Security Testing Journal Entry | w/e Friday December 20, 2024 - "Christmas Holiday" Ed.

Highlights for the week

On paper it should have been a super busy week. In practice, things went well. The client was delayed in providing needed resources, but when they did, testing was efficient and effective. Report write-up was smooth and deliverables are near complete.

That I'm three months in and hearing myself talk about pen testing is such a thrill. I don't know that I'm ever going to come down from that cloud, and I'm super-appreciative of everything and everyone. I am where I belong. And I've never felt more excited about that in a long time.

What We’re Grateful For

1. I know I said it before, but I'll keep saying it. I'm beyond grateful for everyone I work with.
2. I'm grateful for the job I have and the opportunities for learning, doing and growing. I don't look at what I don't know, I look at what new thing I get to learn.
3. I'm eternally grateful for my family and friends, near and far.

What We Loved

1. LOVED EVERYTHING!!!

What We Learned

1. Learned how to properly pen test an API. I know there's more I could still learn ... always!
2. I got the chance to work with MobSF - an automation framework for mobile iOS and Android. Really cool thing to learn.
3. I got to see how an SDK is tested. There's a lot I wasn't privy too, but there's so much to want to do.
4. Another successful week of Web App Pen Testing. I'm sure there are scenarios I never tried, but I love getting to keep doing.

What We Longed For

1. Need more time to practice my tests for CISSP.

What We Loathed

1. Nothing. Holidays are here and I'm loving every moment of it.

Security Testing Journal Entry | w/e Friday December 6, 2024 - "Delta, Omni, and IANS" Ed.

Highlights for the week

A very fun 3 day on-site testing engagement with a Cybersecurity company. Tons of fun and lessons learned. Networked with amazing people and got the opportunity to gain new skills and experiences. At the conclusion of it all, gained some insight on how a department is set up, their needs, and left room for continued support.

The flight on Delta was phenomenal. Smooth onboarding, quick flight, and enjoyable experience.

The hotel was posh and elegant. The downtown area was beautiful, but expensive. Same for my lobster roll.

What We’re Grateful For

1. EVERYTHING!! Grateful for the job, the opportunities presented, and so much more!

What We Loved

1. EVERYTHING!! The travel, the onsite experience, the new relationships built. All fun!

What We Learned

1. EVERYTHING!! Lots of fun, testing Mac, and so on.

What We Longed For

1. Not this time!

What We Loathed

1. Nothing!

Security Testing Journal Entry | w/e Friday November 29, 2024 - "Thanksgiving" Ed.

Highlights for the week

This was a short week full of a lot of amazing things. Work has been nothing short of spectacular, learning so much every single day. The most fun I had was writing the test reports and gaining more exposure to the process. Because the holidays are in full swing, I will keep this entry short by expressing what I'm thankful for.

What We’re Thankful For:

1. I would be remiss if I didn't start my list by saying that I'm eternally thankful for the Lord above and my grandma up in heaven watching down on our family. I believe she's heard my prayers and blessed our family with all the love she could give. Angels are definitely watching over us.
2. I'm eternally thankful for the job I have. It is nothing but prayers answered, wish fulfilled, and manifestation made real all rolled into one. I smile every day for the experience of working on the career of my dreams and being surrounded by brilliant people.
3. I'm blessed by having a wonderful family and loved ones. Sure wife and I are not where we should be, but we're not where we could have been .. divorced! Working on our reconnection is definitely a 2025 goal.
4. I'm also thankful for having a wonderful son who's been the best. Sure, he gets testy at times, but he's got me for a father and I know how I can be at times.
5. I'm thankful for mom, sister, and the rest of the family abroad. They are forever in my heart.
6. I'm most proud of myself. Through hardwork and discipline, I had the wherewithal to end the bullshit of hire/fire in a career I that wasn't me. I'm now determined to work my hardest in this new endeavor. No fuck ups! LEARN - DO GROW!

Security Testing Journal Entry | w/e Friday November 23, 2024 - "Cool, Calm, and Collected" Ed.

Highlights for the week

What a wonderful week it has been. Since last post, I've had tremendous opportunities to work with more co-workers, learn more about network penetration testing, and reporting. It was amazing to do all the things and learn. It never ends. Side note! I need to sign up for my CISSP Cert.

What We’re Grateful For

1. As always, beyond grateful to have a job that has been nothing short of all prayers answered. I will endeavor to make this the ultimate stop in my journey.
2. With the holidays around the corner, I'm grateful that I'm in the right mental and financial headspace to enjoy the holidays.
3. Love the family, at work and at home.

What We Loved

1. EVERYTHING! Work is awesome! Just saying I have a job is enough for me to be beyond grateful, but to have the right career pivot is immeasurable.

What We Learned

1. CISSP - Finished the book. Now its on to studying the "problematic" modules, then take another test.
2. Network Pen Testing - I learned more about tooling and process this week. I really really need to take a course in this.
3. Pen Test Reporting - Learned so much about the process and writing style. As much as I'm reading the work of others, I want my own voice. Theoretically, it should be the one voice of the company. That will take practice. The feedback was incredible.

What We Longed For

1. NOTHING! Been really good about time management and project delivery.

What We Loathed

1. I hated turning my report late. I own the delay based on the feedback given.

Security Testing Journal Entry | w/e Friday November 15, 2024 - "Extra CISSP-ie" Ed.

Highlights for the week

Had an awesome time this week. Got paired up with another pair of talented individuals who have really taken the time to teach me some things. I have a quick test with my manager that I'm looking forward to and I have been offered the idea of combining what I know with what I've done, mainly in the avenue of training. Intriguing prospect to say the least.

Also, CISSP training is over, but the fun has just begun. I have to circle back to the areas I was weak at and redo them. My goal is to take another test then the modules and if I get consistent 70% or better, I'm going to take the test.

What We’re Grateful For

1. Holidays are in full swing, and I'm super-grateful that I have a job and the resources to make things happen.
2. As always, grateful for an awesome family, awesome job, and everything in between.

What We Loved

1. Everything!

What We Learned

1. More Network Pen testing things. Picture is getting clearer with each engagement.
2. CISSP is over, and the cert training is in progress. Need to sign up to get certified.

What We Longed For

1. Nothing.

What We Loathed

1. Nothing this week.

Security Testing Journal Entry | w/e Friday November 8, 2024 - "Get workin' on Network'n" Ed.

Highlights for the week

Had a tremendous week full of learning, writing, and interviewing. Got to conduct my first onsite test, met my manager in person, and learned a lot more about network pentesting.

What We’re Grateful For

1. Just like I wrote last week, I'll never stop thanking the good lord for the wonderful job with wonderful people.
2. With the holidays in full swing, I'm ever grateful for having a wonderful family and the means to provide.

What We Loved

1. Looooved getting to work with my manager and conducting an onsite security assessment. Met some cool nurses too.
2. Loved working with a co-worker patient enough to teach me a little more about getting network pen testing scans started.
3. Thrilled that I got to write my first pentest report. The feedback was great.

What We Learned

1. CISSP is in the final throes. 1 more chapter and I'm done. Need to circle back on the weaker chapters.
2. Learned how to use recon-ng to perform OSINT on an IP.
3. Learned how to set up my first internal and external network scan.
4. Sent my first client communication.

What We Longed For

1. Nothing!

What We Loathed

1. Not really a loathe, but my project teammate was missing a bit and the project report is behind schedule by a bit. On a personal level, I don't have much to loathe.

Security Testing Journal Entry | w/e Friday November 1, 2024 - "Rabbit Rabbit" Ed.

