Sunday, July 30, 2023

Security Testing Journal Entry | w/e Friday July 28, 2023 - Ashura Ed.


Highlights for the week

What is AshuraA voluntary fast-day observed by the Mohammedans on the 10th day of the month Muharram.

As you can surmise by the subtle Android logo, this week was focused on Android, both the application development and automation process. Spent a good part of last week and this week focused on automation in Espresso with Kotlin. Even learned how to build an app with Kotilin. Next week, more of that.

Security testing with Pen Test process is making great headway. Spent a good portion of time learning how to use zap with automation. This week, so looking forward to the walk-thru.

Also, I was sick the better part of the week, so not a lot of progress made in Sec+

What We Loved

  1. Interviewed at a rapid pace at my target company of choice. I have a great feeling, but the grind of looking for another job persists until I sign an offer letter.
  2. TCM is phenomenal!!
  3. Mentoring - I didn't think I was going to like it as much as I do.

What We Learned

  1. Database Testing - Done. Not spending too much time learning to do triggers.
  2. Security+ - Paused! Read about FedRamp / StateRamp
  3. TCM - Learned a bit about Automating the requests for security vulns.
  4. Automation - Android Espresso / Kotilin .. #1 focus for now and the months to come.

What We Longed For

  1. A job, pay, and benefits!! About to hit a 11 months. If something doesn't happen by Mid-August, the money will officially be run out.

What We Loathed

  1. Unemployment!
Posted by at No comments:

Friday, July 21, 2023

Security Testing Journal Entry | w/e Friday July 21, 2023 - Paid-In-Full Ed.


Highlights for the week

Three great big wonderful things this week: First, finally the chance to learn more about the actual Pen Testing process, working with TCM learning modules and "Juice Shop".

The second: Finally have the first round interview with a company I have been long since liasing for since January. All finger's crossed for Monday. Manifestations of positivity, prosperity, and passions is finally paying off.

The third: Student Loan is PAID IN FULL!!

What We Loved

  1. Everything in so far as staying positive, focused, and disciplined is paying off!

What We Learned

  1. Android Espresso - Learned how to test toasts, and write a custom view matcher. I get what is supposed to happen and how things work. What I wish I knew at Fuzz!!
  2. Sec+: Module 3.2 - Host & Application Security
  3. Database Testing - Learned about stored procedures and how to test. The automation portion is done using TestNG :(
  4. TCM - So excited to be on the module concerning Pen Testing. Need to read more from the whitepapers regarding the process.

What We Longed For

  1. Employment

What We Loathed

  1. Nothing! All happy beeps this week!
Posted by at No comments:

Sunday, July 16, 2023

Security Testing Journal Entry | w/e Friday July 14, 2023 (Sunday Ed.)


Highlights for the week

Posting this a bit late on Sunday as things have been a mixed bag of busy and lazy. Some promising news on the job hunt!

What We Loved

  1. My friend / potential manager reached out to let me know the role is in the final stages of budget approval.
  2. Got a good idea for the Mentor - planning to learn more about the process of pentesting while I learn techniques.

What We Learned

  1. Security+ - started Module 3 .. gonna be a long slog.
  2. TCM - Finished Module 4 - OWASP Top 10. Need some more practice on DWVA.
  3. Automation - made great progress on Espresso (Android). Even built a rig app to test against.
  4. Databse Testing / SQL - learned schema testing.
  5. Cult*ure - Chapter 14 is coming along quite nicely. Some interesting character developments.

What We Longed For

  1. More time. My plans for the week were hijacked on Wednesday due to personal priorities.
  2. Longing for a paycheck, but I've articulated the vision a lot clearer and working towards manifesting it.

What We Loathed

  1. A few jobs rejected my application this week. Yet the roles for ones I was rejected for in the past showed up again .. wth!!
Posted by at No comments:

Friday, July 7, 2023

Security Testing Journal Entry | w/e Friday July 7, 2023 - Independence Day Ed.


Highlights for the week

Another successful week. Hit several goals, and have acquired a new mentee (who knew!). A couple of other new connection wanted to discuss some Cybersecurity testing basics. Sadly, these meetings didn't manifest themeselves. Worth a note is unblocking myself and making great progress with the Pentesting Course.
Unemployment remains blech!! But I really truly feel my job is waiting for me.

What We Loved

  1. I'm honored having been asked to mentor someone. Not my first time "coaching" someone, but I'm opting to be the mentor I haven't had.
  2. Made great progress with learning Espresso for Android.
  3. Making great progress with the book as well. Story is evolving beyond what I had laid out.

What We Learned

  1. Network+ - Done! Need to find pop quizzes.
  2. Security+ - Finished the modules regarding Architecture & Design.
  3. TCM - Moving through the OWASP Top 10. Will definitely write a "Security For No0bs" post.
  4. Automation (web) - Finished what I could for Playwright w. Python. Fascinating framework.
  5. Automation (mobile) - Made decent headway with Espresso after being blocked with the Gradle build process. There's still a bunch to learn.

What We Longed For

  1. SQL - this has to be a must do next week.
  2. Espresso - continued practice.
  3. WebdriverIO - this keeps popping up. I should pivot from Appium Automation to learn this.

What We Loathed

  1. Unemployment. 15 jobs, no recruiter call backs. Ghosted by another recruiter. The grind is taking it's toll and money is running out.

Posted by at No comments:
Subscribe to: Posts (Atom)