Security Testing Journal Entry | w/e Friday October 31, 2025 - “Halloween Hopes” Ed.

Highlights for the week

Halloween week kicks off with an amazing assortment of treats and scaries. Still, it's been a productive week.
Treat: Oreos w. Reese's Peanut Butter is a great treat.
Trick: the layoffs haven't stopped ...

1. GM - 1,700
2. Meta - 9,000
3. Target - 1,000
4. Paramount - 2,000
5. Amazon - 30,000
6. Microsoft - 6,000 (on top of the 9,000 from earlier in the year)
7. UPS - 4,800
8. Nestle - 16,000
9. Lufthansa - 4,000
10. Intel - 4,000
I have to wonder if I'm ever going to land a job considering most companies are going through hiring freezes. The longer I'm out of work, the worse it looks.

What We’re Grateful For

1. Fun halloween spirit and an awesome family to share it with.
2. I get to wake up and enjoy good health and good food.
3. I get to look forward to a fun weekend and a good student.

What We Loved

1. CELEBRATED ANOTHER YEAR OF MARRIAGE - Forgot how long it's been
2. Have I mentioned the fun Halloween vibes .. always the best precursor to the holiday stretch.

What We Learned

1. Gandalf AI - [Status: Paused!] .. bumping this to next week as part of an AI learning initiative.
2. Picked up U-Test work (Tue. 10/28)
3. New Lesson: Getting Started in iOS Mobile Application Testing (Wed. 10/29 12 - 1) [Status: Done!] Cool things learned, but no real demo.
4. New Lesson: AI Agents and MCP Security Risks (Thr. 10/30 1 - 2) [Status: Done!]
5. Mentor/Mentee w. LUNA happening (Thr. 10/30 3pm) [Status: Done!]
6. Mentor/Mentee w. IMANI happening (Sun. 11/1 2pm) [Status: Done!]
7. Reading: WAHH Chapter 13 - [Status: Done!] .. applied the HTTP header lessons. Should revisit the labs a.s.a.p
8. Hacking: TCM - [Status: Done!]
9. Pen Testing: Five9 Pen Testing [Status: Done!]
10. Writing: Chapter "War Council" [Status: To Do!] .. been a hectic week.
11. Burp Suite: HTTP Header Labs [Status: To Do!]
12. QA Day: Need to get started on APIs.

What We Longed For

1. As always, a good job doing cool shit with amazing people, making great money ... and this time not to f** it up!!

What We Loathed

1. The 2025 Job Market
2. Miami Dolphins in 2025 .. worst I've seen in a long time

Security Testing Journal Entry | w/e Friday October 24, 2025 - “Post BSidesNYC” Ed.

Highlights for the week

Welp! Another week and another round of layoffs across diverse companies in the technology sector (and others). I'm optimistic I will find employment, just not sure in what anymore. Pen Testing is a super-saturated field. Literally everyone and their cousin want's to become a "hacker" having neither the talent or experience. Jobs in QA are becoming scarce as well, with roles being offshored to India and So. East Asia, or eliminated altogether.

The high from BSidesNYC has worn off. I'm back to the reality of looking for work > applying > getting rejected. Lather -> Rinse -> Repeat. 36 days left of UE .. the countdown begins.

The greatest blessing of the moment is acquiring a new mentee / student. I'm teaching her what I have learned about QA and arming with the knowledge I never had. I want to be the person I prayed for. My mission is to ensure she is empowered with the knowlege and skills to ask the right questions and perform to the best of her abilities. F** me for never having that in my life back when I started in QA. Who knows where I would have wound up. Teaching her is a new achievement unlocked!!

What We’re Grateful For

1. As always blessed to have a loving home, great family, food, and comfy bed
2. BSidesNYC continues to be a blessing. New connections keep popping up and I feel new opportunities will manifest themselves.
3. Grateful for Imani, my new student. Her name means "Faith/Believe" in Arabic. So it makes sense I would find faith in myself.

