Security Testing Journal Entry | w/e Friday September 12, 2025 - "Productive Week" Ed.

Highlights for the week

It was really a good week, personally. Accomplished a lot of what I set out to do with TCM and the Pen Testing. Job hunting still a slog, but I'm really positive something will turn up soon. I think my resume is working against me, but I also think having the "Security Consultant" role on there when looking for QA roles might be problematic. I dunno!!

Finally got some health insurance, so it will be interesting to look into getting my hormones checked out. All the symptoms of low-T are present: Vision is hazy at times; libido is in the toilet; no weight loss despite a consistent workout regiment; testicular atrophy. So bad!!

As I close another week, I'm grateful I have the means to keep the house happy. My son is making moves and getting started on his future. Wife is nesting for the holidays and getting into the Halloween spirit. I need to be the pillar they can rely on. Been focusing on stoicism and getting my mind back to a good place. So far, so good! Gotta keep grinding!

What We’re Grateful For

1. I get to be here!
2. I get to wake up to a comfortable bed.
3. I have my health and well being.
4. I get to have a home where I can learn cool things.

What We Loved

1. It was a good week!

What We Learned

1. Pen Testing - Finished NFL web app pt. Wasn't able to get to the mobile apps. Known issues kept testing. Lost a little momentum coming back from vacation.
2. TCM - Completed Week 6 and learned a lot about enumeration during the external network pen testing effort. Need to look into HTB servers.
3. AI - Learned to prompt more effectively. Need to practice Gandalf AI hacking !!So Fun!!
4. WAHH - Moving through chapter 13; Read about HTML injection. The lesson is to keep the inputs sanitized, have anti-clickjacking in place.
5. Portswigger - behind on revisiting the "Business Logic Flaws" module. Will make time for it on the weekend.

What We Longed For

1. As always, needing a job .. a good job. Praying for that good job doing cool things with great people.

What We Loathed

1. The lack of phone calls and fake job posts after 4 months is bad.

Security Testing Journal Entry | w/e Friday Sept. 5, 2025 - "Rested, Relaxed, and Recharged" Ed.

Highlights for the week

Coming home from a much needed vacation was awesome. The 10 days spent away from everything was necessary. While I didn't get the chance to actually sit with myself and reflect on what I want out life, I wasn't dwelling on the dumbshit I've done. I still feel a bit down about what happened at SI, and my confidence is at an all time low, but this week has been full of small wins and I'm feeling a little better. Sometimes I do get those pangs of guilt and self-loathing. The gym is my therapy and I have been the most disciplined as I have ever been in my workouts. I still don't have a solid diet, but I try not to eat like trash either. I aim to apply that discipline to my studies and work habits.

What We’re Grateful For

1. Grateful to have been able to spend time away from the job rejection madness.
2. Dark days at the start of the week lead to beautiful days (Friday!!)
3. Grateful to be back to good physcial health, still working on the mental.

What We Loved

1. Continued with Bugcrowd PT .. need to tackle the areas I marked off as points of interest. The week has been busy!!
2. New pen test - app is https://voocab.com, and the backend url is https://api.voocab.com. Gave it a solid 6 hours of my day, pro bono! Client was happy.
3. Picked up U-Test Application at the start of the week .. made some $$

What We Learned

1. Portswigger practice with business logic flaws - post-poned to the weekend.
2. WAHH Chapter 12 - completed; Chapter 13 started.
3. TCM Lesson - On to week 6; need to complete the assignment of building out the Lab.

What We Longed For

1. Should strongly consider making more contributions to my github by way of 2025 projects. Typescript, anyone?

What We Loathed

1. Rejections! Getting the rejection email then seeing the job again reposted later makes me wonder why they bother.

Security Testing Journal Entry | w/e Friday August 15, 2025 - "Vacation" Ed.

Highlights for the week

It has been another quiet uneventful week. Some jobs applied to. Some jobs rejected. The circle keeps turning. I don't quite feel the fire like I once did. I'm trying really really hard to reignite the passion, but I've never been more disillusioned, disheartened, and disappointed in myself. I working on healing and silencing the negative talk, but every-so-often I'm haunted by the failures and the mistakes. Every week that goes by is a week that I kick myself for doing all the dumb sh*** that brought me back to the dark place ... the place I fought so hard for the last two years to get out of.

