Uncategorized

Impact Assessment: How Guest Access Affects Threat Detection in Office 365

by darknite
2025-12-02

Currently working on a deep-dive into a critical Teams guest access behaviour I discovered during testing.
My research shows how attackers can spin up fresh M365 tenants and completely bypass Defender protections by pulling users into external guests.
I’m documenting the attack flow, detection queries, and practical steps organisations can take to reduce exposure — learning a lot along the way.

#CyberSecurity #LearningInPublic #ThreatResearch #RedTeam #BlueTeam #Microsoft365 #Defender #SecurityCommunity

Abusing Sudo’s chroot: CVE-2025-32463 Explained

by darknite
2025-07-02

CVE-2025-32463 – Local Privilege Escalation via Sudo’s chroot Option
I recently explored a vulnerability in Sudo that allows unprivileged users to escalate to root by abusing the rarely used -R (chroot) feature and manipulating nsswitch.conf. Tested on Parrot OS, this PoC demonstrates how easy it is to gain root shell access when Sudo < 1.9.17p1 is installed. If you're running Linux, patch immediately or compile Sudo from source to version 1.9.17p1 or later. Stay safe, patch early. #CyberSecurity #Linux #CVE2025 #PrivilegeEscalation #InfoSec #ExploitDevelopment #Sudo #BlueTeam #RedTeam #ParrotOS #ThreatHunting #VulnerabilityResearch

Hack The Box: Brutus Sherlock Challange – Very Easy Difficulty

by darknite
2025-01-04

Introduction to Brutus Challange I want to share some tips for approaching the Brutus challenge. Sherlock Scenario on Brutus Brutus is an entry-level DFIR challenge with two… Read More »Hack The Box: Brutus Sherlock Challange – Very Easy Difficulty

Hack The Box: Sherlock Meerkat Walkthrough – Easy Difficulty

by darknite
2025-01-01

Introduction to Meerkat Challange I want to share some tips for approaching the Meerkat challenge. Sherlock Scenario on Meerkat A zip file has been provided, containing a… Read More »Hack The Box: Sherlock Meerkat Walkthrough – Easy Difficulty

Hello world!

by darknite
2024-10-24

Welcome to A WP Life Demo Website Network. This is your first post. Edit or delete it, then start blogging!

Hack The Box: Campfire-1 Sherlock Walkthrough – Very Easy Diffcuility

by darknite
2024-06-26

Case Scenario 1. Analyzing Domain Controller Security Logs, can you confirm the date & time when the kerberoasting activity occurred? 2. What is the Service… Read More »Hack The Box: Campfire-1 Sherlock Walkthrough – Very Easy Diffcuility

Hack The Box: LockPick2.0 Sherlock Challenge – Hard Diffculity

by darknite
2024-05-03

In this post, I would like to share some walkthroughs on the Sherlock Challenges such as LockPick2.0 which can be considered a Hard Difficulty Case Study for LockPick2.0… Read More »Hack The Box: LockPick2.0 Sherlock Challenge – Hard Diffculity

Protected: Hack The Box: Toxic Challenge – Easy Difficulty

by darknite
2023-11-10

There is no excerpt because this is a protected post.

Hack The Box: Inject Machine Walkthrough – Easy Difficulty

by darknite
2023-07-09

In this post, I would like to share a walkthrough of the Inject Machine from Hack the Box This room will be considered an Easy machine… Read More »Hack The Box: Inject Machine Walkthrough – Easy Difficulty

Protected: PG: InsanityHosting Machine Walkthrough – Hard Difficulty

by darknite
2023-06-18

There is no excerpt because this is a protected post.