What We Loved

1. In a word .. everything! Never taking a day for granted.

What We Learned

1. Gandalf AI - haven't made time for this [Status: Paused!] .. Looking to pivot to taking the AI courses from "Eli" before coming back to this.
2. Reading: WAHH Chapter 13 - still going [Status: In Progress] .. hadn't had much time this week to do much reading or writing of any kind.
3. Hacking: TCM - 98% done. Have to finish watching the "Report Authoring" section for new ideas.
4. Writing: Chapter "War Council" [Status: Not started] .. been a hectic week.
5. Pen Testing: Five9 Pen Testing [Status: In Progress!] .. behind on it due to BSidesNYC (2 days), along with other priorities.
6. Burp Suite: HTTP Header Labs [Status: To Do!]
7. QA Day: Need to get started on APIs.

What We Longed For

1. As always .. a good job!!

What We Loathed

1. Not having a job for this long.
2. As fun as it feels, losing my willpower to my vice sucks. Getting back on the discipline wagon.

Security Testing Journal Entry | w/e Friday October 16, 2025 - "BSidesNYC Experience" Ed.

Security Testing Journal Entry | w/e Friday {{month}} {{day}}, 2025 - “{{ Theme }” Ed.

Highlights for the week

"A grateful mind is a great mind which eventually attracts to itself great things" - PLATO

BSides NYC All DAY Saturday ... sooo excited for this. Finally getting to volunteer, as per my new years resolution for 2025. For the most part, a lot of what I had laid out as far as goals has come to pass. Landed a Security job, read a couple of books, wrote more, and did as much as I could for mentoring. Certifications are just so expensive. In the meantime, I'm working on the weak areas like network pen testing, report writing, and getting better with Burp Suite (need that PRO version a.s.a.p).

What We’re Grateful For

1. As always, I take comfort in having an awesome family.
2. Grateful that I'm getting to meet people at the BSides Conference.
3. Keeping hope alive that I will land a job soon. But I am glad I didn't get a bad job.

What We Loved

1. Getting to be part of the BSidesNYC voluteerism.
2. Looking forward to meeting RaicesCyber folks.

What We Learned

1. Gandalf AI - haven't made time for this [Status: Paused!]
2. Reading: WAHH Chapter 13 - still going [Status: In Progress]
3. Hacking: TCM - Re-watched Module 9 [Status: Done!] Module 10 [Status: Not Started!]
4. Writing: Set up the outline for Chapter "War Council" [Status: In Progress!]
5. Pen Testing: Five9 Scope completed; Pen Testing paused for other priorities that came up.
6. Burp Suite: CSRF Labs [Status: Done!] HTTP Header Labs [Status: To Do!]
7. QA Day: Fixed E2E e-commerce tests. Need to get started on APIs.

What We Longed For

1. Longing for that great job, making great money, working with great people, doing awesomethings in the Cybersecurity space, mainly pen testing.

What We Loathed

1. 2025 Job Market.

Security Testing Journal Entry | w/e Friday October 10, 2025 - "Versus Vices" Ed.

Highlights for the week

Had a temporary moment of weakness with my vice - felt guilty despite the temporary enjoyment. Reddit is the other habit I need to regulate.

In other, exciting news, my mentee wants to get started on Pen Testing .. which is motivating me to revisit the craft. Radio silence from my other mentee in France. Hope all is well with her. It's been three weeks or so since we last talked.

What We’re Grateful For

1. Getting to rise and shine to a beautiful Friday morning in the fall is always a blessing.
2. Grateful to have another week of good health and good vibes.
3. I get to wake up .. I will make the most of this.
4. I'm appreciative of all that I have.
5. I will make the most of this.

What We Loved

1. As stated before: crisp fall air, beautiful blue skies, sunshine, and the unshakable feeling of something amazing about to happen this month.

What We Learned

1. Gandalf AI - hacked around and did not find out! Prompt injection attack for level 1: [Status: Paused!] .. just not enough hours in the week.
2. Reading: WAHH Chapter 13 - [Status: In Progress] - it's a monster chapter and I'm pausing to correlate BurpSuite labs as I finish a section.
3. Hacking: TCM - Module 9 [Status: Done!] - Might need to revisit the last 10 minutes before starting Module 10.
4. Writing: New Chapter "War Council" [Status: Not Started!]
5. Pen Testing: Five9 Scope completed; Pen Testing paused for other priorities that came up.
6. Burp Suite: Near complete with CSRF Labs; Then HTTP Header Flaws (per WAHH Chap. 13).
7. QA Day: Continued work for Checkout Summary page [Status: In Progress]; need to fix the fails.