Highlights for the week

Another week in the bag and I can't help but feel super-blessed. I have a mother who continues to be amazing, even if a bit overzealous with her affection. I have an awesome job where everyday ... EVERY DAY! ... I learn something. I'm blessed with an awesome wife who has a gift for event planning. We're on our way out to a "Dia De Los Muertos" event that follows on the heels of Halloween. And we live in a picturesque neighborhood straight out of a Norman Rockwell painting. The vibe was amazing.

As stated before, work continues to be a blessing. I'm so glad I'm not looking at it with rose-colored glasses, but I am loving every minute of it, the good and not-so-good (more on that later). Plus I'm traveling in a bit and working onsite with manager and co-workers. Tune in next week for more on that.

Of course ... rabbit rabbit! and the many blessings of having continued success and more importantly, not to f** it up.

What We’re Grateful For

1. As stated before, doubley blessed to have an amazing job. I don't think I will ever stop thanking God for this wonderful opportunity 15 years in the making.
2. Grateful to have an awesome family, food, good health, and so much more.
3. Grateful to have a mentor that continues to teach me things. I'm happily passing that knowledge on to others.

What We Loved

1. Loved my engagement. Network Pentesting continues to be a weak area, but the more I keep doing, the stronger I get. Same goes for reporting.

What We Learned

1. CISSP - Finished the section on testing and working through the section on security operations. Falling behind on the upcoming chapter, but I hope to be caught up by EOW. Too many fun family activities.
2. Learned a little more about external network pen testing process. Will be writing a blog on that shortly.

What We Longed For

1. As always, more time for studying and exercising. I will say waking up early and getting the day started after a workout has been amazing. Need to stay consistent.

What We Loathed

1. Fitness routine took a hit this week. My workout has been sporadic at best, but I can forgive myself since its holiday season.
2. Minor loathing, but one negative about my job has been the lack of training. I was paired with a great co-worker that has been absent most of the project. It took me reaching out to my mentor to fill in the gaps. I'm a day wiser, but not much else. Sooo glad I wrote up the report early.

Security Testing Journal Entry | w/e Friday October 18/25, 2024 - "Doc Doc" Ed.

Highlights for the week

I'm behind on posting. I was too busy last week and this week was uneventful at work. My routine lately is gym > study (1 hr.) > work > study (2 - 3 hrs) > sleep. Obviously time for eating, but my primary focus is CISSP. Not something I wanted, but I'll accept it. 2 months into my Cybersecurity career and I'm already tasked with earning my "black belt" .. epic!

What We’re Grateful For

1. Grateful for an awesome job with great paycheck and great people.
2. Grateful for an awesome family.
3. Grateful for good health.

What We Loved

1. I love that I get to wake up and have a job to look forward to.

What We Learned

1. CISSP - need to focus more on the Access Control List nuances, otherwise time is not on my side. Still need to take the mid-term.
2. Learning that some co-workers are not totally into teaching me the "how" of conducting a pen testing work, especially network. They're good at doing!

What We Longed For

1. 2 months into my career and I don't feel any smarter than when I started. The task of working through the documentation has been very informative. Calling that my OTJ.

What We Loathed

1. So far, I'm loathing the feeling of being un-prepared for the work I'm supposed to be doing.
2. On a personal, I'm hating myself for caving to temptations that I was rid of. I should ignore that little voice that wants a "peak" of the smut. I made it to they gym but I hijacked my sleep. Never again!

Security Testing Journal Entry | w/e Friday October 11, 2024 - "Collab, So Fab" Ed.

Highlights for the week

Another fun week in the bag. Spent my work week neck-deep in overhauling my job's internal documentation. Overall, it was a labor of love. In the process, I got to read about how things get truly done and learned some new things. Most importantly, I'm filling in the blanks regarding Network Pen Testing, an area I know I'm lacking.

The CISSP Chapters are long and tedious. Not hard, but definitely not totally easy. It comes down to a lot of information to absorb.

What We’re Grateful For

1. I love that I GET to have a job where I can collaborate with great people and learn new things.
2. I love that I GET to study for a certification. Its tough finding time and energy, but its awesome nonetheless!
3. I love that I GET to see my family happy. We're in the hole financially, but digging ourselves out with big shovels.

What We Loved

1. Loving the job more and more.

What We Learned

1. All things CISSP. Need to manage my time more effectively, but I'm squeezing what I can when I can.

What We Longed For

1. More time. Getting up at 5am to work out has proven beneficial .. when I wake up.

What We Loathed

1. Nothing loathesome except reddit posts that are at best, low effort.

Security Testing Journal Entry | w/e Friday October 4 , 2024 - "Quiet Week, Documents Galore" Ed.

Highlights for the week

It was a quiet week regarding testing, but that gave me an opportunity to work on documentation. I read through all of them and did a complete make-over. It taught me a lot. Next week three weeks is going to be a tremendous upswing. Lots of work on the horizon.

What We’re Grateful For

1. A great job with awesome people, making good money to get out from the credit card debt!
2. A loving family, as always!

What We Loved

1. Doing all things security.

What We Learned

1. Last week, it was all algorithms and cryptography (Asymm / Symm / PKI, etc.).

What We Longed For

1. For once, nothing to long for except more time and energy; perhaps a better memory to absorb all the knowledge.

What We Loathed

1. CISSP quizes are tough. I'm hovering at 70% passing rate. Not happy, but not broken up about it. It's all about the nuances of the question.

Security Testing Journal Entry | w/e Friday September 27, 2024 - "First 30 in Cybersecurity: Days Done!" Ed.

Highlights for the week

First 30 days in cybersecurity done and I've learned a quite a bit. The process of testing (from scope to reporting), and following up with clients is fundamental to consulting. I participated in my first desktop pen test which was interesting. The lead moved faster than I anticipated, but I did the best I could to capture what I could as far as notes.

What We’re Grateful For

1. Having an awesome job with great people. Always learning something new week to week.
2. Grateful there's still money available for food. This is helping offset the large bills coming my way
3. As always, my gratitude for family and friends will never go unmentioned.

What We Loved

1. Everything about the job so far. Need to keep to the commitment of doing well, asking questions, and tracking my work. I won't repeat the mistakes of the past.

What We Learned

1. CISSP - last week: Business Continuity, Disaster Response Planning, and more.
2. CISSP - this week: (playing catch-up) Criminal investigation, Cryptography, Code of Ethics / ISC2 Code of Conduct, and more.

What We Longed For

1. As always, more time. Balancing time with priorities is proving a challenge. But waking up at 5am to start the week has been rewarding.

What We Loathed

1. Nada!

Security Testing Journal Entry | w/e Friday September 21, 2024 - "Tempus Fugit" Ed.

Highlights for the week

This was an intense week. Trying to balance my priorities with work, personal, and wife's work schedule have proven to be a challenge. The consequence has been missing days at the gym. I'm finally over this little cold I picked up, but it seems highly probable I may have to start waking up early to optimize the most hours out of my day.

Along with learning the job, I'm tasking with training to get CISSP certified. I'm super-pumped I'm working through this, but it's happening at an accelerated pace and my time blocked for this is competing with other things. Not hard to make the time, but it is a rough go since I'm still learning the job.

What We’re Grateful For

1. Although my time is becoming more strained by the day, I'm grateful I get the opportunity to upskill and get certified.
2. I'm also grateful for the opportunity to be improving myself and my craft.
3. Grateful for finally having the means to get back to good graces. The road to becoming debt free is going to be a long one, but all is well.

