Friday, May 31, 2024

Security Testing Journal Entry | w/e Friday May 31, 2024 - "Prayers Answered (somewhat)" Ed.


Highlights for the week

Big time highlight of the week: Landed 3rd round for a consulting company in lower NYC. Finance industry, great pay, great people, doing something awesome! Let's not f** this up!

What We’re Grateful For

  1. Grateful for a wonderful family .. as always.
  2. Grateful to have the means to make it another month with the bills paid.
  3. Grateful for Slack and network connections. This lead to a new job opportunity {all appendages crossed!}.

What We Loved

  1. Mentee (France) has strong PM/BA experience; amazing culture regarding Indian marital customs.
  2. Mentee (US) has reached A+ status; progressing with GRC.

What We Learned

  1. Cybrary - SQL injection w/o using SQLMap - enumerating site with union select.
  2. Playwright w. Python security framework is progressing nicely.
  3. Playwright w. Javascript -- must practice.
  4. Burp Suite - Race Conditions: paused.
  5. "Husb ..." back on with another exciting chapter.

What We Longed For

  1. As always ... a decent paycheck. 17 months of unemployment is no way to live life.

What We Loathed

  1. Ghost jobs! Literally the worst thing ever is seeing a job you know you can do and not hear back from recruiters.
Posted by at No comments:

Friday, May 24, 2024

Security Testing Journal Entry | w/e Friday May 24, 2024 - "So Many Ideas, So Little Time" Ed.


Highlights for the week

Quick note this week to express the excitement and enthusiasm for work done. Going to keep it short & sweet, but there's alot to be rejoicing in.

What We’re Grateful For

  1. Another week that I'm grateful for new connections on slack - potential job lead!
  2. Grateful for another on-site opportunity - easy money!
  3. Super-excited for the experience of mentorship - watching them shine is all the joy one could ask for!

What We Loved

  1. Progress on the security framework - I mean, wow!

What We Learned

  1. Appium Automation - got the iOS tests purring!
  2. Security Automation - the clean up has started. Leveraging Allure for results ... looks amazing!
  3. Cybrary WAPT - Finally finished the enumeration module for distinct protocols. I really need to get back to Metasploit and learn Hydra!
  4. Burp Suite - Race Condition module. It's coming along, but finding it a bit tedious. Will grind through it.
  5. "Husb ..." - baby step forward. Gotta wrap up this story soon. It ballooned in an amazing manner.

What We Longed For

  1. I'll keep saying it .. a good job, with great people, doing cool sh**, for great pay and benefits

What We Loathed

  1. It's been a positive week ... nothing really worth writing about
Posted by at No comments:

Sunday, May 19, 2024

Security Testing Journal Entry | w/e Friday May 17, 2024 - "Dankful" Ed.


Highlights for the week

As it happens, this was a great week full of a bunch of small wins coupled together. Sure the job hunt continues, but there's a lot to be hopeful about.

What We’re Grateful For

  1. Having friends in important places to provide meaningful feedback.
  2. Having a mentor also providing great feedback.
  3. Having a roof over my head, food in the 'fridge, and a bed to sleep on.
  4. Grateful to have the energy to make it another weak UE.

What We Loved

  1. As always: the small wins, the grind, and the persistence to push through the hardwork, even when it feels frustrating at times.
  2. Looking forward to this week's onsite test.

What We Learned

  1. Automation, pt. 1 - Appium with Pytest: It took a couple of days and several hours of research before finally putting together a comprehensive suite for testing android and ios apps on mobile. On to the testing! Blog in the works!!
  2. Automation, pt.2 - Successfully migrating security tests to new repo. Now for the tedius decoupling from the target project to make it more portable.
  3. Pen Testing - moving through my current project, but going through Cybrary lecture. Learned some really interesting things. More to come.

What We Longed For

  1. A good job
  2. More time! My writing has taken a back seat to ongoing projects and shifting priorities.

What We Loathed

  1. Lack of response from jobs I've applied to. The grind is getting old!
  2. Trolls on reddit! Getting downvoted for being right and contesting a crap statement is the worst thing about that forum.
Posted by at No comments:

Friday, May 10, 2024

Security Testing Journal Entry | w/e Friday May 10, 2024 - "Mother's Day" Ed.


Highlights for the week

Another cool on-site test engagement this weekend. Pretty excited about that. Security automation tests in python - the project is coming along nicely. Seeing my mentee accomplish another interview .. amazing!!

What We’re Grateful For

  1. As I've stated before, always grateful for health, a roof, bed, family
  2. Grateful that I get to wake up and tackle the day head-on
  3. Grateful to be constantly learning

What We Loved

  1. A new pen test engagement .. always fun. Grinding one day, one test at a time!

What We Learned

  1. Cybrary - Pen Testing: Thought it was going to be a waste of time .. boy how wrong I was. Learned some fun things.
  2. U-Test: Learned a little about API testing and more.
  3. Automation: Azure {paused; trial expired}. Security + Python - working like a charm
  4. Burp Suite: Fell behind on "Race Condition" tests. Need to finish next week.

What We Longed For

  1. As always, need that good job

What We Loathed

  1. Lack of response from recruiters. They reached out to me, I responded, then crickets!
Posted by at No comments:

Friday, May 3, 2024

Security Testing Journal Entry | w/e Friday May 3, 2024 - "May the 4th Be With You .. Always!" Ed.


Highlights for the week

Mildly uneventful week. Managed to complete another pen test, completed the refactor of API security tests, and kicked off a campaign to automate some manual pen tests. Overall, a pretty good week.

What We’re Grateful For

  1. Happy that I got to add another pod/live stream to my menu, this one deals with Cybersecurity news!
  2. Grateful for good health and well-being
  3. Grateful to have a full refrigerator (despite the absence of income)
  4. Grateful for another month with a roof over my head
  5. Thankful that a recruiter reached out to me and forwarded my application (finger's crossed)

What We Loved

  1. Mom's birthday - we're talking. She still has yet to acknowledge what she's done, but I'm not one to hold grudges.
  2. May is great for "Star Wars Nerds" (5/4) and Cinco De Mayo! As well as Mother's Day!

What We Learned

  1. Automation - Learned to refactor API tests using Clients and improved syntax
  2. Automation - Learned to write automation tests for DOM-Based XSS and Stored XSS .. more to come
  3. Security - completed OrangeHRM Pen Test. Really happy with how the report looks and the progress made. Next week - mobiles!
  4. "Husb..." - another week gone and no writing done. Gotta fix that and finish this.

What We Longed For

  1. Need a job

What We Loathed

  1. The lack of a job
Posted by at No comments:
Subscribe to: Posts (Atom)