What We Longed For

1. As always: a great job, working for a great company, doing amazing things, with great people, making great money.
2. Getting out of debt .. looking forward to that so I can start saving $$$

What We Loathed

1. THE JOB MARKET IN 2025 ... I'll probably keep repeating this until I land a job.

Security Testing Journal Entry | w/e Friday October 3, 2025 - "Besides the BSides" Ed.

Security Testing Journal Entry | w/e Friday {{month}} {{day}}, 2025 - “{{ Theme }” Ed.

Highlights for the week

Got a great feeling about October, and from the looks of my calendar .. that is justified!! Mentee wants in on Pen Testing action. And I'm volunteering for BSidesNYC ... woot!

What We’re Grateful For

1. I get to be here.
2. Got a great family.
3. Some money was given to us for good use.
4. New opportunities showing up.

What We Loved

1. Finally getting to go to BSidesNYC and volunteering.
2. Gandalf Hacking posponed to next week.
3. Got some great feedback with the AI prompt on "Husb.." fight scene.
4. Re-assessed finances and consolidated a lot of balances down to two cards. Gotta make that money!!
5. Got around to scheduling new appointment for DMV.
6. Got a new doctor and hoping I can get to the new endo. This low-t thing is killing me

What We Learned

1. Finished Module 4 for Google Prompt and came away learnig A LOT about prompts.
2. Reading: WAHH Chapter 13 - [Status: In Progress]
3. Hacking: TCM - Module 9 [Status: To Do!]
4. Writing: Leveraged AI to expand on the fight scene between Mara and Dee. [Status: Done!] The feedback was amazing!
5. Pen Testing (Bug Crowd): Need a new PT starting next week.
6. Burp Suite: Bus. Logic flaws - [Status: Not Started!]. About to start CSRF, which aligns with the section in Chapter 13 of WAHH.
7. QA Day: Continued work over the weekend [Status: In Progress]
8. Gandalf AI - hacked around and did not find out! Prompt injection attack for level 1: [Status: In Progress!]

What We Longed For

1. A great job doing cool sh**, with amazing people, making decent $$$ and benefits! Applied again to Perplexity (fingers crossed!)

What We Loathed

1. Job Market in 2025. Unemployment is a real drag.

Security Testing Journal Entry | w/e Friday September 26 - "The Rapture Cometh" Ed.

Highlights for the week

Around the world, this was an eventful week. The 47th president of the US continues to walk a path towards authoritarianism that no one is challenging him on. The death of a conservative influencer has done more to divide people than to unify them in solidarity against political violence. Tons of new hacking incidents. And the makers of AI are looking to spin up data centers that will each require the electricity of a small city to run, and millions of gallons of water to keep cool. Resources our infrastructure is incapable of supporting, yet money that could go towards improving the quality of our country is being diverted to these endeavors. It's a fast-moving freight train on a downward-sloping greased track with no brakes, headed towards a cliff.

Then there were rumors that caught fire, spread by some priest in So. Africa, that the rapture was iminent and that we would be wise to take action and repent!

As for me: I had a "down" week. Just didn't feel the verve to do much of anything. I fought the good fight in my head to stay disciplined in my workouts, but as for job hunting and learning stuff .. there was just little to no wind in my sails. Perhaps it's low-t, or the unemployment effects of all these rejections, but I'm on the last month before things go tit's up and not even so much as a ping! from recruiters. Also, I got the "thank you, next" email from Spotify. I didn't think I had a chance, but it was worth a try. Not really broken up about it.

My son found pictures of me, back when I was in my 20s and full of promise. Still broke, but not nearly as traumatized by life. Can't remember if it was pre- or post-Andrea, but I just remember the good times. I want to be that happy again. I am not defined by my past. I am refined by it. And it's awesome to say I still have time to choose who I want to be.

What We’re Grateful For

1. Friends, referals, and good internet.
2. I get to be here, another day.
3. Family .. and a full 'fridge.
4. As always, great health.