On a personal level, I've been listening to a lot of Jim Rohn and his videos have helped me get into a better headspace. Some of the quotes include:

1. Failure is part of the process. YOU'RE NOT A FAILURE - YOU ARE FORMING!!
2. Falling short is learning.
3. Keep showing up. Some days will feel like nothing is working. Keep going. Keep showing up for yourself. 1000 imperfect steps

Two main things I want to focus on for this trip: PUROPOSE and REBUILDING TRUST

1. Purpose: is living in alignment with your values, your standard, not someone else's expectations.
2. Rebuilding Trust: Rebuild trust by aligning your actions with your values.
3. Character is built by your habits, repetition, and daily decisions.

Conclusion: Quit doing the dumb shit!! Stay disciplined. Discipline is the highest form of self-love. It rebuilds compassion. It rebuilds confidence and trust .. one small action at a time. One win every day. Stay consistent. Repeatedly.

Non-sequitor: I really need to get myself checked out. Feeling all the symptoms of low-t and possibly enlarged prostate.

What We’re Grateful For

1. Grateeful that I get to wake up and enjoy another week.
2. Looking forward to the upcoming cruise and much needed escape from the dark cloud.
3. Grateful that I have the energy and

What We Loved

1. Love that vacation is next week. Going to rest, relax, reset, and reprioritize. Another cruise w/o a job is icky, but these are not fun times!!

What We Learned

1. Started a new pen test project given its football season, it only made sense to test NFL.com
2. Learned about Portswigger's SQL Lab - Visible error-based SQL injection to finish WAHH Chapter 9. Without PRO version, this was a daunting suite of labs.
3. Completed week 4 of the Network Pen Testing videos. I'll probably double up on the lessons when I come back from break.
4. WAHH - Chapter 11, just started and learned about some scenarios involving exploiting flaws in business logic

What We Longed For

1. As always, longing for a paychcek

What We Loathed

1. The fact AI is becoming the excuse for laying off so many people.
2. Hating the job hunting process. Getting rejected from a job only to see it reposted is enfuriating
3. Registered for DOL Cybersecurity training only to find out it was not as advertised

Security Testing Journal Entry | w/e Friday August 8, 2025 - "Weak Week" Ed.

Highlights for the week

Another week where emails and phone calls were silent with job prospects. It has been exactly 3 months since my time and SI and as I've written before, I'm not handling it well. I should have been happily employed, celebrating ONE YEAR in my new role as a security consultant. Instead, I'm back in the gulag of my own ineptitude. I haven't been sleeping well. My workouts have been steady, but not seeing the progress. And I'm gaining weight .. thinking its a low-t thing. The lonliness of not having anyone reaching out, or the fear that I may never land another job is really weighing on me. The motivation to even get up and keep moving forward has been tough. Discipline is how I operate.

The phrase, YOU FALL TO THE LEVEL OF YOUR TRAINING keeps bouncing around in my mind. As I meditate, I'm beginning to see just how true it is to everything I do and who I am.

Accepted another QA test cycle on U-Test (yay!)

Struck out on yet another HackerOne Pen Test (boo!)

What We’re Grateful For

1. I am absolutely grateful that I still have air in my lungs, food in the 'fridge, and money in the bank. God is not done with me.
2. Grateful that I get to watch my son coming to his own with new opportunities.
3. Grateful that my partner hasn't left. I've given her plenty of reasons.
4. New workout - alternating days off. Days Off = active rest days, so no real laziness

What We Loved

1. Not a lot to love this week.

What We Learned

1. Learned to test localization on native android app for Red Cross
2. Network Pen Test week 3 in the bag - bult a crappy network scanner

What We Longed For

1. Longing for a proper job.

What We Loathed

1. Nothing to really loathe except for the situation I am in of my own doing.

Security Testing Journal Entry | 90 Day Evaluation

Evaluating the past 90 days since my separation of employment from Secure Ideas

What We’re Grateful For

1. First and foremost, I am beyond grateful that I get to wake up, have food in the 'fridge, and clothes on my back.
2. I am grateful to the Lord (and grandma watching above) for answering my prayers. All outcomes were self-inflicted.
3. Grateful to have the opportunity to continue with my security testing journey, having all my faculties in place.
4. Grateful that I have a wonderful family and that we are getting through this as a united front.

