Sunday, December 22, 2024

Security Testing Journal Entry | w/e Friday December 20, 2024 - "Christmas Holiday" Ed.


Highlights for the week

On paper it should have been a super busy week. In practice, things went well. The client was delayed in providing needed resources, but when they did, testing was efficient and effective. Report write-up was smooth and deliverables are near complete.

That I'm three months in and hearing myself talk about pen testing is such a thrill. I don't know that I'm ever going to come down from that cloud, and I'm super-appreciative of everything and everyone. I am where I belong. And I've never felt more excited about that in a long time.

What We’re Grateful For

  1. I know I said it before, but I'll keep saying it. I'm beyond grateful for everyone I work with.
  2. I'm grateful for the job I have and the opportunities for learning, doing and growing. I don't look at what I don't know, I look at what new thing I get to learn.
  3. I'm eternally grateful for my family and friends, near and far.

What We Loved

  1. LOVED EVERYTHING!!!

What We Learned

  1. Learned how to properly pen test an API. I know there's more I could still learn ... always!
  2. I got the chance to work with MobSF - an automation framework for mobile iOS and Android. Really cool thing to learn.
  3. I got to see how an SDK is tested. There's a lot I wasn't privy too, but there's so much to want to do.
  4. Another successful week of Web App Pen Testing. I'm sure there are scenarios I never tried, but I love getting to keep doing.

What We Longed For

  1. Need more time to practice my tests for CISSP.

What We Loathed

  1. Nothing. Holidays are here and I'm loving every moment of it.
Posted by at No comments:

Saturday, December 7, 2024

Security Testing Journal Entry | w/e Friday December 6, 2024 - "Delta, Omni, and IANS" Ed.


Highlights for the week

A very fun 3 day on-site testing engagement with a Cybersecurity company. Tons of fun and lessons learned. Networked with amazing people and got the opportunity to gain new skills and experiences. At the conclusion of it all, gained some insight on how a department is set up, their needs, and left room for continued support.

The flight on Delta was phenomenal. Smooth onboarding, quick flight, and enjoyable experience.

The hotel was posh and elegant. The downtown area was beautiful, but expensive. Same for my lobster roll.

What We’re Grateful For

  1. EVERYTHING!! Grateful for the job, the opportunities presented, and so much more!

What We Loved

  1. EVERYTHING!! The travel, the onsite experience, the new relationships built. All fun!

What We Learned

  1. EVERYTHING!! Lots of fun, testing Mac, and so on.

What We Longed For

  1. Not this time!

What We Loathed

  1. Nothing!
Posted by at No comments:

Saturday, November 30, 2024

Security Testing Journal Entry | w/e Friday November 29, 2024 - "Thanksgiving" Ed.


Highlights for the week

This was a short week full of a lot of amazing things. Work has been nothing short of spectacular, learning so much every single day. The most fun I had was writing the test reports and gaining more exposure to the process. Because the holidays are in full swing, I will keep this entry short by expressing what I'm thankful for.

What We’re Thankful For:

  1. I would be remiss if I didn't start my list by saying that I'm eternally thankful for the Lord above and my grandma up in heaven watching down on our family. I believe she's heard my prayers and blessed our family with all the love she could give. Angels are definitely watching over us.
  2. I'm eternally thankful for the job I have. It is nothing but prayers answered, wish fulfilled, and manifestation made real all rolled into one. I smile every day for the experience of working on the career of my dreams and being surrounded by brilliant people.
  3. I'm blessed by having a wonderful family and loved ones. Sure wife and I are not where we should be, but we're not where we could have been .. divorced! Working on our reconnection is definitely a 2025 goal.
  4. I'm also thankful for having a wonderful son who's been the best. Sure, he gets testy at times, but he's got me for a father and I know how I can be at times.
  5. I'm thankful for mom, sister, and the rest of the family abroad. They are forever in my heart.
  6. I'm most proud of myself. Through hardwork and discipline, I had the wherewithal to end the bullshit of hire/fire in a career I that wasn't me. I'm now determined to work my hardest in this new endeavor. No fuck ups! LEARN - DO GROW!
Posted by at No comments:

Saturday, November 23, 2024

Security Testing Journal Entry | w/e Friday November 23, 2024 - "Cool, Calm, and Collected" Ed.


Highlights for the week

What a wonderful week it has been. Since last post, I've had tremendous opportunities to work with more co-workers, learn more about network penetration testing, and reporting. It was amazing to do all the things and learn. It never ends. Side note! I need to sign up for my CISSP Cert.

What We’re Grateful For

  1. As always, beyond grateful to have a job that has been nothing short of all prayers answered. I will endeavor to make this the ultimate stop in my journey.
  2. With the holidays around the corner, I'm grateful that I'm in the right mental and financial headspace to enjoy the holidays.
  3. Love the family, at work and at home.

What We Loved

  1. EVERYTHING! Work is awesome! Just saying I have a job is enough for me to be beyond grateful, but to have the right career pivot is immeasurable.

