Security Testing Journal Entry | w/e Friday October 3, 2025 - "Besides the BSides" Ed.

Security Testing Journal Entry | w/e Friday {{month}} {{day}}, 2025 - “{{ Theme }” Ed.

Highlights for the week

Got a great feeling about October, and from the looks of my calendar .. that is justified!! Mentee wants in on Pen Testing action. And I'm volunteering for BSidesNYC ... woot!

What We’re Grateful For

1. I get to be here.
2. Got a great family.
3. Some money was given to us for good use.
4. New opportunities showing up.

What We Loved

1. Finally getting to go to BSidesNYC and volunteering.
2. Gandalf Hacking posponed to next week.
3. Got some great feedback with the AI prompt on "Husb.." fight scene.
4. Re-assessed finances and consolidated a lot of balances down to two cards. Gotta make that money!!
5. Got around to scheduling new appointment for DMV.
6. Got a new doctor and hoping I can get to the new endo. This low-t thing is killing me

What We Learned

1. Finished Module 4 for Google Prompt and came away learnig A LOT about prompts.
2. Reading: WAHH Chapter 13 - [Status: In Progress]
3. Hacking: TCM - Module 9 [Status: To Do!]
4. Writing: Leveraged AI to expand on the fight scene between Mara and Dee. [Status: Done!] The feedback was amazing!
5. Pen Testing (Bug Crowd): Need a new PT starting next week.
6. Burp Suite: Bus. Logic flaws - [Status: Not Started!]. About to start CSRF, which aligns with the section in Chapter 13 of WAHH.
7. QA Day: Continued work over the weekend [Status: In Progress]
8. Gandalf AI - hacked around and did not find out! Prompt injection attack for level 1: [Status: In Progress!]

What We Longed For

1. A great job doing cool sh**, with amazing people, making decent $$$ and benefits! Applied again to Perplexity (fingers crossed!)

What We Loathed

1. Job Market in 2025. Unemployment is a real drag.

Security Testing Journal Entry | w/e Friday September 26 - "The Rapture Cometh" Ed.

Highlights for the week

Around the world, this was an eventful week. The 47th president of the US continues to walk a path towards authoritarianism that no one is challenging him on. The death of a conservative influencer has done more to divide people than to unify them in solidarity against political violence. Tons of new hacking incidents. And the makers of AI are looking to spin up data centers that will each require the electricity of a small city to run, and millions of gallons of water to keep cool. Resources our infrastructure is incapable of supporting, yet money that could go towards improving the quality of our country is being diverted to these endeavors. It's a fast-moving freight train on a downward-sloping greased track with no brakes, headed towards a cliff.

Then there were rumors that caught fire, spread by some priest in So. Africa, that the rapture was iminent and that we would be wise to take action and repent!

As for me: I had a "down" week. Just didn't feel the verve to do much of anything. I fought the good fight in my head to stay disciplined in my workouts, but as for job hunting and learning stuff .. there was just little to no wind in my sails. Perhaps it's low-t, or the unemployment effects of all these rejections, but I'm on the last month before things go tit's up and not even so much as a ping! from recruiters. Also, I got the "thank you, next" email from Spotify. I didn't think I had a chance, but it was worth a try. Not really broken up about it.

My son found pictures of me, back when I was in my 20s and full of promise. Still broke, but not nearly as traumatized by life. Can't remember if it was pre- or post-Andrea, but I just remember the good times. I want to be that happy again. I am not defined by my past. I am refined by it. And it's awesome to say I still have time to choose who I want to be.

What We’re Grateful For

1. Friends, referals, and good internet.
2. I get to be here, another day.
3. Family .. and a full 'fridge.
4. As always, great health.