First 30 Days: 1 - 30

Post firing, I was a mess. I was a combination of self-doubt, frustration, anger, depression, anxiety, and rage. Above all, I was disappointed. I let my friends, family, co-workers, mentor, and everyone else down. I was ashamed at failing ... yet again ... through my own negligence. At the end of the day, I had no one to blame but myself. I wrote up several red flags I uncovered as I reflected on my 9-months at SI, but this all on me.

The job search in the first 30 days was abysmal. I was frustrated to be back under the dark clouds that had plagued me for the past 2 years. Embarassed to have to file for Unemployment Insurance .. again. Humiliated at the thought of having to return to Welfare / SNAP.

Spiritually, I was a mess. Full of doubts, hopelessness, and lack of motivation. I was in a downward spiral of self-induced chaos.

By the last week of that first month, I had a breakdown and cried a bit. I motivated myself to reflect on what went well and where I failed, and just wrote about it.

Next 30 Days: 31 - 60

The job search is still a shit-show. No real progress. Not even so much as one interview.

Finding time to revisit and re-learn new skills. HackerOne has been a small blessing. Haven't made much progress as I keep finding crappy projects, but it its all about the grind at this point.

Made some new connections. Tried to reach out to recruiters .. no answer.

Recent 30 Days: 61 - 90

Professionally, things are not any better. To date: 62 jobs applied, 21 declined. Just as many have not responded at all.

Personally, in a much better place. I've been getting back into the spirit of things. Working out has helped. Sleeping better too. Set a routine of consistent workouts, steady work, job hunting, and making time for education.

Vacation in 16 days!!

*** RETROSPECTIVE QUESTIONNAIRE | EXTREME OWNERSHIP ***

Q1. What were the problems that lead up to your termination at SI?

• Issue-01: Performance - I was not performing to the level of my role and fell way behind the matrix to level up.
• Issue-02: Reporting - I was under performing when it came to reporting, making it unecessarily burdensome when collaborating with others. This was proven in the last two reports prior to my dismissal in May. Although feedback was positive and encouraging, too little .. too late.
• Issue-03: Testing - I was irresponsible testing file upload component and stupidly pulled in a link I had recently downloaded from a zoom invite, hoping the component was going to reject it.
• Issue-04: Technical Accumen - Still had some demonstrable concerns as it related working with burp suite pro!
• Issue-05: Communications - Subpar quality as it related to blog posts which revealed communication issues and inexperience.
• Issue-06: Social Engagement - There was a lack of community engagement. I was not getting the right opportunities nor was I actively taking the initiative to make this happen.

Q2. What were the consequences?

• Issue-01: Performance - The consequnce of not being level-set properly was failing to meet expectations set for the current level I was working towards.
• Issue-02: Reporting - As stated, I was improving. I did well on reports that had contributors with solid notes. I struggled bad when context was missing. The consequence, especially in the last two reports was extensive re-writes, editing, and delays. Up to that point, I never ever had a report go out late.
• Issue-03: Testing - This was a complete aberration. I should have known better. The consequence was a potential violation of some policy as well as introducing unnecessary risk to the client.
• Issue-04: Technical Accumen - Needed a lot of help from superiors to get me to a good point.
• Issue-05: Communications - Blogging required work.
• Issue-06: Social Engagement - N/A

Q3. How did this hurt the team?

• Issue-01: Performance - Showed I could not be relied on to get the job done.
• Issue-02: Reporting - Added unnecessary work to others on the team.
• Issue-03: Testing - Placed the team in a precarious position, even if it lead to a good vulnerability finding.
• Issue-04: Technical Accumen - Constantly needing help instead of being self reliant proved burdensome.
• Issue-05: Communications - Not really an impact to the team as my work never made it out of draft. It did waste people's time.
• Issue-06: Social Engagement - Nothing bad .. but no way for me to promote SI to the NYC family. Still felt too new!

Q4. How will you prevent a future occurrence?