What We Loved

1. Although it was a hectic week, I love my job!!

What We Learned

1. The importance of "voice" as it relates to reporting.
2. Learned about Security policies and Risk management. Lots of math involved in a proper Quant. Risk Assessment.

What We Longed For

1. More time!

What We Loathed

1. Nothing!

Security Testing Journal Entry | w/e Friday September 13, 2024 - "The Luck & The Learning" Ed.

Highlights for the week

Got to complete a draft of an official pen test report. I was an awesome experience being able to learn something new. The process is getting cemented more and more. I also got to sit with a colleague and work on their security assessment. It was awesome to learn what an SA is and how to provide proper feedback and collaborate on a document. Finally, I got help setting up my environment for mobile android pen testing. My goal of getting closer to learning about mobile pen testing is getting closer.

What We’re Grateful For

1. Had a pleasant lunch with wife .. let the healing commence.
2. Grateful for friends and amazing coworkers.
3. I get to wake up in a beautiful apartment, in a beautiful neighborhood, working at an amazing job.

What We Loved

1. Everything about the job so far! I'm off to a great start .. let's not f*** it up!!
2. Working with amazing people is bonus!

What We Learned

1. Learned the difference between a Security Assessment and Risk Assessment.
2. Learned that on an engagment better questions need to be asked in order to prevent late changes or missed priorities.

What We Longed For

1. Time. The days and weeks are moving along so fast. I have CISSP to look forward to.

What We Loathed

1. Nothing!!

Security Testing Journal Entry | w/e Friday September 6, 2024 - "1st Week In Cybersecurity" Ed.

Highlights for the week

Man, oh Man! What a week it has been. From last Tuesday on, it has been a whirlwind of learning, doing, and growing. Workplace onboarding has been a trip. Paired with a couple of brilliant people on a project. Learned a few things. Now on my second project, learned about an app that includes several features I've never been exposed to. The team I'm on specializes more in networking and wifi pen testing than web application. Which is a godsend to learn since my strength is in Web Apps.

What We’re Grateful For

1. Beyond grateful to have a mom willing to give me money. At the moment, I'm refusing it because I'm grown and should solve my own problems.
2. Grateful that wife found a job. She's grumpy about it, but it is necessary at the moment. I've heard this before.
3. Grateful for the job and the people I'm surrounded with. I get to learn a new thing.

What We Loved

1. My job now is mandating us to get certified. Never thought wanting to learn something new would be so cool!

What We Learned

1. Learned some interesting things about leveraging Burp Suite Pro to do some interesting things, including JWT Analysis.
2. Moving through my workplace's videos. Lots of content to digest, but fun.

What We Longed For

1. Nothing this week!

What We Loathed

1. Nothing this week!

Security Testing Journal Entry | w/e Friday September 1, 2024 - "Rabbit Rabbit" Ed.

Highlights for the week

A very heart-felt RABBIT RABBIT! ... where speaking out the words will help manifest your desires. So far, mission accomplished.

A very solid week this week as I've completed my first four days of onboarding at my job job as Security Consultant. It felt great to finally be in the place I've been praying for all this time. After 23 months, it feels so good to finally say I have a job. Imposter Syndrome is trying to creep in, but I remind myself to welcome the challenge, embrace the fact I don't know, and be humble enough to ask. The people I work with are just amazing; Happy vibes all around.

What We’re Grateful For

1. Prayers answered .. kept the faith and stayed consistent to what I wanted to achieve.
2. I needed these last 2 years to really sit with myself and fix what was failing. The loop of failing forward needed to end. I want to endure and thrive.
3. Grateful for friends who were there with me in the dark times and celebrated my win.

What We Loved

1. Finally landing the job I've been praying for and pivoting into the career of my dreams.

What We Learned

1. All learnings paused for the purposes of work.

What We Longed For

1. No real longings this week from a professional stand point.

What We Loathed

1. Nothing negative to report this week.

Security Testing Journal Entry | w/e Friday August 23, 2024 - "IT FINALLY HAPPENED" Ed.

Highlights for the week

Epic Highlight of this week ... after waiting for nearly 2 weeks, the job offer came and it is official .. I have a job. Not just any job, but the job. I will be a Security Consultant Level-1. I presume that puts me one notch above absolute newb, but it also means I have to come correct. The opportunity is everything I want, stem to stern. Which is probably why I feel so terrified.

On the one hand, I've been spending the last 2 years of unemployment focused on pivoting out of QA. I never wanted to get into software testing, and was beginning to develop a long standing frustration for it. Automation was a great feather in the cap as it made me a little more employable. But there was an inner resentment that I just couldn't shake. My last employer was phenomenal beyond words. I worked with amazing people doing something really cool. The pay was perfect. That I was on placed on a PIP (for the 3rd time in my career) meant the job was headed in a direction incongruent with how it started. Security was always top-of-mind and made sure no matter what the role, it was included. I feel as prepared as I'll ever be in that regard.

On the other hand, I feel the onset of unpreparedness creeping in. Like I'm about to take a test and studied from the wrong book. There's a lot that I'm comfortable with, but there's a lot I still don't know. This is both exciting and terrifying. I'm not worried about failing. I'm worried I just won't perform to the expectation becoming the position. Which is incentivizing to really go hard and do better than ever.

In either case, I just don't want this to be Lucy pulling the proverbial football (opportunity) from me last minute. I want to crush this.

What We’re Grateful For

1. It took 2 years of unemployment to finally come face-to-face with the stupid sh** I'd done for the past 15. I never imagined being grateful for being broke and without work, but these past 23 months taught me a lot more than any therapist ever could. My "Husb." story is the output of those lessons, where I am confronted with my own self, forced to own my failures, and finally fix the bugs in my personality. I have a ways to go, but I'm not the person I was 2 years ago. For that, I am grateful.

What We Loved

1. Having a mentor was necessary. I wasn't leveraging him for a job, but that a job manifested itself by way of his connection was amazing! God put some amazing people in my path for a reason.
2. The one big thing I loved about this entire experience was not caving in and losing my mind. I did have a near slip and was at my lowest. I sat at my desk and had a cry. Something I hadn't done since my grandma's funeral. I was down. I was done. I needed to purge all of that out and get my mind right. The video of that dude broke me. I pray he's in a much better place.

What We Learned

1. GraphQL - I learned I was in way over my head. I tried to hop on testing Blue Apron's GQL site and found it a daunting task. Meeting with my mentor confirmed that.
2. SQL - Near-complete with the modules, but I've come a long way towards refreshing a lot of what I had learned back in DeVry along with some new skills.
3. Pen Testing - actually paused due to my new job. I'll probably revisit the learnings in the future.
4. "Husb." - its at twilight. Have to face my 40s.

What We Longed For

1. I can say with all joy, I've not longed for anything ... 'cept maybe a good wife! But that just might be a reflection of what I've been putting out. Time to fix that!!

What We Loathed

1. The Job Market in 2024 - An absolute dumpster fire.

Security Testing Journal Entry | w/e Friday August 16, 2024 - "Waiting & waiting & ... " Ed.

Highlights for the week

Follow up to my wonderful news from the week before, an offer letter that was promised would come my way is overdue by 5 days. Not mad, but definitely back down to earth as far as elation is concerned. I waited 15 years and 23 months for this life-changing opportunity. More on that as the news presents itself.

What We’re Grateful For

1. Grateful for the news that I might be hired ... the opportunity is still a dream!
2. Grateful for the U-test platform as it presented several amazing projects. More on the moderation below.
3. Grateful for the opportunity to donate blood and help make a difference.

