Security Testing Journal Entry | w/e Friday November 21, 2025 - “Holiday Season - Week 2” Ed.

Highlights for the week

Kicked off the work week with typical Monday madness of running personal errands, mininmal job leads, and mapping the week. It was a very AI Focused week, where I sat through an onsite networking event. I also finished the TCM course in AI.

Also sat through a course in understanding the 0-days found in IOT devices. Really interesting to learn how devices like a Traeger Barbeque grill can be hijacked.

Starting an API pen testing campaign next week. Been a minute. Growth happens in the discomfort

What We’re Grateful For

1. Eternally grateful for getting to wake up, tackling the day, every day! Getting a good workout, and keep sane.
2. Will always be greateful for a loving home, awesome family, full 'fridge, and all the treats.
3. Learning more and more about Pen Testing / Bug Bounty Hunting. Sure, my ticket got rejected, but it was for a proper reason.

What We Loved

1. Going to the google network event - New York City Security User Group - November 2025 - Quarterly Meeting. I was inspired to want to volunteer.
2. Loving to end the week helping others. It's been a real blessing.

What We Learned

Remember! Being busy is not the same as making progress. Do what matters if it is working towards your goals. YOU GOT THIS!!

1. BBH! Update to Bugcrowd finding: Report got rejected (which I half-expected).
2. Updated Kali to latest ... for API pen test next week.
3. Learned: Peeling Back the Plastic: Finding 0-Days in IoT Devices. Learned that IOT devices can be hacked and attackers can do bad things to BBQ grills!
4. TCM: AI Fundamentals: [Status: DONE!] Learned so much about the inner workings of AI, namely NLP, LLM, and everything in between.
5. Mentor/Mentee w. IMANI, Lesson 4: [Status: IN PROGRESS!] Split my work into two days. 2nd day will be about more testing.
6. Reading: WAHH Chapter 17 - [Status: IN PROGRESS!]
7. Pen Testing: YNAB [Status: NOT STARTED!] Finished scope, got the target, learned the ROE.
8. Writing: Chapter "War Cry" [Status: NOT STARTED!]. Outline is done. Will make time to put hands on keys.
9. Burp Suite: HTTP Header Labs [Status: TO DO!]
10. QA Day: Need to get started on APIs.
11. QA Day: Picked up another U-Test project which took up the better part of the day. It wasn't a big app and there wasn't much to find.

What We Longed For

1. Another week, no job!

What We Loathed

1. 2025 Job Market.

Security Testing Journal Entry | w/e Friday November 14, 2025 - “28 Days before $0 UE Benefits” Ed.

Highlights for the week

Another week in the bag. So looking forward to the holiday season, despite the lack of employment. It's odd that I'm not freaking out about not finding work. I'd prefer landing a great job than a shitty job, with an ego-maniac manager, for trash pay.

On the security front, I finally added a VPN to my Mac. Now I can pen test like a big boy! It has not impacted the browser performance and I like knowing my browsing habits are secured. The cool highlight was I finally published my first bug to BugCrowd. It was more like a reach-out to the client instead of a legit bug. I got feedback that it was NOT APPLICABLE but I'm fighting it. I want final confirmation from the client before accepting it as N/A.

Regarding my mentees, I completed the Session 4 training deck for Imani and realized just how much I'm learning as I'm teaching. I'm not going to be much help to Shree as she's moved back to India. She's on a different path now and the time difference is going to suck. At this points, we're friends. Luna is radio-silent this week. I reached out but she hasn't replied. I'm thinking asking for payment for pen testing changed our dynamic. Hoping not the case but also, so what. I'm learning to value my time and the payment was more about a measure of commitment than compensation. Whatever!!

What We’re Grateful For

1. As always, I love that I get to be here. I get to wake up and start a fresh new week.
2. Always grateful for good health!!
3. Always grateful for love in my heart, faith in my abilities, and continuous improvement, working to be my best self.
4. Always grateful for a loving home, a loving family, good friends, a roof over my head, and a full 'fridge.

What We Loved

1. For this week, loved that I got to finish my Pen Test report and file a bug.
2. Loved that the gym finally has cool equipment.
3. Loved that my student is feeling more confident in herself.

What We Learned

1. Gandalf AI - [Status: Paused!]. Keeping this here as a reminder.
2. TCM: AI Fundamentals - [Status: Active!] This week's learning was all about Natural Language Processing, Tokenization, and 'Attention'.
3. Mentor/Mentee w. LUNA - [Status: Not Started!] Radio silence after reaching out regarding my offer. I don't think she's fully committed.
4. Mentor/Mentee w. IMANI, Lesson 4 - . Upcoming week is where things get really good.
5. Mentor/Mentee w. Shree - [Status: Done!]. At this point its safe to say my mentorship is over. Friends now.
6. Reading: WAHH Chapter 16 - [Status: Done!]. It was a quick chapter.
7. Pen Testing: Octopus.com [Status: Done!]
8. Writing: Chapter "War Council" [Status: Done!]. Next chapter is the rescue.
9. Burp Suite: HTTP Header Labs [Status: To Do!]
10. QA Day: Need to get started on APIs.

What We Longed For

1. A GOOD JOB, WITH GREAT PEOPLE, DOING COOL SH**, FOR DECENT PAY/li>

What We Loathed

1. U-Test Moderation. Having to fight for valid issues are a lesson in patience.

Security Testing Journal Entry | w/e Friday November 7, 2025 - “"Holiday Season in effect"” Ed.

Highlights for the week

Holiday season is absolutely in effect. It starts with the Halloween havoc and ends with New Years. So far, it has been a great start. Halloween is always fun and lot's of good vibes. We brought in a massive haul of treats. I certainly picked the worst time to worry about my weight. I will have to be disciplined .. or at least try to maintain some control.

My Test Analyst student rescheduled for this weekend. Hope she's feeling better. She was not doing well at work either. Her confidence was shaken. I'm so blessed to be part of her journey.

U-test platform is still dogsh** but it provides some money. Had a ticket in "Disputed" state and I was super-frustrated by the moderation. Even after the feedback from the Test Lead, I know she was wrong. The consequence was a small reduction in my profile status. I've been told it's not that big of a deal. As someone who's done this for over 15 years, it is humbling. Let's me know there's always something to learn.

What We’re Grateful For

1. As always, grateful for a loving home with my loving family.
2. Having my student and mentees. Haven't heard from Shree in a long time. Hope she's ok.
3. Despite the unemployment, I'm hopeful that things will turn around and I get to wake up to see that come to pass.

What We Loved

1. With the holidays here, loving everything!!

What We Learned

1. Gandalf AI - [Status: Paused!] ... I may never get to this anytime soon and that's ok. I'm taking a new course in AI from TCM.
2. U-Test work - [Status: Done!]
3. TCM: AI Fundamentals - [Status: Done!] - Learned how training models works.
4. Mentor/Mentee w. LUNA - [Status: Not Started!] She's been sick but I'm also not convinced she's going to come through.
5. Mentor/Mentee w. IMANI, Lesson 3 - [Status: Postponed!]. She was sick and we moved things for this weekend.
6. Mentor/Mentee w. Shree, TBD
7. Reading: WAHH Chapter 15 - [Status: Done!] The chapter was mostly about information disclosure in error messages and server logs. Not a lot to "hack!"
8. Pen Testing: Octopus.com [Status: In Progress!]
9. Writing: Chapter "War Council" [Status: In Progress!]
10. Burp Suite: HTTP Header Labs [Status: To Do!]
11. QA Day: Need to get started on APIs.

What We Longed For

1. JOB

What We Loathed

1. U-Test Moderation .. the absolute worst!