows, then downloads and runs a python script.
0
3
7
Episode 2 of 'whoami' w/ John Miller is now live on spotify and youtube! I had a blast talking AI security with such a brilliant guest. Check it out:
0
4
7
If you caught my talk today at
@SANSInstitute
#AISummit
, you may be interested in my new blog post that provides a little more detail and discussion around some of the AI assisted techniques I presented.
1
2
7
@C5pider
@TheHackersNews
@zscaler
These reports are so pointless. Should we feel bad if they use linux too? Or a Macbook? I mean just who cares. I think its cool , and at least your stuff is open source so blue teams know what to expect. Every red team is sitting on tooling…
0
0
7
@ustayready
you are probably doing it after, but just since I noticed in your screenshot.. Be sure to add timestamp, as not having one will still cause an ML based prevention with some products.
1
0
7
@_noid_
no I don’t prep. the best thing to do is be honest. nothing worse than listening to someone try to bullshit a technical answer. nobody knows everything and everyone knows that. its worse to act like you do. just be honest. if it doesn’t work out then it wasnt the job right now.
0
0
7
I'm now posting 'whoami' on X, youtube and Spotify. You can check out episode 4 with
@Adam_Logue
, where we chat bug bounty and car hacking, at the links below or check my other posts for the video on X:
youtube:
spotify:
0
2
6
@unusual_whales
wtf is this chart? who is suggesting $80k/year is enough to support a family of 4 ???
2
1
6
Just a heads up, whoami podcast is taking a break from releasing new episodes while we gear up for defcon. Lots of updates coming though!
0
1
6
@goodside
There’s things it won’t answer or won’t do. Some simple, like it doesn’t want to make ASCII art or provide answers on certain topics. But if you ask it to write a program with a function and add these things as variables, it will gladly do so ;)
3
0
6
Talk with more people outside your company! Don't just read tweets and articles. Get on calls with other people in the industry. It's too easy to get locked into a certain way of thinking when you don't venture outside your team or company.
1
0
5
Sponsoring
@ilove2pwn_
on github, because he's writing interesting malware and sharing with the community. Definitely check out his work.
0
1
4
Ep6 of 'whoami', with Social Engineering Expert
@atomicz3r0day
is now up on youtube and Spotify. You can also find it on X on my other posts.
youtube:
spotify:
0
0
5
@EricaZelic
Thinking beyond exploits, and taking one's time, once you have an initial foothold, with at least some user account, you can generally find additional access. Someone mentioned file shares, which is huge. Also backups, source code (internal git), emails, teams, slack, etc...
1
0
5
@HackingLZ
Right, and then they return to vendors with things like “why didn’t you catch this C2 beacon payload.” Vendor requests sample. Add garbage rule to make client happy. Rinse and repeat.
1
0
5
@defcon
@RedTeamVillage_
Some notable features of the framework:
- bof loader
- socks proxy
- custom process injections
- dynamically loaded native API calls
- cross-platform
- OPSEC focused, no bloat
1
1
4
Not sure who needs to hear this rn, but I know a lot of people in offsec struggle with impostor syndrome. You are worthy. If you know you put in the work, then trust yourself. Your contributions have value.
0
2
4
@chompie1337
@n00py1
It is also typically run very unethical. I stopped submitting after so many large orgs make excuses to dismiss reports or keep them in limbo, and never address even Critical vulns or quietly fix them without ever giving credit much less paying proper bounty.
1
0
4
Reminder that I’ll be talking about AI red team applications today on the SANS virtual
#AISummit
. You can register here, it is just kicking off:
I’ll be on at 2pm Eastern
0
1
4
Ep5 of 'whoami' w/ Nicole Carignan, VP AI Strategy Darktrace. Posting youtube and spotify links below. Full video is also posted on X if you check my other posts.
youtube:
spotify:
resources:
0
0
4
@rez0__
I have also noticed that if I disagree and present an alternative viewpoint, it will often change its response and agree. Sometimes it does this when I am attempting to genuinely inquire about a previous response. “Are you sure about that? Because X?” Which can be problematic.