What We Loved

1. Loved that the week went by with no more hostility between wife and I.
2. Loved that Secure Ideas found me and considered me for employment.

What We Learned

1. SQL - Nested queries. Super-behind the module due to more extenuating priorities.
2. U-Test - took the brunt of my time as several projects came into my queue and kept me occupied for the better part of the week.
3. Bug Bounties - paused!
4. Automation Practice - paused!
5. "Husb." - paused!

What We Longed For

1. A paycheck, and more time.

What We Loathed

1. U-test moderators were, without a doubt, the worst. The one TE never gave me the opportunity to contest issues. He simply discarded them w/o mention.

Security Testing Journal Entry | w/e Friday August 9, 2024 - "Wonderful Day" Ed.

Highlights for the week

WHAT A WONDERFUL DAY!!

Indeed it has been an amazing week capped off by what is, quite practically, the most spectacular news ever. More on that as I get word, but we're not just talking a new chapter. It's a whole new book! And the opportunity this new phase brings means a lot about me has got to change for the better. So far, we're almost there with the consistency at the gym, decent eating, and discipline with studies. Now we have to focus on improving "me" and my relationship with everyone around me. The sacrifice was falling behind on a few personal projects.

What We’re Grateful For

1. Grateful for the start of a brand new career path.
2. Grateful to have had the means to stay above water. Credit card debt is through the roof, but it was a necessary evil.
3. Grateful to have steaky meals, a comfy bed, and welcoming roof over my head. I pray this for all homeless and destitute peoples everywhere.

What We Loved

1. Love that wife and I are at peace again. The raging fire is now a smoldering pile of ash. Need to stamp that out once and for all. New me!!
2. Loved everything about my call on friday and having a mentor that put in a good word was just the right ticket for me to get on to a new path.

What We Learned

1. U-Test - 2 new U-test cycles, 1 web, 1 mobile, both fun!
2. Coursera - Need to revisit nested queries when I'm more alert. A little behind with this week's module.
3. GraphQL - Superbehind. I need to block out Sunday or Monday just to finish. Otherwise, it's Tuesday.
4. Bug Bounty - I finished Blue Apron last week, have yet to start another. NBD as the U-Test cycles took precedence.
5. "Husb ..." another exciting chapter finished. Part III is fast approaching.

What We Longed For

1. Nothing. I may have finally willed my good job, with awesome people, doing amazing things .. into existence.

What We Loathed

1. Recruitment process is by-and-large, the worst it has ever been.
2. Credit Card debt. I'm just to where I was with student loans, such is the necessity of keeping a roof over our heads.

Security Testing Journal Entry | w/e Friday August 2, 2024 - "23 Months - Nòt Güd" Ed.

Highlights for the week

Celebrating the super-small wins this week, because lord knows! There haven't been many.

One such win: after some dedicated time, I've learned a bit more about testing Salesforce. In the midst of completing SQL refresher.

Need to quit procrastinating and finish the API Python test framework.

Another win - Finally started bug bounty journey. Gonna figure this thing out.

What We’re Grateful For

1. Good health and SNAP
2. Mom and sis
3. Lorenzo being there in a pinch!

What We Loved

1. The results of my PPL workout were amazing. If I had proper weights and a better diet, who knows. I modded the schedule a little and it worked.
2. Loved the turn-around time from U-test onsite testing to getting paid. More to come

What We Learned

1. Blue Apron Bug Bounty in effect; gonna take a stab at their GraphQL
2. SQL Refresher - Learning the basics. Looking forward to the intermediate, then using python
3. Salesforce - Finally found reliable content with which to learn the basics. Still need to learn how to test things
4. Automation - paused!
5. GraphQL - Finally understand how to elicit simple XSS attacks; Learned how to employ OWASP API Top 10 for queries; Need mentoring
6. "Husb" - Chapter 30 and the showdowns are all but over. Peace and redemption on the horizon

What We Longed For

1. A great job working with great people, making good $$/benefits, doing cool sh***
2. Need to read more.
3. Need to finally learn type script - maybe this is the week

What We Loathed

1. U-Test .. but I blame myself, mostly
2. Closing in on 23 months UE -- yikes!
3. Rent is late; bills gonna be tight
4. Nothing happing w. jobs
5. Needing to borrow money from son - humiliating beyond words

Security Testing Journal Entry | w/e Friday July 26, 2024 - "Nearing Insolvency" Ed.

Highlights for the week

New job applied to - Daxko - no rejection, but no movement yet, so hope remains. Started a new bug bounty program - testing the "Blue Apron" site. Strict scope, but I'm going throught the motions of a full security audit.

Some sub-stellar achievements

New u-test campaign: bombed the ticket portion, could not find any bugs in the selected browser. After some soul searching, its best that I REVIEW my steps taken, REASSESS my process, and RETRY .. because that is all I can do. I'm not a failure.

Blogging on Medium is not getting as much traction as I hoped. I'll keep grinding, but I don't want to be a content monkey nor do I want to be writing for the "likes".

What We’re Grateful For

1. Food, Shelter, and Good Health
2. A loving mom who keeps giving more than getting
3. An awesome family, despite a spouse who is super-pissed off and at the point where divorce is imminent

What We Loved

1. Not a lot ... it was a rough week!

What We Learned

1. Coursera - Started SQL fundamentals.
2. YouTube - Learning Salesforce QA
3. YouTube(2) - Learning GraphQL Pen Testing
4. Bug Bounties - Started on "Blue Apron"
5. Automation - finally started on refactoring Security API Automation tests
6. "Husb" - showdown in progress

What We Longed For

1. As always: a good job, with great pay and benefits, working with cool people, doing awesome things!

What We Loathed

1. Job search has now expanded to include food service (ugg!)
2. Getting consistent rejections without so much as an attempt to interview
3. Spent the back-half of the week w/o hot water ... it was a rough four days

Security Testing Journal Entry | w/e Friday July 19, 2024 - "Critical Failure Imminent" Ed.

Highlights for the week

The Good! Applied to a job via referal from slack - fingers crossed. Signed up to bug bounties and hoping to get started with that.

The Bad! Former president nearly got shot, current president is sick with COVID, and on Friday a near-global outage occurred caused by a cybersecurity EDR impacting Microsoft Windows users. Personally speaking: below $200 from being broke, zero job response, needing to borrow from son for some bills; rent will be late.

The Ugly! Spouse remains extremely pissed; thinking this time we're done done. Had to chase after a restaurant job I'm not too proud to take (no word). Had a moment where I broke down and cried; it's bad, losing the job and partner.

What We’re Grateful For

1. Still kickin' it
2. Still have food in the fridge
3. Still have a roof over our heads

What We Loved

1. The kindness of strangers sending me a referral to a great job
2. Friends reaching out .. its always good to have people looking out

What We Learned

1. Pen Testing (1) - Altoro - Finished pen test
2. Pen Testing (2) - About to start bug bounties
3. U-Test - Finished First U-Test cycle; as expected had to push back on a ticket. A 2nd one is on-deck.
4. GraphQL - Dragging ass with GraphQL
5. API tests in Security Repo - in progress
6. "Husb ..." near the epic showdown

What We Longed For

1. A good job; good pay/benefits; good people

What We Loathed

1. Being blamed for something that is entirely not my fault
2. Getting rejected for having insufficient experience; yet no opportunities abound to acquire said experience
3. The entire job market

Security Testing Journal Entry | w/e Friday July 12, 2024 - "Low Point" Ed.

