Currently working on a deep-dive into a critical Teams guest access behaviour I discovered during testing.
My research shows how attackers can spin up fresh M365 tenants and completely bypass Defender protections by pulling users into external guests.
I’m documenting the attack flow, detection queries, and practical steps organisations can take to reduce exposure — learning a lot along the way.

#CyberSecurity #LearningInPublic #ThreatResearch #RedTeam #BlueTeam #Microsoft365 #Defender #SecurityCommunity …

Learn MoreImpact Assessment: How Guest Access Affects Threat Detection in Office 365

Introduction to Brutus Challange I want to share some tips for approaching the Brutus challenge. Sherlock Scenario on Brutus Brutus is an entry-level DFIR challenge with two artifacts: auth.log and wtmp. The goal is to trace an SSH brute-force attack where the

Continue ReadingHack The Box: Brutus Sherlock Challange – Very Easy Difficulty

Introduction to Meerkat Challange I want to share some tips for approaching the Meerkat challenge. Sherlock Scenario on Meerkat A zip file has been provided, containing a .pcap file that captures network traffic from the timeframe of the suspected compromise. Additionally, a

Continue ReadingHack The Box: Sherlock Meerkat Walkthrough – Easy Difficulty

Case Scenario 1. Analyzing Domain Controller Security Logs, can you confirm the date & time when the kerberoasting activity occurred? 2. What is the Service Name that was targeted? 3.It is really important to identify the Workstation from which this

Continue ReadingHack The Box: Campfire-1 Sherlock Walkthrough – Very Easy Diffcuility

In this post, I would like to share some walkthroughs on the Sherlock Challenges such as LockPick2.0 which can be considered a Hard Difficulty Case Study for LockPick2.0 Challenge Firstly, we need to extract the zip file of lockpick2.0 which provide us with

Continue ReadingHack The Box: LockPick2.0 Sherlock Challenge – Hard Diffculity