1
0
3
@retBandit
very cool. This sounds like legit AI red team, not just LLM content policy QA. Love it
0
0
4
If you have enjoyed some of my recent talks and blog, you should consider going to (
@rootconorg
) conference this September 27-29. I'll be presenting some new research to share and it's sure to be a fun time.
0
2
4
@ustayready
Been playing with this as well. Now add a dynamic code loader and have gpt4 send back code to execute on target ;)
Probably good idea to have some human verification of the code before it executes.
0
0
3
@simonw
The issue is that this often works even if you are not correct. Honestly, you can persuade it to say anything. This seems true for all models. If you present a compelling argument, or sometimes if you just yell at it, LLMs will agree.
1
0
4
Just added another POC remote process injection to my dev repo. Uses process snapshotting to create a clone of a target process, and then inject the clone. It has some small gotchas as is, but nothing major ;)
1
2
4
@Wietze
@Oddvarmoe
@bohops
@xenosCR
@ConsciousHacker
@fr0gger_
@evstykas
@LloydLabs
@infosecb
@Mr_Forensics
@theg3ntl3m4n
@Van1sh_BSidesIT
@danielhbohannon
It was great to meet so many incredible hackers in person. Hope to see you at a con again soon.
0
0
4
@C5pider
@ilove2pwn_
@trickster012
@_Kudaes_
@memN0ps
Some more of my most used:
postrequest:
deadjakk:
hakaioffsec:
2vg:
1
1
4
@EricaZelic
By doing this, you can generally avoid a lot of alerts that may be generated using known tools or techniques that generate endpoint or network telemetry. Moving as an insider threat, using information from wikis, and other dynamic sources, is very difficult to detect.
0
0
4
@DarkWebInformer
oh no, someone will get the same data on consumers that every other breach this year had… this happens so often, its hard to even care at this point tbh. The Dell breach came and went and absolutely no one cared. Ticketmaster knows this, so why pay?
2
0
4
I forgot to update my photo on this submission, but I dunno, I kind of like this promo anyway. Catch me for real
@RedTeamVillage_
talking about maldev in a few weeks
@defcon
. Releasing lots of code and docs after the talks. I'll post the links to new repos on X that weekend.
0
2
3
@C5pider
@AliceCliment
@trickster012
Thats a great source. I also learned a lot from . Highly recommend. And I put together this repo as a collection of what helped me the most:
0
0
3
Where the AI red teamers at? I need more peeps to follow talking about passive prompt injections and the like. Planting data to be ingested by chatbots to take actions in a user context. Etc… Suggest your faves if you follow some.
0
0
3
So lately I keep getting “ChatGPT is at capacity right now” on desktop. But I don’t think I have ever got this message on mobile. And when I get it on desktop, I can still login on mobile… What’s up with that?
2
0
1
Really great post by Nvidia AI Red Team, introducing their team and methodology for testing ML systems.
0
2
3
@_Kudaes_
Totally. But in my exp, there's an ML detection that will flag and block unsigned bins. You may need to tweak the path in this script, as my attempts to write a check to locate the bins is failing this morning, but you get the idea: .
1
0
3
@Captain49605236
@Alh4zr3d
Think I’ll wrap this in Rust with pyo3 and run it without python installed on the target, cross-platform ;)
2
0
3
@EricaZelic
Those are great, but sadly I have had some also where the org has a less mature understanding of security, and I’ve had clients who became ill, or once, even began weeping on the call. I’ve also heard people fired, and directly caused someone’s termination (insider threat).
1
0
3
@_RastaMouse
do you really think we need infosec topics of the week coverage? any time anything happens, it gets posted and reposted 1000s of times and fills my feed for 2 days. and most infosec "news" is superficial and boring. I'm surprised by this.
1
0
3
The course I took that helped me the most in developing new Azure attacks, was a Microsoft course on securing (defending) Azure. This likely applies across most of infosec as well. Understand your adversary and their tactics.
0
0
3
@rcx86
Read github and docs imo. Books are always outdated. I still read some technical books, but even the best are dated. Its just a restriction of the medium.
2
0
3
@HackingLZ
Yes but right now you can get away with https post requests just about as much as you want, and have more hands on granular control, so it wouldn' t make sense to do that. Right now the risk vs reward for automated operations like that is not in favor of the built-in automation.
1
0
3