Keanu Nys

112 posts

Keanu Nys

@RedByte1337

Offensive Security Lead @ Spotit. Creator of GraphSpy

Belgium Katılım Ağustos 2014

79 Takip Edilen1.2K Takipçiler

Sabitlenmiş Tweet

Keanu Nys@RedByte1337·5 Nis

🚀I'm finally releasing GraphSpy to the public!🕵️ A powerful offensive security tool focused on making initial access and post-compromise enumeration in Microsoft Entra and M365 much more convenient during penetration tests and red team assessments! github.com/RedByte1337/Gr…

English

136

380

34.8K

Keanu Nys@RedByte1337·15 Nis

Just shipped GraphSpy v1.7.0 ✨ Mostly under-the-hood work this time with major refactoring to speed up future development ⚙️ Huge shoutout to n3rada for leading the effort! More exciting features coming soon 🚀 github.com/RedByte1337/Gr…

English

2.8K

Keanu Nys@RedByte1337·8 Nis

@fabian_bader Interesting research Fabian!

English

143

Fabian Bader@fabian_bader·8 Nis

📢 You already know FOCI, BroCI, and all the OAuth2.0 flows? But do you already know the secret token providers of Entra ID? In my latest research post I explore how you can, hidden from the Defenders, request new access token. cloudbrothers.info/en/avoid-entra… #EntraID #DefenderXDR

English

196

44.5K

Keanu Nys retweetledi

Altered Security@AlteredSecurity·7 Nis

Early Bird Offer for Q2 Bootcamps 2026 is ending soon. Save 15% on our upcoming Red Team live bootcamps across Azure and Active Directory. Use code EARLYBIRD15. Offer valid till April 10, 2026. June 5 - CARTP® Bootcamp June 6 - CRTP® Bootcamp June 27 - CARTE® Bootcamp Secure your seat: alteredsecurity.com/bootcamps #CyberSecurity #RedTeaming #CloudSecurity #InfoSec

English

1.8K

Keanu Nys retweetledi

Nikhil Mittal@nikhil_mitt·7 Nis

Join @RedByte1337 and me for the June 2026 bootcamps as we take you through the on-prem and Azure Red team. Very practical and hands-on labs with fantastic learning aids. Bonus - dad jokes and insight (read rant) on state of identity security.

Altered Security@AlteredSecurity

English

1.1K

Keanu Nys retweetledi

Kuba Gretzky@mrgretzky·27 Mar

It was an honour to share what I've been working on on the stream! It was a blast! 🪝🐟 The demo gods were thankfully kind to me. 🙏 P.S. To anyone copying the session cookies character-by-character from the video feed - all the sessions have been invalidated. 🥲

Stephen Sims@Steph3nSims

Big thanks to @mrgretzky for a great stream on the latest in MFA bypass attacks with Evilginx and Phishlets 2.0! Each time web developers come up with new ways to secure things, Kuba is right there to find a workaround! You can watch the recording here: youtube.com/live/eeauoOYUw…

English

4.2K

Keanu Nys@RedByte1337·13 Mar

@CroodSolutions @_JohnHammond Thanks for sharing Mike!

English

Mike Manrod@CroodSolutions·13 Mar

IMHO, this is a must-watch video, showcasing why defending against account takeover is such a struggle. Outstanding episode by @_JohnHammond and @RedByte1337 - great research Keanu!! At the minimum, all red, SOC teams, and detection engineers, IMHO, should watch this.

John Hammond@_JohnHammond

GraphSpy: A Hacker's Tooling Deep Dive, video demos with the creator @RedByte1337! 🤩 Keanu shows me the wild things you can do for post-exploitation in Entra ID -- even adding a physical security key for persistence and a ton of other tricks 🤯 Video: youtu.be/qEtoKC32UoE

English

4.6K

Keanu Nys@RedByte1337·11 Mar

I recently sat down with @_JohnHammond to record a video about GraphSpy! 😁 We went over the most powerful features GraphSpy has to offer, and even showcased some of the new features that were added lately. This video is now live on his YouTube channel, so go check it out! 😉

John Hammond@_JohnHammond

English

9.2K

Keanu Nys@RedByte1337·24 Şub

@darthBoom @mrgretzky @ThinkstCanary I am very sorry 🫣

English

💥@darthBoom·24 Şub

@mrgretzky @ThinkstCanary Came as a surprise to me. Did some digging and found what might have been the cause of the change from Microsoft. Haven't found anything official tho... youtube.com/watch?v=z6GJqr…

