Friday, July 26, 2024

Security Testing Journal Entry | w/e Friday July 26, 2024 - "Nearing Insolvency" Ed.


Highlights for the week

New job applied to - Daxko - no rejection, but no movement yet, so hope remains. Started a new bug bounty program - testing the "Blue Apron" site. Strict scope, but I'm going throught the motions of a full security audit.

Some sub-stellar achievements

New u-test campaign: bombed the ticket portion, could not find any bugs in the selected browser. After some soul searching, its best that I REVIEW my steps taken, REASSESS my process, and RETRY .. because that is all I can do. I'm not a failure.

Blogging on Medium is not getting as much traction as I hoped. I'll keep grinding, but I don't want to be a content monkey nor do I want to be writing for the "likes".

What We’re Grateful For

  1. Food, Shelter, and Good Health
  2. A loving mom who keeps giving more than getting
  3. An awesome family, despite a spouse who is super-pissed off and at the point where divorce is imminent

What We Loved

  1. Not a lot ... it was a rough week!

What We Learned

  1. Coursera - Started SQL fundamentals.
  2. YouTube - Learning Salesforce QA
  3. YouTube(2) - Learning GraphQL Pen Testing
  4. Bug Bounties - Started on "Blue Apron"
  5. Automation - finally started on refactoring Security API Automation tests
  6. "Husb" - showdown in progress

What We Longed For

  1. As always: a good job, with great pay and benefits, working with cool people, doing awesome things!

What We Loathed

  1. Job search has now expanded to include food service (ugg!)
  2. Getting consistent rejections without so much as an attempt to interview
  3. Spent the back-half of the week w/o hot water ... it was a rough four days
Posted by at No comments:

Sunday, July 21, 2024

Security Testing Journal Entry | w/e Friday July 19, 2024 - "Critical Failure Imminent" Ed.


Highlights for the week

The Good! Applied to a job via referal from slack - fingers crossed. Signed up to bug bounties and hoping to get started with that.

The Bad! Former president nearly got shot, current president is sick with COVID, and on Friday a near-global outage occurred caused by a cybersecurity EDR impacting Microsoft Windows users. Personally speaking: below $200 from being broke, zero job response, needing to borrow from son for some bills; rent will be late.

The Ugly! Spouse remains extremely pissed; thinking this time we're done done. Had to chase after a restaurant job I'm not too proud to take (no word). Had a moment where I broke down and cried; it's bad, losing the job and partner.

What We’re Grateful For

  1. Still kickin' it
  2. Still have food in the fridge
  3. Still have a roof over our heads

What We Loved

  1. The kindness of strangers sending me a referral to a great job
  2. Friends reaching out .. its always good to have people looking out

What We Learned

  1. Pen Testing (1) - Altoro - Finished pen test
  2. Pen Testing (2) - About to start bug bounties
  3. U-Test - Finished First U-Test cycle; as expected had to push back on a ticket. A 2nd one is on-deck.
  4. GraphQL - Dragging ass with GraphQL
  5. API tests in Security Repo - in progress
  6. "Husb ..." near the epic showdown

What We Longed For

  1. A good job; good pay/benefits; good people

What We Loathed

  1. Being blamed for something that is entirely not my fault
  2. Getting rejected for having insufficient experience; yet no opportunities abound to acquire said experience
  3. The entire job market
Posted by at No comments:

Sunday, July 14, 2024

Security Testing Journal Entry | w/e Friday July 12, 2024 - "Low Point" Ed.


Highlights for the week

Not a lot of good to report this week. Fully recoverd from the loss of the job opportunity of two weeks ago, but in the dog house, yet again .. yay! And it wasn't even my fault.

A cool thing worth noting was my participation in a Blue-Team oriented CTF. There were a lot of fun but tough challenges. In the end, I scored a decent amount of points. It only cost me a VM that I've got to rebuild (again!).

What We’re Grateful For

  1. Grateful for having a partner, even when she's upset at me (when I wasn't wrong)
  2. Grateful for having my son be on my side, and seeing that his dad was not wrong
  3. Grateful for not being wrong and disallowing myself to feel hurt by her insults and kept a cool head

What We Loved

  1. Not a lot to love this week.

What We Learned

  1. Level Effect Cyber Defense CTF - Learned a surprising amount. Was also pleasantly surprised by how much I actually did know.
  2. U-Test - Finally got around to signing up for a practice test cycle in U-Test for $$ - starting this on Monday
  3. Cybrary - Completed the Pen Testing course and earned the "certificate of completion." Overall, the learning was mostly focused on prep for the OSCP.
  4. GraphQL - Paused for the CTF.
  5. Automation - Spent an entire afternoon trying to repair my mobile + WebdriverIO test repo. At the moment it's not working at all. Issue is beyond my control.
  6. Pen Test - Finished Recon step in pen test. On to CONFIGURATION & DEPLOYMENT MANAGEMENT TESTING
  7. Medium - Vulnerability Assessment (paused!)
  8. "Husb..." - climactic showdown for chapters 27 - 29. Having tons of fun writing these out.

What We Longed For

  1. A JOB!! Plain and simple. Coming up on 22 months since my last paycheck. Really really bad!!

What We Loathed

  1. This job market. Worst ever!
Posted by at No comments:

Saturday, July 6, 2024

Security Testing Journal Entry | w/e Friday July 5, 2024 - "Independence Day" Ed.


Highlights for the week

Welp! That happened ... Ghosted after two weeks.

It was 10 solid business days since my last interview for an awesome job. 336 hours since I last heard from the recruiter. The radio silence was too much. So it took me sending an e-mail asking about the status of my application to learn they went with someone else. What followed was a mix of emotions from sadness to frustration, even anger and disappointment. Had the news came sooner, I could have handled it better. Waiting two weeks was especially cruel. Hoping for a "yes" was the worst.

But I felt something in the pit of my stomach that let me know I didn't get it. The feeling was something similar to when you're standing in an elevator and the car suddenly drops.

Wife and I had been mapping out what the promise of that salary might bring after the first week. By the close of the second, the feeling of hope turned into despair. The opportunities are drying up. And the longer I'm out of work, the harder it is to get back in, making for a perpetual motion machine of insecurity. I have no plan-b! This job prospect was it. It pays to be a winner, and I've yet to win .. so what does that make me?

What We’re Grateful For

  1. Grateful that I get to sit here and write this, with a roof over my head and a full 'fridge.
  2. I get to enjoy working out and a nice shower afterwards.
  3. I get to sleep on a proper mattress, in my apartment, in a great neighborhood.
  4. Grateful that I have my smart wife providing some possible ideas for problem resolution. I need to do better; be better!

What We Loved

  1. Not a lot to love this week. It's been tough.

What We Learned

  1. Cybrary - finished modules 9 and 10; Onto 11: the reporting.
  2. GraphQL - playing with the queries for mutations.
  3. Pen Testing - started a new test for a banking app
  4. Medium - blogging about Threat Modeling
  5. "Husb .." - nearing the end; have come to the climactic show down amongst all the characters

What We Longed For

  1. As always, longing for a decent job with great pay/benefits, great people, doing awesome things.

What We Loathed

  1. Ghosting! By far, the most purile of behaviors exhibited by recruiters. They need to learn to put their feelings aside and let candidates know when the decision to move on occurs.
Posted by at No comments:
Subscribe to: Posts (Atom)