Highlights for the week

Not a lot of good to report this week. Fully recoverd from the loss of the job opportunity of two weeks ago, but in the dog house, yet again .. yay! And it wasn't even my fault.

A cool thing worth noting was my participation in a Blue-Team oriented CTF. There were a lot of fun but tough challenges. In the end, I scored a decent amount of points. It only cost me a VM that I've got to rebuild (again!).

What We’re Grateful For

1. Grateful for having a partner, even when she's upset at me (when I wasn't wrong)
2. Grateful for having my son be on my side, and seeing that his dad was not wrong
3. Grateful for not being wrong and disallowing myself to feel hurt by her insults and kept a cool head

What We Loved

1. Not a lot to love this week.

What We Learned

1. Level Effect Cyber Defense CTF - Learned a surprising amount. Was also pleasantly surprised by how much I actually did know.
2. U-Test - Finally got around to signing up for a practice test cycle in U-Test for $$ - starting this on Monday
3. Cybrary - Completed the Pen Testing course and earned the "certificate of completion." Overall, the learning was mostly focused on prep for the OSCP.
4. GraphQL - Paused for the CTF.
5. Automation - Spent an entire afternoon trying to repair my mobile + WebdriverIO test repo. At the moment it's not working at all. Issue is beyond my control.
6. Pen Test - Finished Recon step in pen test. On to CONFIGURATION & DEPLOYMENT MANAGEMENT TESTING
7. Medium - Vulnerability Assessment (paused!)
8. "Husb..." - climactic showdown for chapters 27 - 29. Having tons of fun writing these out.

What We Longed For

1. A JOB!! Plain and simple. Coming up on 22 months since my last paycheck. Really really bad!!

What We Loathed

1. This job market. Worst ever!

Security Testing Journal Entry | w/e Friday July 5, 2024 - "Independence Day" Ed.

Highlights for the week

Welp! That happened ... Ghosted after two weeks.

It was 10 solid business days since my last interview for an awesome job. 336 hours since I last heard from the recruiter. The radio silence was too much. So it took me sending an e-mail asking about the status of my application to learn they went with someone else. What followed was a mix of emotions from sadness to frustration, even anger and disappointment. Had the news came sooner, I could have handled it better. Waiting two weeks was especially cruel. Hoping for a "yes" was the worst.

But I felt something in the pit of my stomach that let me know I didn't get it. The feeling was something similar to when you're standing in an elevator and the car suddenly drops.

Wife and I had been mapping out what the promise of that salary might bring after the first week. By the close of the second, the feeling of hope turned into despair. The opportunities are drying up. And the longer I'm out of work, the harder it is to get back in, making for a perpetual motion machine of insecurity. I have no plan-b! This job prospect was it. It pays to be a winner, and I've yet to win .. so what does that make me?

What We’re Grateful For

1. Grateful that I get to sit here and write this, with a roof over my head and a full 'fridge.
2. I get to enjoy working out and a nice shower afterwards.
3. I get to sleep on a proper mattress, in my apartment, in a great neighborhood.
4. Grateful that I have my smart wife providing some possible ideas for problem resolution. I need to do better; be better!

What We Loved

1. Not a lot to love this week. It's been tough.

What We Learned

1. Cybrary - finished modules 9 and 10; Onto 11: the reporting.
2. GraphQL - playing with the queries for mutations.
3. Pen Testing - started a new test for a banking app
4. Medium - blogging about Threat Modeling
5. "Husb .." - nearing the end; have come to the climactic show down amongst all the characters

What We Longed For

1. As always, longing for a decent job with great pay/benefits, great people, doing awesome things.

What We Loathed

1. Ghosting! By far, the most purile of behaviors exhibited by recruiters. They need to learn to put their feelings aside and let candidates know when the decision to move on occurs.

Security Testing Journal Entry | w/e Friday June 28, 2024 - "The Waiting Game, pt 2" Ed.

Highlights for the week

1 week in the bag .. still waiting. No news is good news, I suppose! I hear the horror stories about people getting ghosted after final interviews and my anxiety level is through the roof. 22 long months now and this is the closest to the best situation I've come across. I keep hope alive, but the reality is after this week's round of bills, there's nothing left.

Big Oof! Pinged hiring mgr while he was on vacay, but I was never informed so ... We connected and he was ok with it.

Second Oof! angered the spouse by making a judgment call - lesson learned (don't leave the house w/o wallet & food card). Ffwd a few days and everything cooled down. Out of the dog house.

What We’re Grateful For

1. Grateful for another week that I get to enjoy the comforts of food and shelter.
2. Grateful that I'm physically able to make things happen and get things done!
3. Can't express enough gratitude for having a wonderful family. I need to be a better son and brother.

What We Loved

1. Loved getting done with the Burp Suite GraphQL module then finding a site that allows for extended practice.

What We Learned

1. Burp Suite - Finished GraphQL labs. Def. Need more practice;
2. Cybrary - Finished module 8 & moving through 9
3. HackerRank gets an honorable mention as I learned about using textwrap to solve a problem (i got stuck and peeked at the answer, learned something new). https://www.geeksforgeeks.org/textwrap-text-wrapping-filling-python/
4. "Husb .." tbd

What We Longed For

1. As mentioned before, I'm longing to hear back from the job. At this point, I'm ready for the bad news. No news is good news, but no news is also nerve-wracking. At least rejection brings the matter to resolution.

What We Loathed

1. Recruiter ghosting ... which I will declare as much after Wednesday.

Security Testing Journal Entry | w/e Friday June 21, 2024 - "The Waiting Game" Ed.

Highlights for the week

Big wins this week. Completed 5th round of interview and everything went well. Now, the wait begins!! Come what may, It was a fluid process and I met some cool people.

What We’re Grateful For ...

1. Grateful to have another week full of hope
2. Much appreciation to wife for all she's done
3. Proud of us as couple NOT fighting over finances, but coming together, budgeting, and collaborating with funds
4. Getting the opportunity meet n' greet a company that fits everything I've been looking for

What We Loved

1. As stated earlier, the fact I was even presented with the ideal opportunity is a win. I interviewed and advanced quickly to the final stages. All appendages crossed!

What We Learned

1. Burp Suite - Learning about graphQL this week. Amazing things so far. Can't wait to hit their Labs
2. Cybrary - Finally finished Module 5 and 6, and midway through 7. I may want to revisit metasploit soon.
3. Pen Test - Finished "Royal Security Services" Pen Test. I compeleted the report, but more importantly, actively built out the automation suite. Works like a charm!
4. "Husb..." - moving through Chapter 27. I really need to wrap this baby up and get back to my real book.

What We Longed For

1. Feedback from the interview is the thing I'm waiting for at the moment. I give myself a strong B+. I could have been better with the technical/coding portion.

What We Loathed

1. Waiting! I'm just really bad at not having an ETA or plain silence after a successful process. It's more of a "me" problem than them.

Security Testing Journal Entry | w/e Friday June 14, 2024 - "Big Gemini Energy" Ed.

Highlights for the week

HUGE NEWS! This week as I've been moving along through the interview process for a QA Specialist role at a Consultancy. Great pay, with seemingly cool people, working on an awesome product. No word on acceptance yet as I have to make 1 more interview. Overall, dare I say: Prayers answered!

Big gemini energy this week as the birthday/father's day falls on the same day. Enjoying both as I've decided to take the weekend off from the gym.

What We’re Grateful For

1. Grateful for a loving wife. We managed to get through these dark times without being at each other's throat. On the same page regarding finances.
2. Gratful for a wonderful mom who gave me a lot more $$ for my birthday than I was expecting.
3. Grateful for fatherhood, both being a dad and understanding what it takes to be a dad (we don't always get it right, but we try).