YouTube

English

604

Kuba Gretzky@mrgretzky·24 Şub

What? How am I going to set up a @ThinkstCanary CSS Canarytoken to protect my tenant from those pesky Evilginx phishing attacks, now? 😐

English

6.2K

Keanu Nys@RedByte1337·31 Oca

Maximum 16-character password "for security reasons". 🤔 And what I find more surprising is the fact that the "<" character is not permitted either... Is this some poor attempt at preventing XSS? That would mean the password is displayed in cleartext somewhere on a web page...🤨

English

378

Keanu Nys@RedByte1337·30 Oca

I will be teaching the advanced version of the Attacking & Defending Azure Cloud bootcamp once again in February with @AlteredSecurity! Live, hands-on Azure red team training with realistic labs to sharpen both your Offensive and Defensive skills! 🔥 🔗 alteredsecurity.com/carte-bootcamp

English

606

Keanu Nys@RedByte1337·17 Oca

@mrgretzky Haha, thanks Kuba. Small stuff compared to what you achieved with Evilginx ofc 😜

English

151

Kuba Gretzky@mrgretzky·17 Oca

@RedByte1337 Well done, Keanu! To the moon! 😀👍

English

471

Keanu Nys@RedByte1337·17 Oca

GraphSpy just hit 1000 ⭐ on GitHub! What started as a personal side project is now used by pentesters around the world. Never imagined this as my first project, especially not in under 2 years. 🤯 I silently pushed v1.6 right before the holidays with powerful new features 😉

English

2.8K

Keanu Nys@RedByte1337·17 Oca

@mrd0x Thank you! 🙂

English

139

mr.d0x@mrd0x·17 Oca

@RedByte1337 Awesome job 👏

English

978

Keanu Nys@RedByte1337·17 Oca

@ZephrFish Thanks Andy! 😁

English

Andy Gill@ZephrFish·17 Oca

@RedByte1337 Great work dude

English

244

Keanu Nys@RedByte1337·17 Oca

Check out the new features under the Release Notes section: 🔗github.com/RedByte1337/Gr…

English

1.1K

Keanu Nys@RedByte1337·28 Kas

Wow, this almost passed by without me noticing👀 This is not how I envisioned GraphSpy to be covered in a @_JohnHammond video, but then again, it was only a matter of time before malicious actors used it. You just hope it is used for more good than bad when creating these tools.

John Hammond@_JohnHammond

Uncovered screen recordings from threat actors! 👀 Real footage of cybercriminals using anti-detect browsers and infostealer malware logs for session hijacking, and another using GraphSpy to read their Entra ID victim's emails in Outlook! 💀 Video: youtu.be/vX7JcpRqbEk

English

1.7K

Keanu Nys@RedByte1337·2 Kas

@_dirkjan @Thomasbyrne__ For now 😉 I hope for a bit longer, but we'll see. In theory, the October deadline has lapsed, so I guess you did indeed win from that perspective 😅

English

153

Dirk-jan@_dirkjan·2 Kas

@RedByte1337 @Thomasbyrne__ Still works for some at least 😅

English

201

Dirk-jan@_dirkjan·30 Eki

It appears the end is near(er) for the Azure AD Graph API with usage of the API now being blocked in one of my tenants with the AAD PowerShell module client ID. Found this out when trying to demo roadrecon 😬. Time to prioritize merging the MS Graph PR from @Thomasbyrne__

English

135

13.8K

Keanu Nys@RedByte1337·2 Kas

@_dirkjan @Thomasbyrne__ Whether the AAD Graph API would continue to work after the final deadline of October 2025 😅 Your guess was that it would still work for first-party client IDs. 🙈

English

151

Dirk-jan@_dirkjan·2 Kas

@RedByte1337 @Thomasbyrne__ I don't remember what we bet on but I hope I'm winning! 😂

English

281

Keanu Nys@RedByte1337·27 Eki

@JackRhysider I am biased, but this one seems nice 😜 youtu.be/z6GJqrkL0S0?si…

YouTube

English

486

Jack Rhysider 🏴‍☠️@JackRhysider·27 Eki

DefCon published the videos from this years talks on YouTube two weeks ago. Which ones should I watch?

English

389

46.9K

Keşfet

@fabian_bader @CroodSolutions @_JohnHammond @darthBoom @mrgretzky @ThinkstCanary @AlteredSecurity @mrd0x