Saturday, September 20, 2025

Security Testing Journal Entry | w/e Friday September 19, 2025 - “And the beat goes on .. and on!” Ed.


Highlights for the week

Fall is around the corner and the weather has been spectacular. Gone are the days of high heat and humidity. Crisp temperatures, cool breezes, and sunny days are here. Job search has been abysmal. The cycle the same: see the job post > apply for the job > get rejected > see the job reposted.

Been listening to a lot of stoic philosophy videos on YouTube and have really improved my mindset. I've shut down the negative self-talk and I've replaced it with positive affirmation. I keep looking back on my time at Secure Ideas, and the more I study what went right and what went wrong, I am coming to understand that there was a lot I should have done better. I wasn't working to the level of my experience and I was humbled by just how much I still have to learn. The lessons learned were: need more experience; need to write better; blogging matters for the company in terms of sales and marketing; need more practice with portswigger pro!

How I'm improving on those weaknesses:

  1. Been trying to find new projects in bug crowd, but struck out with a recent engagement. Will keep hunting for new ones.
  2. Wrote up a report for a recent project (NFL). Need to keep that up.
  3. Been learning a lot about AI. Does it help with pen testing? No. But I also learned how to hack them, so out of curiosity, I've taken a course on prompt engineering and read a book on agentic security. It's moving me in a particular direction ... a fun one.
  4. As for Portswigger, I only have the community edition so the issues that caused me problems at SI will remain unfixed for the time being.

What We’re Grateful For

  1. Grateful that MIL provided us with lunch and food.
  2. Grateful for friends in great places.
  3. Grateful that I get to wake up and enjoy another day of good health, vitality, and well-being.
  4. I get to be here .. now .. making the most of my time to stay happy and productive.

What We Loved

  1. Jumped on a new opportunity for a completely new role at Spotify. I'll be happy if I get it, but cool with not. It's a new challenge.
  2. Applied to Spirit Halloween store .. a fun seasonal gig. I'm not above seasonal work at this point. Some money is better than no money.
  3. And while I'm on the work tip, some new U-Tests sprang up adding to a packed schedule. It's impacted some personal projects which keep getting pushed further back.
  4. New Deadlift achievement - 270lbs. Personal best is still 305lbs.
  5. While on the workout subject, my son is now part of my morining routines. He is motivated to start exercising .. very cool! It has however altered my mornings significantly
  6. Joined BSides-NYC as a volunteer. That starts in October, so super excited for that.
  7. While on the networking subject, Joined "Raices Cyber" - NYC Chapter. A latin-american group focused on Cybersecurity. Need to up my networking game tremendously. As the saying goes, "you are the sum of the 5 people you surround yourself with." Right now, I have no one. :'(

What We Learned .. a busy week!!

  1. Reading: Read "Securing-Agentic-Applications-Guide-1.0" and learned several new things and frameworks to play with. [**Action item]Gandalf AI Hacking .. start!
  2. Reading: WAHH Chapter 13 - paused for work and additional tasks. This is for fun so less of a priority. [**Action item] Get back on it.
  3. Hacking: New Weekly lesson with TCM. Learned about brute-forcing logins, password spraying, and HTB. [**Action item] Need to renew that membership
  4. Writing: "Husb" New chapter about reconings. Need to expand on fight scene between Mara and Dee.
  5. Work: A couple of new U-Test projects popped up forcing me to recalibrate my task list and reading.
  6. Pen Testing (Bug Crowd): New project started required credentials. After scoping, not a lot was possible. Will revisit scope and targets and try to test the write the report. It's all about the reps.
  7. Burp Suite: Bus. Logic flaws - paused for work; shall resume over the weekend as time allows.
  8. QA Day: Started practicing Playwright with typescript. The cool lesson learned: used Gemini to optimize my code for improved readibility. Something I wish I had done at Unqork.

What We Longed For

  1. As always .. a job, money, health benefits.

What We Loathed

  1. The job market in 2025
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)