What We Loved

1. The promise of a new job is truly what I've been loving most this past week.
2. The Cybrary course has been really eye-opening. Learning something new every day.

What We Learned

1. Cybrary - Learned some invaluable lessons with LFI/RFI and File upload vulnerabilities that I hadn't known before.
2. Burp Suite - pivoting off of the Race conditions and onto GraphQL. That seems more relevant.
3. Automation - some light work with mobile; finally getting around to learning JAVA with Playwright; Security suite is coming along nicely.
4. "Husb..." - exciting chapter as we get to learn about the founder of the Order. The story ballooned.
5. Medium Blogging - I'm going to start ramping up the "Security 4 N0obs series" and catalog my journey better.

What We Longed For

1. Really truly hoping to hear something soon. I'm in the red with finances.

What We Loathed

1. Nothing this week. Rejection letters don't phase me any more.

Security Testing Journal Entry | w/e Friday June 7th, 2024 - "Tech Interview Fears Conquored" Ed.

Highlights for the week

So this week was the tech interview and boy-howdie! how I prepared. I got on the code path and just went at it daily. As much as I prepared, I was still nervous the night before. On the day of, I was a little anxious, more so because of how much it mattered and not for how I was going to do. Interviewers were pleasant and cool people.

How I think I did on the tech interview:

1. Overall: B+
2. Attitude: A
3. Aptitude: B

What I did right:

1. Overall, I was proud of myself for overcoming my fears and ineptitude and doing well with the coding exercises
2. I demonstrated understanding of some core concepts
3. I spoke at length of tech. arch., and testing principles
4. I was asked about security and did the best I could not to ramble

Where I should have done better:

1. I got asked to sketch out a web architecture and mapped out an e-commerce app. It could have been better
2. I have no bkgd in FinTech so that might be points against
3. I needed to have spent more time understanding the "why" of feature to code tests better (missed the copy that showed a formula that was part of the output
4. Page objects were not declared properly - I use POM and there were errors thrown with how I declared them in the test
5. I jumped right into the code without really understanding the scope of the feature .. but it worked to my advantage since the tech issues impacted time
6. I was asked about using Cucumber and expressed my opinion on it as "cumbersome" which might be a strike since its what is used for the backend

What We’re Grateful For

1. Grateful that I am healthy and capable
2. Grateful that I get to have a roof over my head, a full 'fridge, and a loving home
3. Grateful for a wonderful wife, son, and family
4. Grateful for the opportunity to make it to the tech interview of a potential great employer

What We Loved

1. Preparation for the tech interview. Did as well as I could

What We Learned

1. Cybrary - learned a few new techniques with Pen Testing for SQL Injection; On to LFI
2. Royal Security Pen Test - "paused" .. the priority was the job interview!
3. Automation w. Appium - coded a few tests for android
4. Automation w. Playwright/JS - several tests for different components to help practice for interview
5. "Husb ..." - new chapter leading up to a major conflict; 2 new 'sisters' and origins .. fun!
6. Burp Suite - Race Condition: paused! Shall resume this weekend, or next week
7. Been practicing hackerrank for fun .. and as a way of overcoming my incompetence {GET SOME!}

What We Longed For

1. As always, a good job, with good pay and benefits, working with cool people, doing cool things [Consultancy feels like the right move!]

What We Loathed

1. Anxiety and overlooking the obvious because of nerves

Security Testing Journal Entry | w/e Friday May 31, 2024 - "Prayers Answered (somewhat)" Ed.

Highlights for the week

Big time highlight of the week: Landed 3rd round for a consulting company in lower NYC. Finance industry, great pay, great people, doing something awesome! Let's not f** this up!

What We’re Grateful For

1. Grateful for a wonderful family .. as always.
2. Grateful to have the means to make it another month with the bills paid.
3. Grateful for Slack and network connections. This lead to a new job opportunity {all appendages crossed!}.

What We Loved

1. Mentee (France) has strong PM/BA experience; amazing culture regarding Indian marital customs.
2. Mentee (US) has reached A+ status; progressing with GRC.

What We Learned

1. Cybrary - SQL injection w/o using SQLMap - enumerating site with union select.
2. Playwright w. Python security framework is progressing nicely.
3. Playwright w. Javascript -- must practice.
4. Burp Suite - Race Conditions: paused.
5. "Husb ..." back on with another exciting chapter.

What We Longed For

1. As always ... a decent paycheck. 17 months of unemployment is no way to live life.

What We Loathed

1. Ghost jobs! Literally the worst thing ever is seeing a job you know you can do and not hear back from recruiters.

Security Testing Journal Entry | w/e Friday May 24, 2024 - "So Many Ideas, So Little Time" Ed.

Highlights for the week

Quick note this week to express the excitement and enthusiasm for work done. Going to keep it short & sweet, but there's alot to be rejoicing in.

What We’re Grateful For

1. Another week that I'm grateful for new connections on slack - potential job lead!
2. Grateful for another on-site opportunity - easy money!
3. Super-excited for the experience of mentorship - watching them shine is all the joy one could ask for!

What We Loved

1. Progress on the security framework - I mean, wow!

What We Learned

1. Appium Automation - got the iOS tests purring!
2. Security Automation - the clean up has started. Leveraging Allure for results ... looks amazing!
3. Cybrary WAPT - Finally finished the enumeration module for distinct protocols. I really need to get back to Metasploit and learn Hydra!
4. Burp Suite - Race Condition module. It's coming along, but finding it a bit tedious. Will grind through it.
5. "Husb ..." - baby step forward. Gotta wrap up this story soon. It ballooned in an amazing manner.

What We Longed For

1. I'll keep saying it .. a good job, with great people, doing cool sh**, for great pay and benefits

What We Loathed

1. It's been a positive week ... nothing really worth writing about

Security Testing Journal Entry | w/e Friday May 17, 2024 - "Dankful" Ed.

Highlights for the week

As it happens, this was a great week full of a bunch of small wins coupled together. Sure the job hunt continues, but there's a lot to be hopeful about.

What We’re Grateful For

1. Having friends in important places to provide meaningful feedback.
2. Having a mentor also providing great feedback.
3. Having a roof over my head, food in the 'fridge, and a bed to sleep on.
4. Grateful to have the energy to make it another weak UE.

What We Loved

1. As always: the small wins, the grind, and the persistence to push through the hardwork, even when it feels frustrating at times.
2. Looking forward to this week's onsite test.

What We Learned

1. Automation, pt. 1 - Appium with Pytest: It took a couple of days and several hours of research before finally putting together a comprehensive suite for testing android and ios apps on mobile. On to the testing! Blog in the works!!
2. Automation, pt.2 - Successfully migrating security tests to new repo. Now for the tedius decoupling from the target project to make it more portable.
3. Pen Testing - moving through my current project, but going through Cybrary lecture. Learned some really interesting things. More to come.

What We Longed For

1. A good job
2. More time! My writing has taken a back seat to ongoing projects and shifting priorities.

What We Loathed

1. Lack of response from jobs I've applied to. The grind is getting old!
2. Trolls on reddit! Getting downvoted for being right and contesting a crap statement is the worst thing about that forum.

Security Testing Journal Entry | w/e Friday May 10, 2024 - "Mother's Day" Ed.

Highlights for the week

Another cool on-site test engagement this weekend. Pretty excited about that. Security automation tests in python - the project is coming along nicely. Seeing my mentee accomplish another interview .. amazing!!