What We Loved

1. This week was m'eh .. so not a lot to love. Cooking is always a blast!

What We Learned

1. Reading: WAHH Chapter 13 - [Status: Not started]
2. Hacking: New Weekly lesson with TCM - Foundational set up of lab for Active Directory. Module 9 is where it gets good. [Status: Done!]
3. Writing: Need to expand on fight scene between Mara and Dee. [Status: Not started]
4. Pen Testing (Bug Crowd): Continued Pen Test for items in scope for SR [Status: Closed]. Need a new PT.
5. Burp Suite: Bus. Logic flaws - [Status: Paused]; Did SSRF instead. [Status: Done!]
6. QA Day: Continued work [Status: In Progress]
7. Gandalf AI - hacked around and did not find out! Prompt injection attack for level 1: [Status: In Progress]

What We Longed For

1. As always .. a good job, making good money, with good people, doing cool sh**!
2. Miss being in love; being held; kissing; s-e-x

What We Loathed

1. Still sitting at 85% of no!

Security Testing Journal Entry | w/e Friday September 19, 2025 - “And the beat goes on .. and on!” Ed.

Highlights for the week

Fall is around the corner and the weather has been spectacular. Gone are the days of high heat and humidity. Crisp temperatures, cool breezes, and sunny days are here. Job search has been abysmal. The cycle the same: see the job post > apply for the job > get rejected > see the job reposted.

Been listening to a lot of stoic philosophy videos on YouTube and have really improved my mindset. I've shut down the negative self-talk and I've replaced it with positive affirmation. I keep looking back on my time at Secure Ideas, and the more I study what went right and what went wrong, I am coming to understand that there was a lot I should have done better. I wasn't working to the level of my experience and I was humbled by just how much I still have to learn. The lessons learned were: need more experience; need to write better; blogging matters for the company in terms of sales and marketing; need more practice with portswigger pro!

How I'm improving on those weaknesses:

1. Been trying to find new projects in bug crowd, but struck out with a recent engagement. Will keep hunting for new ones.
2. Wrote up a report for a recent project (NFL). Need to keep that up.
3. Been learning a lot about AI. Does it help with pen testing? No. But I also learned how to hack them, so out of curiosity, I've taken a course on prompt engineering and read a book on agentic security. It's moving me in a particular direction ... a fun one.
4. As for Portswigger, I only have the community edition so the issues that caused me problems at SI will remain unfixed for the time being.

What We’re Grateful For

1. Grateful that MIL provided us with lunch and food.
2. Grateful for friends in great places.
3. Grateful that I get to wake up and enjoy another day of good health, vitality, and well-being.
4. I get to be here .. now .. making the most of my time to stay happy and productive.

What We Loved

1. Jumped on a new opportunity for a completely new role at Spotify. I'll be happy if I get it, but cool with not. It's a new challenge.
2. Applied to Spirit Halloween store .. a fun seasonal gig. I'm not above seasonal work at this point. Some money is better than no money.
3. And while I'm on the work tip, some new U-Tests sprang up adding to a packed schedule. It's impacted some personal projects which keep getting pushed further back.
4. New Deadlift achievement - 270lbs. Personal best is still 305lbs.
5. While on the workout subject, my son is now part of my morining routines. He is motivated to start exercising .. very cool! It has however altered my mornings significantly
6. Joined BSides-NYC as a volunteer. That starts in October, so super excited for that.
7. While on the networking subject, Joined "Raices Cyber" - NYC Chapter. A latin-american group focused on Cybersecurity. Need to up my networking game tremendously. As the saying goes, "you are the sum of the 5 people you surround yourself with." Right now, I have no one. :'(

What We Learned .. a busy week!!

1. Reading: Read "Securing-Agentic-Applications-Guide-1.0" and learned several new things and frameworks to play with. [**Action item]Gandalf AI Hacking .. start!
2. Reading: WAHH Chapter 13 - paused for work and additional tasks. This is for fun so less of a priority. [**Action item] Get back on it.
3. Hacking: New Weekly lesson with TCM. Learned about brute-forcing logins, password spraying, and HTB. [**Action item] Need to renew that membership
4. Writing: "Husb" New chapter about reconings. Need to expand on fight scene between Mara and Dee.
5. Work: A couple of new U-Test projects popped up forcing me to recalibrate my task list and reading.
6. Pen Testing (Bug Crowd): New project started required credentials. After scoping, not a lot was possible. Will revisit scope and targets and try to test the write the report. It's all about the reps.
7. Burp Suite: Bus. Logic flaws - paused for work; shall resume over the weekend as time allows.
8. QA Day: Started practicing Playwright with typescript. The cool lesson learned: used Gemini to optimize my code for improved readibility. Something I wish I had done at Unqork.

