Friday, May 3, 2024

Security Testing Journal Entry | w/e Friday May 3, 2024 - "May the 4th Be With You .. Always!" Ed.


Highlights for the week

Mildly uneventful week. Managed to complete another pen test, completed the refactor of API security tests, and kicked off a campaign to automate some manual pen tests. Overall, a pretty good week.

What We’re Grateful For

  1. Happy that I got to add another pod/live stream to my menu, this one deals with Cybersecurity news!
  2. Grateful for good health and well-being
  3. Grateful to have a full refrigerator (despite the absence of income)
  4. Grateful for another month with a roof over my head
  5. Thankful that a recruiter reached out to me and forwarded my application (finger's crossed)

What We Loved

  1. Mom's birthday - we're talking. She still has yet to acknowledge what she's done, but I'm not one to hold grudges.
  2. May is great for "Star Wars Nerds" (5/4) and Cinco De Mayo! As well as Mother's Day!

What We Learned

  1. Automation - Learned to refactor API tests using Clients and improved syntax
  2. Automation - Learned to write automation tests for DOM-Based XSS and Stored XSS .. more to come
  3. Security - completed OrangeHRM Pen Test. Really happy with how the report looks and the progress made. Next week - mobiles!
  4. "Husb..." - another week gone and no writing done. Gotta fix that and finish this.

What We Longed For

  1. Need a job

What We Loathed

  1. The lack of a job
Posted by at No comments:

Sunday, April 28, 2024

Security Testing Journal Entry | w/e Friday April 26, 2024 - "Spring Cleaning & Healing Ed."


Highlights for the week

Stepping out of my comfy zone to post about a project, warts & all (lesson - have your ducks in a row); tested IOT devices - awesome!; learned iOS Mobile (lesson - need to improve lab); Part of my personal spring cleaning (see "What we learned)

What We’re Grateful For

  1. Gratful the moon woke me up early, which meant I got a good night's sleep and feel awesome! Was also productive
  2. Grateful for having a roof over my head, a full fridge, and good health
  3. Grateful to be humbled by learning new things and making rookie mistakes
  4. Grateful for meeting my personal, professional, and fitness goals this past month!

What We Loved

  1. New opportunities testing IOT devices

What We Learned

  1. Learning to take action, especially when its difficult or challenging .. may result in a win or not!
  2. Learning to get rid of limiting beliefs & pick up affirmations
  3. Working on getting rid of old habits & pick up new "good" ones
  4. Tough week for getting anything done. Pen testing is behind schedule.
  5. Finally got Azure working. Learned there was a request that needed to be made, probably to prevent bit mining.
  6. Posted API security automation test and was met with some great (humbling) feedback. Note to self - make sure to be 100% perfect before going live!
  7. Spent last weekend with iOS DIVA. Need to set up my framework to test better.
  8. "Husb ..." {paused} -- been a hectic, productive week for QA testing

What We Longed For

  1. I said it last week, and I'll probably keep saying it ... a good job, with great pay and benefits, working with cool people, doing cool sh**

What We Loathed

  1. Unemployment sucks!
  2. Ghost jobs suck!
  3. Feeling like I'm never going to get a job ... definitely sucks!
Posted by at No comments:

Friday, April 19, 2024

Security Testing Journal Entry | w/e Friday April 19, 2024 - "Connections, Old & New Ed."


Highlights for the week

Made a new connection, have similar career paths; helped an old connection w. work; mentee is frustrated; gratitdue section to template

What We’re Grateful For

  1. Happy that my wife & child are in good health
  2. Grateful to have stamina and good health to work out
  3. Happy that I get to have a great pair of mentees
  4. Thrilled that, while I'm not working, I get to work on what I want to do with my career

What We Loved

  1. Finally got Android and iOS DVA working. Successfully finished Android, on to iOS!
  2. Also getting around to API Security Testing

What We Learned

  1. Blogging - building an audience is goign to take time, but I'm proud of the work
  2. Android Pen Testing
  3. iOS Pen Testing (in progress)
  4. API Pen Testing - managed to successfully complete 9 of 10 tests. The 10th didn't apply.
  5. Web App Pen Testing (in progress) ... pushed to next week, maybe longer!
  6. Azure DevOps - blocked! Sent request for parallelized testing
  7. U-Test - Voice Assistant Testing; PII; Capture Crash logs on iOS/Android devices
  8. "Husb..." - need to wrap this sucker up and get back to the real book

What We Longed For

  1. As always: a proper job, pay, benefits, cool people, great location

What We Loathed

  1. Nothing much to be angry about. Keeping it positive!
Posted by at No comments:

Friday, April 12, 2024

Security Testing Journal Entry | w/e Friday April 12, 2024 - "Eclipse Ed."


Highlights for the week

This week was a mixed bag of highs and lows. A couple of notable highs include a solar eclipse that happened at the top of the week, and a 4.8 earthquake that shook my desk for a few seconds.

Some lows include having to turn down a TesterWork job. Not sure how long I'm keeping them, but until I land a job, I'll have to play the game. Another low was the struggle to get my ios app pen testing environment up. That took up most of my Thursday, and ate into my other tasks.

What We Loved

  1. A big win! Finished another pen test. Sent that draft to my mentor for review, waiting on feedback.
  2. Another win! Got my environment set up to do mobile app testing.
  3. Loving the results of my workout. Need to eat better, but seeing some progress.

What We Learned

  1. Automation - Finished Cypress and jumped back into playwright with python, finished automation for that form.
  2. U-test - finished modules regarding testing, tickets, and capturing the evidence.
  3. Azure DevOps - tried to deploy my project but got blocked by the need for a subscription. Will revisit again next week.