What We’re Grateful For

1. As I've stated before, always grateful for health, a roof, bed, family
2. Grateful that I get to wake up and tackle the day head-on
3. Grateful to be constantly learning

What We Loved

1. A new pen test engagement .. always fun. Grinding one day, one test at a time!

What We Learned

1. Cybrary - Pen Testing: Thought it was going to be a waste of time .. boy how wrong I was. Learned some fun things.
2. U-Test: Learned a little about API testing and more.
3. Automation: Azure {paused; trial expired}. Security + Python - working like a charm
4. Burp Suite: Fell behind on "Race Condition" tests. Need to finish next week.

What We Longed For

1. As always, need that good job

What We Loathed

1. Lack of response from recruiters. They reached out to me, I responded, then crickets!

Security Testing Journal Entry | w/e Friday May 3, 2024 - "May the 4th Be With You .. Always!" Ed.

Highlights for the week

Mildly uneventful week. Managed to complete another pen test, completed the refactor of API security tests, and kicked off a campaign to automate some manual pen tests. Overall, a pretty good week.

What We’re Grateful For

1. Happy that I got to add another pod/live stream to my menu, this one deals with Cybersecurity news!
2. Grateful for good health and well-being
3. Grateful to have a full refrigerator (despite the absence of income)
4. Grateful for another month with a roof over my head
5. Thankful that a recruiter reached out to me and forwarded my application (finger's crossed)

What We Loved

1. Mom's birthday - we're talking. She still has yet to acknowledge what she's done, but I'm not one to hold grudges.
2. May is great for "Star Wars Nerds" (5/4) and Cinco De Mayo! As well as Mother's Day!

What We Learned

1. Automation - Learned to refactor API tests using Clients and improved syntax
2. Automation - Learned to write automation tests for DOM-Based XSS and Stored XSS .. more to come
3. Security - completed OrangeHRM Pen Test. Really happy with how the report looks and the progress made. Next week - mobiles!
4. "Husb..." - another week gone and no writing done. Gotta fix that and finish this.

What We Longed For

1. Need a job

What We Loathed

1. The lack of a job

Security Testing Journal Entry | w/e Friday April 26, 2024 - "Spring Cleaning & Healing" Ed.

Highlights for the week

Stepping out of my comfy zone to post about a project, warts & all (lesson - have your ducks in a row); tested IOT devices - awesome!; learned iOS Mobile (lesson - need to improve lab); Part of my personal spring cleaning (see "What we learned)

What We’re Grateful For

1. Gratful the moon woke me up early, which meant I got a good night's sleep and feel awesome! Was also productive
2. Grateful for having a roof over my head, a full fridge, and good health
3. Grateful to be humbled by learning new things and making rookie mistakes
4. Grateful for meeting my personal, professional, and fitness goals this past month!

What We Loved

1. New opportunities testing IOT devices

What We Learned

1. Learning to take action, especially when its difficult or challenging .. may result in a win or not!
2. Learning to get rid of limiting beliefs & pick up affirmations
3. Working on getting rid of old habits & pick up new "good" ones
4. Tough week for getting anything done. Pen testing is behind schedule.
5. Finally got Azure working. Learned there was a request that needed to be made, probably to prevent bit mining.
6. Posted API security automation test and was met with some great (humbling) feedback. Note to self - make sure to be 100% perfect before going live!
7. Spent last weekend with iOS DIVA. Need to set up my framework to test better.
8. "Husb ..." {paused} -- been a hectic, productive week for QA testing

What We Longed For

1. I said it last week, and I'll probably keep saying it ... a good job, with great pay and benefits, working with cool people, doing cool sh**

What We Loathed

1. Unemployment sucks!
2. Ghost jobs suck!
3. Feeling like I'm never going to get a job ... definitely sucks!

Security Testing Journal Entry | w/e Friday April 19, 2024 - "Connections, Old & New" Ed.

Highlights for the week

Made a new connection, have similar career paths; helped an old connection w. work; mentee is frustrated; gratitdue section to template

What We’re Grateful For

1. Happy that my wife & child are in good health
2. Grateful to have stamina and good health to work out
3. Happy that I get to have a great pair of mentees
4. Thrilled that, while I'm not working, I get to work on what I want to do with my career

What We Loved

1. Finally got Android and iOS DVA working. Successfully finished Android, on to iOS!
2. Also getting around to API Security Testing

What We Learned

1. Blogging - building an audience is goign to take time, but I'm proud of the work
2. Android Pen Testing
3. iOS Pen Testing (in progress)
4. API Pen Testing - managed to successfully complete 9 of 10 tests. The 10th didn't apply.
5. Web App Pen Testing (in progress) ... pushed to next week, maybe longer!
6. Azure DevOps - blocked! Sent request for parallelized testing
7. U-Test - Voice Assistant Testing; PII; Capture Crash logs on iOS/Android devices
8. "Husb..." - need to wrap this sucker up and get back to the real book

What We Longed For

1. As always: a proper job, pay, benefits, cool people, great location

What We Loathed

1. Nothing much to be angry about. Keeping it positive!

Security Testing Journal Entry | w/e Friday April 12, 2024 - "Eclipse" Ed.

Highlights for the week

This week was a mixed bag of highs and lows. A couple of notable highs include a solar eclipse that happened at the top of the week, and a 4.8 earthquake that shook my desk for a few seconds.

Some lows include having to turn down a TesterWork job. Not sure how long I'm keeping them, but until I land a job, I'll have to play the game. Another low was the struggle to get my ios app pen testing environment up. That took up most of my Thursday, and ate into my other tasks.

What We Loved

1. A big win! Finished another pen test. Sent that draft to my mentor for review, waiting on feedback.
2. Another win! Got my environment set up to do mobile app testing.
3. Loving the results of my workout. Need to eat better, but seeing some progress.

What We Learned

1. Automation - Finished Cypress and jumped back into playwright with python, finished automation for that form.
2. U-test - finished modules regarding testing, tickets, and capturing the evidence.
3. Azure DevOps - tried to deploy my project but got blocked by the need for a subscription. Will revisit again next week.

What We Longed For

1. As always, patiently wating for that job. ZERO - jobs applied to this week.
2. "Husb ..." - didn't get much writing done this week! Longing for more time. Priorities took up most of the week.

What We Loathed

1. Need to get more disciplined. Been procrastinating a teenie bit.

Security Testing Journal Entry | w/e Friday April 5, 2024 - "Pr-Eclipse" Ed.

Highlights for the week

So yeah! We are having an eclipse on 4/8. There was also a 4.8 earthquake on Friday (the day of this journal entry). Thankfully, no one in the family is hurt and there was no damage to anything anywhere. Other than that, a fairly quiet week. Not a lot to report.

What We Loved

1. Another successful week of learnings.

What We Learned

1. Linked In Learning: Completed OWASP-Top 10.
2. Linked In Learning: Completed Threat Modeling fundamentals
3. U-Test: Signed up and started some of their tutorials. I feel like there's an issue with their "Bug Report" practice module.
4. RemoWork: Deleted that account. Nothing came out of it.
5. Azure DevOps: Finished the modules. Need to deploy my practice site.
6. Cypress: Need to finish some front-end tests. Need to play with the API tests
7. "Husb...": New chapter around D's origins.

What We Longed For

1. As always: a good job, a good paycheck, working with great people

What We Loathed

1. Phoniness on social media, namely linked in. You go and help people, no kind of a "thank you!"

Security Testing Journal Entry | w/e Friday March 29, 2024 - "Easter Week" Ed.