What We Longed For

1. As always .. a job, money, health benefits.

What We Loathed

1. The job market in 2025

Security Testing Journal Entry | w/e Friday September 12, 2025 - "Productive Week" Ed.

Highlights for the week

It was really a good week, personally. Accomplished a lot of what I set out to do with TCM and the Pen Testing. Job hunting still a slog, but I'm really positive something will turn up soon. I think my resume is working against me, but I also think having the "Security Consultant" role on there when looking for QA roles might be problematic. I dunno!!

Finally got some health insurance, so it will be interesting to look into getting my hormones checked out. All the symptoms of low-T are present: Vision is hazy at times; libido is in the toilet; no weight loss despite a consistent workout regiment; testicular atrophy. So bad!!

As I close another week, I'm grateful I have the means to keep the house happy. My son is making moves and getting started on his future. Wife is nesting for the holidays and getting into the Halloween spirit. I need to be the pillar they can rely on. Been focusing on stoicism and getting my mind back to a good place. So far, so good! Gotta keep grinding!

What We’re Grateful For

1. I get to be here!
2. I get to wake up to a comfortable bed.
3. I have my health and well being.
4. I get to have a home where I can learn cool things.

What We Loved

1. It was a good week!

What We Learned

1. Pen Testing - Finished NFL web app pt. Wasn't able to get to the mobile apps. Known issues kept testing. Lost a little momentum coming back from vacation.
2. TCM - Completed Week 6 and learned a lot about enumeration during the external network pen testing effort. Need to look into HTB servers.
3. AI - Learned to prompt more effectively. Need to practice Gandalf AI hacking !!So Fun!!
4. WAHH - Moving through chapter 13; Read about HTML injection. The lesson is to keep the inputs sanitized, have anti-clickjacking in place.
5. Portswigger - behind on revisiting the "Business Logic Flaws" module. Will make time for it on the weekend.

What We Longed For

1. As always, needing a job .. a good job. Praying for that good job doing cool things with great people.

What We Loathed

1. The lack of phone calls and fake job posts after 4 months is bad.

Security Testing Journal Entry | w/e Friday Sept. 5, 2025 - "Rested, Relaxed, and Recharged" Ed.

Highlights for the week

Coming home from a much needed vacation was awesome. The 10 days spent away from everything was necessary. While I didn't get the chance to actually sit with myself and reflect on what I want out life, I wasn't dwelling on the dumbshit I've done. I still feel a bit down about what happened at SI, and my confidence is at an all time low, but this week has been full of small wins and I'm feeling a little better. Sometimes I do get those pangs of guilt and self-loathing. The gym is my therapy and I have been the most disciplined as I have ever been in my workouts. I still don't have a solid diet, but I try not to eat like trash either. I aim to apply that discipline to my studies and work habits.

What We’re Grateful For

1. Grateful to have been able to spend time away from the job rejection madness.
2. Dark days at the start of the week lead to beautiful days (Friday!!)
3. Grateful to be back to good physcial health, still working on the mental.

What We Loved

1. Continued with Bugcrowd PT .. need to tackle the areas I marked off as points of interest. The week has been busy!!
2. New pen test - app is https://voocab.com, and the backend url is https://api.voocab.com. Gave it a solid 6 hours of my day, pro bono! Client was happy.
3. Picked up U-Test Application at the start of the week .. made some $$

What We Learned

1. Portswigger practice with business logic flaws - post-poned to the weekend.
2. WAHH Chapter 12 - completed; Chapter 13 started.
3. TCM Lesson - On to week 6; need to complete the assignment of building out the Lab.

What We Longed For

1. Should strongly consider making more contributions to my github by way of 2025 projects. Typescript, anyone?

What We Loathed

1. Rejections! Getting the rejection email then seeing the job again reposted later makes me wonder why they bother.

Security Testing Journal Entry | w/e Friday August 15, 2025 - "Vacation" Ed.