What We Learned

  1. CISSP - Finished the book. Now its on to studying the "problematic" modules, then take another test.
  2. Network Pen Testing - I learned more about tooling and process this week. I really really need to take a course in this.
  3. Pen Test Reporting - Learned so much about the process and writing style. As much as I'm reading the work of others, I want my own voice. Theoretically, it should be the one voice of the company. That will take practice. The feedback was incredible.

What We Longed For

  1. NOTHING! Been really good about time management and project delivery.

What We Loathed

  1. I hated turning my report late. I own the delay based on the feedback given.
Posted by at No comments:

Sunday, November 17, 2024

Security Testing Journal Entry | w/e Friday November 15, 2024 - "Extra CISSP-ie" Ed.


Highlights for the week

Had an awesome time this week. Got paired up with another pair of talented individuals who have really taken the time to teach me some things. I have a quick test with my manager that I'm looking forward to and I have been offered the idea of combining what I know with what I've done, mainly in the avenue of training. Intriguing prospect to say the least.

Also, CISSP training is over, but the fun has just begun. I have to circle back to the areas I was weak at and redo them. My goal is to take another test then the modules and if I get consistent 70% or better, I'm going to take the test.

What We’re Grateful For

  1. Holidays are in full swing, and I'm super-grateful that I have a job and the resources to make things happen.
  2. As always, grateful for an awesome family, awesome job, and everything in between.

What We Loved

  1. Everything!

What We Learned

  1. More Network Pen testing things. Picture is getting clearer with each engagement.
  2. CISSP is over, and the cert training is in progress. Need to sign up to get certified.

What We Longed For

  1. Nothing.

What We Loathed

  1. Nothing this week.
Posted by at No comments:

Sunday, November 10, 2024

Security Testing Journal Entry | w/e Friday November 8, 2024 - "Get workin' on Network'n" Ed.


Highlights for the week

Had a tremendous week full of learning, writing, and interviewing. Got to conduct my first onsite test, met my manager in person, and learned a lot more about network pentesting.

What We’re Grateful For

  1. Just like I wrote last week, I'll never stop thanking the good lord for the wonderful job with wonderful people.
  2. With the holidays in full swing, I'm ever grateful for having a wonderful family and the means to provide.

What We Loved

  1. Looooved getting to work with my manager and conducting an onsite security assessment. Met some cool nurses too.
  2. Loved working with a co-worker patient enough to teach me a little more about getting network pen testing scans started.
  3. Thrilled that I got to write my first pentest report. The feedback was great.

What We Learned

  1. CISSP is in the final throes. 1 more chapter and I'm done. Need to circle back on the weaker chapters.
  2. Learned how to use recon-ng to perform OSINT on an IP.
  3. Learned how to set up my first internal and external network scan.
  4. Sent my first client communication.

What We Longed For

  1. Nothing!

What We Loathed

  1. Not really a loathe, but my project teammate was missing a bit and the project report is behind schedule by a bit. On a personal level, I don't have much to loathe.
Posted by at No comments:

Saturday, November 2, 2024

Security Testing Journal Entry | w/e Friday November 1, 2024 - "Rabbit Rabbit" Ed.


Highlights for the week

Another week in the bag and I can't help but feel super-blessed. I have a mother who continues to be amazing, even if a bit overzealous with her affection. I have an awesome job where everyday ... EVERY DAY! ... I learn something. I'm blessed with an awesome wife who has a gift for event planning. We're on our way out to a "Dia De Los Muertos" event that follows on the heels of Halloween. And we live in a picturesque neighborhood straight out of a Norman Rockwell painting. The vibe was amazing.

As stated before, work continues to be a blessing. I'm so glad I'm not looking at it with rose-colored glasses, but I am loving every minute of it, the good and not-so-good (more on that later). Plus I'm traveling in a bit and working onsite with manager and co-workers. Tune in next week for more on that.

Of course ... rabbit rabbit! and the many blessings of having continued success and more importantly, not to f** it up.

What We’re Grateful For

  1. As stated before, doubley blessed to have an amazing job. I don't think I will ever stop thanking God for this wonderful opportunity 15 years in the making.
  2. Grateful to have an awesome family, food, good health, and so much more.
  3. Grateful to have a mentor that continues to teach me things. I'm happily passing that knowledge on to others.

What We Loved

  1. Loved my engagement. Network Pentesting continues to be a weak area, but the more I keep doing, the stronger I get. Same goes for reporting.

What We Learned

  1. CISSP - Finished the section on testing and working through the section on security operations. Falling behind on the upcoming chapter, but I hope to be caught up by EOW. Too many fun family activities.
  2. Learned a little more about external network pen testing process. Will be writing a blog on that shortly.

What We Longed For

  1. As always, more time for studying and exercising. I will say waking up early and getting the day started after a workout has been amazing. Need to stay consistent.

What We Loathed

  1. Fitness routine took a hit this week. My workout has been sporadic at best, but I can forgive myself since its holiday season.
  2. Minor loathing, but one negative about my job has been the lack of training. I was paired with a great co-worker that has been absent most of the project. It took me reaching out to my mentor to fill in the gaps. I'm a day wiser, but not much else. Sooo glad I wrote up the report early.
Posted by at No comments:
Subscribe to: Posts (Atom)