• Issue-01: Performance - Keep practicing!! Will work twice as hard and keep practicing to improve. Will need certification(s) a.s.a.p!
• Issue-02: Reporting - Keep practicing!! Remember that not every team has the same process .. but follow it and get help when stuck. Use AI!!
• Issue-03: Testing - Keep practicing!! Ask questions when in doubt.
• Issue-04: Technical Accumen - Keep practicing!!
• Issue-05: Communications - Keep practicing!! Work at improving your writing skills to be more technical. Time and experience will play a large role.
• Issue-06: Social Engagement - Keep looking for new opportunities!!

TAKE ACTION - EXECUTE! PROVE THAT YOU CAN BE COUNTED ON .. FOR YOURSELF, YOUR FAMILY, AND YOUR FUTURE. DON'T QUIT!!

Security Testing Journal Entry | w/e Friday July 25, 2025 - "Chances Past, Present & Future" Ed.

Highlights for the week

CELEBRATING WINS:

A decent week of jobs applied to. Sadly, a few rejections. The market for 2025 is the worst that it has been in quite some time. I'm not about to be one of those who is going to bitch and moan about how bad things are. Although my energy this week has been somewhat low, I have to put out the good vibes. Positive Mindset and what-not!!

I haven't deposited my Secure Ideas retirement. Gotta wait until I actually have low enough funds to show a need for Medicaid/Snap (again!!). Another company had some money sitting in an account that was still available. Got that situation squared away and more money made its way to my bank (yay!).

I'm back on the HackerOne circuit, trying my luck at another pen test. I opted for a network pt, but I wasn't able to gain anything out of it. The new engagement has issues around logins and I'm blocked. Job search is still a grind!

What We’re Grateful For

1. I prayed, God answered in the form of another blue jay feather .. a good luck charm
2. Grateful as always that I get to wake up, work out, and live with food in the 'fridge, a roof over my head, and clothes on my back
3. Looking forward to the upcoming vacation for Lorenzo's graduation. I will NOT be bringing low-vibes to this vacation like I did on Royal Caribbean
4. I will forever be grateful for the support of wife (desipte wanting the divorce some time back), and support of mom

What We Loved

1. Prayed to God and feel like things are going to happen when they are meant to happen

What We Learned

1. Finally started the "Network" Pen Test video lecture series. First weeks was getting the environment set up
2. Moving through Portswigger stuff - tried my luck at "Mystery Labs" and found some were challenging
3. WAHH - Chapter 10 ... near complete. Bit of a grind, but all good stuff. A lot to learn
4. Made some new connections on LI

What We Longed For

1. Miss my security job more and more, but I'm humbled by how much I still have to learn

What We Loathed

1. More rejections this week
2. Reached out to a few recruiters and not one responded back

Security Testing Journal Entry | w/e Friday July 18, 2025 - "Downward Facing Slog Ed."

Highlights for the week

Not a lot of highlights for this week. Started the week off with a rejection. Feeling like I'm never going to land a new job in Security. Posted a mini-rant about it, and got somewhat skewered by the community. Maybe its me and I'm wrong. The consensus was that hiring folks will tend to favor CVEs (Common Vulnerabilities & Exploits) as proof-of-experience, over none. I want to keep going, but this week is a drag. Tuesday was a rough day. Over 40 jobs applied to, and still not one word in the positive. I've reached out to some recruiters expressing interest, nothing but silence.

Wednesday through Friday were productive, and it's been a drag to get to the gym, but I got it done. Sitting here on a Saturday and I'm tired .. mentally and physically. No Leg day for me. I realized I had worked out from last Saturday through Thursday straight.

What We’re Grateful For

1. Still have my health.
2. Upcoming trip for son's graduation.
3. Wife is still around, amazing as ever. This 'quiet divorce' has been weighing on me and it's all my fault! Another thing I need to fix.

What We Loved

1. Not a lot to love this week.

What We Learned

1. Sat through an amazing walk-thru on attacking LLMs
2. CVEs are the way to go for recruitment and landing a job as a Pen Tester.
3. Working through another HackerOne job. Not a lot happening .. just going through the motions.
4. Finished Chapter-9 of WAHH. It's about attacking Data Stores, SQL injection and what-not.

What We Longed For

1. A great job and a great paycheck. I had it then lost it.

What We Loathed

1. Getting rejected from a good job.
2. Failing the assessment, yet not getting word on what was missed. Definitely gotta try harder!