Highlights for the week

It has been another quiet uneventful week. Some jobs applied to. Some jobs rejected. The circle keeps turning. I don't quite feel the fire like I once did. I'm trying really really hard to reignite the passion, but I've never been more disillusioned, disheartened, and disappointed in myself. I working on healing and silencing the negative talk, but every-so-often I'm haunted by the failures and the mistakes. Every week that goes by is a week that I kick myself for doing all the dumb sh*** that brought me back to the dark place ... the place I fought so hard for the last two years to get out of.

On a personal level, I've been listening to a lot of Jim Rohn and his videos have helped me get into a better headspace. Some of the quotes include:

1. Failure is part of the process. YOU'RE NOT A FAILURE - YOU ARE FORMING!!
2. Falling short is learning.
3. Keep showing up. Some days will feel like nothing is working. Keep going. Keep showing up for yourself. 1000 imperfect steps

Two main things I want to focus on for this trip: PUROPOSE and REBUILDING TRUST

1. Purpose: is living in alignment with your values, your standard, not someone else's expectations.
2. Rebuilding Trust: Rebuild trust by aligning your actions with your values.
3. Character is built by your habits, repetition, and daily decisions.

Conclusion: Quit doing the dumb shit!! Stay disciplined. Discipline is the highest form of self-love. It rebuilds compassion. It rebuilds confidence and trust .. one small action at a time. One win every day. Stay consistent. Repeatedly.

Non-sequitor: I really need to get myself checked out. Feeling all the symptoms of low-t and possibly enlarged prostate.

What We’re Grateful For

1. Grateeful that I get to wake up and enjoy another week.
2. Looking forward to the upcoming cruise and much needed escape from the dark cloud.
3. Grateful that I have the energy and

What We Loved

1. Love that vacation is next week. Going to rest, relax, reset, and reprioritize. Another cruise w/o a job is icky, but these are not fun times!!

What We Learned

1. Started a new pen test project given its football season, it only made sense to test NFL.com
2. Learned about Portswigger's SQL Lab - Visible error-based SQL injection to finish WAHH Chapter 9. Without PRO version, this was a daunting suite of labs.
3. Completed week 4 of the Network Pen Testing videos. I'll probably double up on the lessons when I come back from break.
4. WAHH - Chapter 11, just started and learned about some scenarios involving exploiting flaws in business logic

What We Longed For

1. As always, longing for a paychcek

What We Loathed

1. The fact AI is becoming the excuse for laying off so many people.
2. Hating the job hunting process. Getting rejected from a job only to see it reposted is enfuriating
3. Registered for DOL Cybersecurity training only to find out it was not as advertised

Security Testing Journal Entry | w/e Friday August 8, 2025 - "Weak Week" Ed.

Highlights for the week

Another week where emails and phone calls were silent with job prospects. It has been exactly 3 months since my time and SI and as I've written before, I'm not handling it well. I should have been happily employed, celebrating ONE YEAR in my new role as a security consultant. Instead, I'm back in the gulag of my own ineptitude. I haven't been sleeping well. My workouts have been steady, but not seeing the progress. And I'm gaining weight .. thinking its a low-t thing. The lonliness of not having anyone reaching out, or the fear that I may never land another job is really weighing on me. The motivation to even get up and keep moving forward has been tough. Discipline is how I operate.

The phrase, YOU FALL TO THE LEVEL OF YOUR TRAINING keeps bouncing around in my mind. As I meditate, I'm beginning to see just how true it is to everything I do and who I am.

Accepted another QA test cycle on U-Test (yay!)

Struck out on yet another HackerOne Pen Test (boo!)

What We’re Grateful For

1. I am absolutely grateful that I still have air in my lungs, food in the 'fridge, and money in the bank. God is not done with me.
2. Grateful that I get to watch my son coming to his own with new opportunities.
3. Grateful that my partner hasn't left. I've given her plenty of reasons.
4. New workout - alternating days off. Days Off = active rest days, so no real laziness

What We Loved

1. Not a lot to love this week.

What We Learned

1. Learned to test localization on native android app for Red Cross
2. Network Pen Test week 3 in the bag - bult a crappy network scanner

What We Longed For

1. Longing for a proper job.

What We Loathed

1. Nothing to really loathe except for the situation I am in of my own doing.