Highlights for the week

This past 40 days of Lent commemorates the end days of our savior Jesus Christ. We honor his life, death, and resurrection. More importantly, we honor his mission on earth. The message was simple, "love each other as I love you." That is to say, unconditional, forgiving, and without pretext. Cheers!

In other news, had a brilliant study session with my mentee. Achievement Unlocked! Another pen test completed.

Oh! Let me not forget, my mentor forwarded my resume to someone within his company. Same one I interviewed last time .. and lost. Stay tuned! Hoping my luck changes.

What We Loved

1. Mentee-1 - As always, worked with one mentee to improve her resume.
2. Mentee-2 - Worked with my other mentee to get her better prepared with her studies.

What We Learned

1. Automation (Web) - learned that Cypress discontinued support for xpath. That being said, somehow, things are working again.
2. Automation (iOS) - Finished XCUI iOS tests. Refactor .. tbd!
3. QA - Completed a ton of QA related activities, like test plan, test scenarios, risk analysis, requirements traceability, testing, and reporting.
4. Pen Test - completed the security audit and wrote up the report. On to the next one ... love this :)
5. Linked In Learning - Learned how to use Azure DevOps and deploy a project to that CI. Next week, I'm going to try deployment with the project.
6. Cult.ure - "paused"; "Husb..." - in the final chapters of the story that ballooned over the past two months. Love it :)
7. UTest - Signed up for remote work with new site. Next week - onboarding
8. TesterWork - Opted out of one campaign that required being "ON" for seven days; Signed up for another .. who knows how much longer I will keep this one

What We Longed For

1. It was a bummer that I didn't land the job. Every rejection is a redirection!

What We Loathed

1. UNEMPLOYMENT - 545 days since my last paycheck! Rejections galore. It's possible most of these jobs listed are not even real!
2. RemoTask - not sure how much longer I'm going to keep this profile active. I haven't completed the onboarding because they want a profile pic to verify id .. sketchy!

Security Testing Journal Entry | w/e Friday March 22, 2024 - "Gratefully Good Grinding" Ed.

Highlights for the week

Lots of good stuff this week! Ran some personal errands which impacted some goals, but otherwise had a great week where I got to meet a new Pen Testing Professional. We talked a bit about the craft and what it takes, as well as how to get started. The answer - personal branding.

On the automation front, getting "ok" with XCode. It only took 14 years to finally get around to it. Coupled with knowing Espresso, I feel really proud of how that's come along.

Another site to practice pen testing is selected. Been grinding along.

What We Loved

1. Meeting with a new Cybersecurity professional. Nothing new learned, but it was still fun.
2. Made a new contact with a CISSP Security Professional. She seems like great people.
3. As always, meeting with my mentees is always the highlight of my week. Got to iron out some important things regarding her job prospects and career choice.
4. Lovin' my new PPL workout.

What We Learned

1. Automation - Learned about using POM w. XCode. Need to put that in place next week. Also learning about Azure DevOps (finally!)
2. Burp Suite - Closing in on completion of the labs. I won't get to all of them because I need BS Pro!
3. Security - New pen testing underway. Nothing new this week.
4. Security 2 - Learned a couple of things about threat modeling.
5. Cult.ure - "paused"; "Husb..." - exciting chapter and interesting character revelation.
6. Personally - improving the negative self talk. Learning to accept the consequences of my actions and the "why" behind them. Hoping I'm living to my true purpose.

What We Longed For

1. Another week, no new updates regarding a new job. This is getting really bad!

What We Loathed

1. Rejection for jobs that keep getting reposted.
2. Technical interviews that involve a Leetcode/Hackerrank code challenge with zero relevance to the job you'd actually be doing.

Security Testing Journal Entry | w/e Friday March 15, 2024 - "Luck o' the Irish" Ed.

Highlights for the week

St. Patrick's day is fast approaching, commemorating 7 years since the passing of my grandma (RIP!). The time is flying by. Lots of decent news to report, starting with landing another freelancing gig testing AI, interviewing with an agency for a new role, and finally finishing both the pen test and linked in learning.

What We Loved

1. Finally got to start that new PPL workout. So far, so good. The love is in the grind!
2. Confronted my tech interview fears and did not feel like a failure. I didn't succeed, but not because I didn't try. I studied wrong .. sort of.

What We Learned

1. Automation - Big key win taking a crash course in XCUI Automation. Things are working and moving steadily.
2. AI - Got under the hood by preparing for a hackerrank interview (that I bombed) and had fun along the way. Will be blogging about it.
3. Pen Testing - Completed the report for the practice site. My mentor provided some insight and new scripts. He says I'm doing the right things
4. Linked In Learning - Completed the module for Security Fundamentals. Nothing too revealing to learn, but there were some OSINT tips that came in handy.
5. Cult.ure - paused; "Husb.." - made a little progress. Paused on the writing due to other priorities.
6. Burp Suite - Completed the module for Server-side Request Forgery. Will complete the Race condition one a.s.a.p.

What We Longed For

1. As always, not having a proper job is frustrating. But I'm not so concerned about where I work. I want the right environment, with the right people, for the right pay. I pray for a little bit of Irish luck to find its way to our family.

What We Loathed

1. Interview process where there was no proper introduction, but rather jump right into the technical assessment. The Worst!!

Security Testing Journal Entry | w/e Friday March 8, 2024 - "Same Day, New Opportunities" Ed.

Highlights for the week

A very exciting week. Had a couple of opportunities presented to me, one being a potential for a new job, and another learning LLM. I got to finish the Pen Testing course and started cleaning up my linked in learning modules from the last time. Hoping of hopes to land a new job a.s.a.p! The debt hole is getting deeper and deeper.

What We Loved

1. Having a network of friends, online or in real life, has been instrumental. It feels good to be surrounded by good vibes.

What We Learned

1. Automation - finished another round of tests with a practice site. There was a lot of problems with the site itself, so there was only so much to test.
2. Burp Suite - Started Server-Side Request Forgery module.
3. Coursersa - Finished the Pen Testing/Forensic Data learning. It was very high-level, but I learned a bunch regarding forensic data analysis.
4. Linked-In Learning - Huge learning module regarding API security testing. I leveraged LLM to create a suite of automation test scripts in python. SOOO COOL!!
5. Pen Testing - started a new security audit with a bank app. Work in progress!
6. Blog - Finally published another blog regarding LLM and how it might benefit QA.
7. Cult.ure - paused! "Husb" - got over the writing block and got to a good place. I should start to wrap up the story .. it's getting away from me a little!

What We Longed For

1. As always .. a job and pay

What We Loathed

1. Freelancing QA site TW is dicey when it comes to how they moderate bugs reported. It takes a fight to convince people your bug is right. So exhausting.

Security Testing Journal Entry | w/e Friday March 2, 2024 - "Leap Day" Ed.

Highlights for the week

It was a unique year this year, as February brought with it the 29th - leap day - a rare date that occurs once every four years. A fairly quiet week with minimal goals hit due to personal obligations that needed to be tended to.

What We Loved

1. Pen Testing and consistently learning something new

What We Learned

1. Pen Testing - Finally got around to watching the video regarding
2. Coursera - Week 4 (Scripting) half-way done. Learned how to write a super-basic bash script
3. Playwright (Autom.) - - baby steps with automating the
4. Cult.ure - Paused; "Husb.." is nearing the final act

What We Longed For

1. Much like last week ... desperately need a job! I will be insolvent after the 20th.

What We Loathed

1. Unemployment - 500+ days since my last paycheck