What We Loved

1. This week was m'eh .. so not a lot to love. Cooking is always a blast!

What We Learned

1. Reading: WAHH Chapter 13 - [Status: Not started]
2. Hacking: New Weekly lesson with TCM - Foundational set up of lab for Active Directory. Module 9 is where it gets good. [Status: Done!]
3. Writing: Need to expand on fight scene between Mara and Dee. [Status: Not started]
4. Pen Testing (Bug Crowd): Continued Pen Test for items in scope for SR [Status: Closed]. Need a new PT.
5. Burp Suite: Bus. Logic flaws - [Status: Paused]; Did SSRF instead. [Status: Done!]
6. QA Day: Continued work [Status: In Progress]
7. Gandalf AI - hacked around and did not find out! Prompt injection attack for level 1: [Status: In Progress]

What We Longed For

1. As always .. a good job, making good money, with good people, doing cool sh**!
2. Miss being in love; being held; kissing; s-e-x

What We Loathed

1. Still sitting at 85% of no!

Security Testing Journal Entry | w/e Friday September 19, 2025 - “And the beat goes on .. and on!” Ed.

Highlights for the week

Fall is around the corner and the weather has been spectacular. Gone are the days of high heat and humidity. Crisp temperatures, cool breezes, and sunny days are here. Job search has been abysmal. The cycle the same: see the job post > apply for the job > get rejected > see the job reposted.

Been listening to a lot of stoic philosophy videos on YouTube and have really improved my mindset. I've shut down the negative self-talk and I've replaced it with positive affirmation. I keep looking back on my time at Secure Ideas, and the more I study what went right and what went wrong, I am coming to understand that there was a lot I should have done better. I wasn't working to the level of my experience and I was humbled by just how much I still have to learn. The lessons learned were: need more experience; need to write better; blogging matters for the company in terms of sales and marketing; need more practice with portswigger pro!

How I'm improving on those weaknesses:

1. Been trying to find new projects in bug crowd, but struck out with a recent engagement. Will keep hunting for new ones.
2. Wrote up a report for a recent project (NFL). Need to keep that up.
3. Been learning a lot about AI. Does it help with pen testing? No. But I also learned how to hack them, so out of curiosity, I've taken a course on prompt engineering and read a book on agentic security. It's moving me in a particular direction ... a fun one.
4. As for Portswigger, I only have the community edition so the issues that caused me problems at SI will remain unfixed for the time being.

What We’re Grateful For

1. Grateful that MIL provided us with lunch and food.
2. Grateful for friends in great places.
3. Grateful that I get to wake up and enjoy another day of good health, vitality, and well-being.
4. I get to be here .. now .. making the most of my time to stay happy and productive.

What We Loved

1. Jumped on a new opportunity for a completely new role at Spotify. I'll be happy if I get it, but cool with not. It's a new challenge.
2. Applied to Spirit Halloween store .. a fun seasonal gig. I'm not above seasonal work at this point. Some money is better than no money.
3. And while I'm on the work tip, some new U-Tests sprang up adding to a packed schedule. It's impacted some personal projects which keep getting pushed further back.
4. New Deadlift achievement - 270lbs. Personal best is still 305lbs.
5. While on the workout subject, my son is now part of my morining routines. He is motivated to start exercising .. very cool! It has however altered my mornings significantly
6. Joined BSides-NYC as a volunteer. That starts in October, so super excited for that.
7. While on the networking subject, Joined "Raices Cyber" - NYC Chapter. A latin-american group focused on Cybersecurity. Need to up my networking game tremendously. As the saying goes, "you are the sum of the 5 people you surround yourself with." Right now, I have no one. :'(

What We Learned .. a busy week!!

1. Reading: Read "Securing-Agentic-Applications-Guide-1.0" and learned several new things and frameworks to play with. [**Action item]Gandalf AI Hacking .. start!
2. Reading: WAHH Chapter 13 - paused for work and additional tasks. This is for fun so less of a priority. [**Action item] Get back on it.
3. Hacking: New Weekly lesson with TCM. Learned about brute-forcing logins, password spraying, and HTB. [**Action item] Need to renew that membership
4. Writing: "Husb" New chapter about reconings. Need to expand on fight scene between Mara and Dee.
5. Work: A couple of new U-Test projects popped up forcing me to recalibrate my task list and reading.
6. Pen Testing (Bug Crowd): New project started required credentials. After scoping, not a lot was possible. Will revisit scope and targets and try to test the write the report. It's all about the reps.
7. Burp Suite: Bus. Logic flaws - paused for work; shall resume over the weekend as time allows.
8. QA Day: Started practicing Playwright with typescript. The cool lesson learned: used Gemini to optimize my code for improved readibility. Something I wish I had done at Unqork.

What We Longed For

1. As always .. a job, money, health benefits.

What We Loathed

1. The job market in 2025