What We Longed For

  1. As always, patiently wating for that job. ZERO - jobs applied to this week.
  2. "Husb ..." - didn't get much writing done this week! Longing for more time. Priorities took up most of the week.

What We Loathed

  1. Need to get more disciplined. Been procrastinating a teenie bit.
Posted by at No comments:

Friday, April 5, 2024

Security Testing Journal Entry | w/e Friday April 5, 2024 - "Pr-Eclipse Ed."


Highlights for the week

So yeah! We are having an eclipse on 4/8. There was also a 4.8 earthquake on Friday (the day of this journal entry). Thankfully, no one in the family is hurt and there was no damage to anything anywhere. Other than that, a fairly quiet week. Not a lot to report.

What We Loved

  1. Another successful week of learnings.

What We Learned

  1. Linked In Learning: Completed OWASP-Top 10.
  2. Linked In Learning: Completed Threat Modeling fundamentals
  3. U-Test: Signed up and started some of their tutorials. I feel like there's an issue with their "Bug Report" practice module.
  4. RemoWork: Deleted that account. Nothing came out of it.
  5. Azure DevOps: Finished the modules. Need to deploy my practice site.
  6. Cypress: Need to finish some front-end tests. Need to play with the API tests
  7. "Husb...": New chapter around D's origins.

What We Longed For

  1. As always: a good job, a good paycheck, working with great people

What We Loathed

  1. Phoniness on social media, namely linked in. You go and help people, no kind of a "thank you!"
Posted by at No comments:

Friday, March 29, 2024

Security Testing Journal Entry | w/e Friday March 29, 2024 - "Easter Week Ed."


Highlights for the week

This past 40 days of Lent commemorates the end days of our savior Jesus Christ. We honor his life, death, and resurrection. More importantly, we honor his mission on earth. The message was simple, "love each other as I love you." That is to say, unconditional, forgiving, and without pretext. Cheers!

In other news, had a brilliant study session with my mentee. Achievement Unlocked! Another pen test completed.

Oh! Let me not forget, my mentor forwarded my resume to someone within his company. Same one I interviewed last time .. and lost. Stay tuned! Hoping my luck changes.

What We Loved

  1. Mentee-1 - As always, worked with one mentee to improve her resume.
  2. Mentee-2 - Worked with my other mentee to get her better prepared with her studies.

What We Learned

  1. Automation (Web) - learned that Cypress discontinued support for xpath. That being said, somehow, things are working again.
  2. Automation (iOS) - Finished XCUI iOS tests. Refactor .. tbd!
  3. QA - Completed a ton of QA related activities, like test plan, test scenarios, risk analysis, requirements traceability, testing, and reporting.
  4. Pen Test - completed the security audit and wrote up the report. On to the next one ... love this :)
  5. Linked In Learning - Learned how to use Azure DevOps and deploy a project to that CI. Next week, I'm going to try deployment with the project.
  6. Cult.ure - "paused"; "Husb..." - in the final chapters of the story that ballooned over the past two months. Love it :)
  7. UTest - Signed up for remote work with new site. Next week - onboarding
  8. TesterWork - Opted out of one campaign that required being "ON" for seven days; Signed up for another .. who knows how much longer I will keep this one

What We Longed For

  1. It was a bummer that I didn't land the job. Every rejection is a redirection!

What We Loathed

  1. UNEMPLOYMENT - 545 days since my last paycheck! Rejections galore. It's possible most of these jobs listed are not even real!
  2. RemoTask - not sure how much longer I'm going to keep this profile active. I haven't completed the onboarding because they want a profile pic to verify id .. sketchy!

Posted by at No comments:

Friday, March 22, 2024

Security Testing Journal Entry | w/e Friday March 22, 2024


Highlights for the week

Lots of good stuff this week! Ran some personal errands which impacted some goals, but otherwise had a great week where I got to meet a new Pen Testing Professional. We talked a bit about the craft and what it takes, as well as how to get started. The answer - personal branding.

On the automation front, getting "ok" with XCode. It only took 14 years to finally get around to it. Coupled with knowing Espresso, I feel really proud of how that's come along.

Another site to practice pen testing is selected. Been grinding along.

What We Loved

  1. Meeting with a new Cybersecurity professional. Nothing new learned, but it was still fun.
  2. Made a new contact with a CISSP Security Professional. She seems like great people.
  3. As always, meeting with my mentees is always the highlight of my week. Got to iron out some important things regarding her job prospects and career choice.
  4. Lovin' my new PPL workout.

What We Learned

  1. Automation - Learned about using POM w. XCode. Need to put that in place next week. Also learning about Azure DevOps (finally!)
  2. Burp Suite - Closing in on completion of the labs. I won't get to all of them because I need BS Pro!
  3. Security - New pen testing underway. Nothing new this week.
  4. Security 2 - Learned a couple of things about threat modeling.
  5. Cult.ure - "paused"; "Husb..." - exciting chapter and interesting character revelation.
  6. Personally - improving the negative self talk. Learning to accept the consequences of my actions and the "why" behind them. Hoping I'm living to my true purpose.

What We Longed For

  1. Another week, no new updates regarding a new job. This is getting really bad!

What We Loathed

  1. Rejection for jobs that keep getting reposted.
  2. Technical interviews that involve a Leetcode/Hackerrank code challenge with zero relevance to the job you'd actually be doing.
Posted by at No comments:
Subscribe to: Posts (Atom)