Wednesday, December 31, 2025

Security Testing Journal ... Supplemental


Life is the goal ... time to achieve it in 2026

I listened to a Jim Rohn video on YouTube last week and ... just wow! The universe was definitely talking to me and took notes. Below are some key points. I will apply my own thoughts as well. The promise I'm making to myself from here on in is TO DO BETTER and kill the negative thinking

Self-Improvements Daily!

This has been very much the goal since 2024. Going into 2026, the mission continues. Keep doing the daily grind. Keep putting in the work. 1% better every single day.

Keep feeding the mind good things, because what goes in is what comes out. So absolutely no more nrop.

Detach From Your Past Failures!

I must not keep beating myself up for all the dumb sh** I've done in my past. I never did get to process what happened to me at HTH, and it burned a deep scar in my psyche. At some point, that event and all the bad jobs and layoffs/terminations and what-not have got to get buried. Time to build new patterns and set new standards.

What Is Ahead Is More Important Than What Is Behind You!

As the saying goes, the windshield is larger than the rear-view mirror for a reason. Looking forward is where the potential is at. The past is passed. It served up many many lessons. Time to bury that m**f**r and keep moving forward.

Stop Comparing Yourself To Others

The only person I need to compare myself to is the person I was previously. Gone is the 15 yearold who had no real father or role model to look up to. Gone is the 25 yearold who learned to love his job and his girl, only to lose both that same year. Gone is the 30 yearold idiot managing marriage, fatherhood, and a new career after so many failed attempts at transitioning out of food service into something different. And gone is the 40 yearold still making the same careless mistakes but failing forward. The goal is to keep going, keep growing, and keep learning. Still waiting to find my purpose.

Make Sh!@#$ Happen .. Get Sh!@#$ Done!

I love this saying. It has been my mantra since the day I started QA. It never fails me. It reminds me to keep the momentum up, own the mistakes, avoid losing focus.

Make A Decision & Stick To It!

Indecisiveness is weakness. Better to make the decision and learn from the outcome than to be insecure. Insecurity was in fact the biggest thing that hurt me at SI. That and ego .. thinking I was ready when clearly there was so much more I needed to learn.

Always Respond With Calmness & Clarity!

As I get older, I'm learning to detach more and more. Not everything is a hill worth dying on. Best approach is to react with steadiness and avoid any emotional outbursts. Still waters run deep.

Exhibit High Performance Thinking For Optimal Results

This will be an area I need to improve. There are times my head is far from where it should be. My mind is not always the steel trap. Gotta get better. The solution is to move with confidence and act with purpose.

Reconstruct Your Identity Based On Your Strengths!

Another goal for 2026 .. do better! Take the me I want to be and work on him. Work on my strenthgs and passions: Write more; mentor more; Do better; Be better; Keep testing; Stay disciplined.

Speak Positively!

I will keep reminding myself this quote, YOU ARE NOT YOUR FAILURES!!

It is time to tear down this lie .. the lie that I am a joke, insufficient, unqualified, incapable, uneducated, and inadequate.

I will believe in myself because he deserves it. My family deserves the best version of me, not some weak-ass rendition.

Failure Doesn't Define You ... It Refines You!

Pretty much this ^^

I'm done feeling weak. I will no longer accept mediocrity. I will work to improve my physical, spiritual, and emotional self.

THE MOMENT YOU'VE BEEN WAITING FOR IS NOW ... DECIDE THAT YOU WILL WIN .. NOW! YOU WILL BE BETTER .. NOW!

Posted by at No comments:

Monday, December 29, 2025

Security Testing Journal Entry | *** 2026 Ed. ***


Highlights for the week

2026 IS ALMOST HERE

The theme going in to the new year is going to be DO BETTER!

There were several wins this year, which offsets a lot of the losses that incurred (namely job loss). Without going to much into it, there's a lot I will be focused on and I will be aiming to do better:

  • As a man .. I will make every effort to maintain healthy stoicism and set the example I want my child to model himself after. No more hypocrisies.
  • As a Father .. I will work on myself and be as good a role model as I can be. My son needs to know I will be there for him no matter what.
  • As a son .. I will venture to be more present and responsive to mother and father ... as best I can.
  • As a husband .. I will do my best to rebuild trust and reconect.
  • As a brother .. I will work on being better as a brother.
  • As a mentor .. I will continue to set the tone and be available. I want them to know I'm a resource. Be the mentor I never had.
  • As a leader .. I will maintain my personal values, work on my competence, and be genuine.
  • As a pen tester / QAE .. I will learn from my past failures but I will quit dwelling on them. I am not what happened to me. I am what I chose to become.
  • As a friend .. I will strive to keep in touch.

A great quote that sets the mood is, You can’t go back and change the beginning, but you can start where you are and change the ending.” 
―C. S. Lewis

We're no longer accepting this: the weakness, the self-pity, the failures (more on this to come). Enough is enough!! Do Better is the theme!!

  • Stay on task!
  • Stay focused!
  • Stay calm!
  • Ask questions when there is doubt.
  • Get clarification where there is ambiguity.
  • Do your best, at all times, in all ways

And now for something completely different ... CAREER REMINDER

“I want to go into Pen testing / Security Consultant because I genuinely love the challenge of finding vulnerabilities and working with clients to solve them. I got a taste for it and I want more.”

“I want this company because it aligns with my values and gives me the opportunity for career growth. This was what I had with Secure Ideas ... wahh

“I want this role because it aligns perfectly with my personal and professional ambitions. I really love the skill of pen testing.”

What We’re Grateful For

  1. Grateful for the good and bad that was my time at Secure Ideas. The exposure was invaluable beyond words. It was a prayers-answered job and I'm disappointed in how it ended.
  2. The family is always a blessing.
  3. Love that I've been so good at working through my sh** and did not let myself sink into a depression I could not get out of.

What We Loved

  1. I loved the continual learning

What We Learned (for 2025)

  1. Could I have articulated my value better?: Yes .. working on doing better.
  2. Do I need to improve my storytelling (communication)?: Yes!
  3. Did I connect with the right people?: Yes. Throughout the year, and especially at BSIDES-NYC.
  4. Did I network widely enough?: Yes.
  5. Why didn't my network help?: No clue, but Linked In is no longer the networking engine it once was.
  6. Were there tasks that I failed in?: Unfortunately, yes. May was just a bad month. 2 blog posts bombed, 2 reports went to sh***, and there were too many mistakes with Burp Suite. Also the file upload test was a spectacular fail.
  7. Did I work to the best of my ability?: I did.
  8. Did I produce excellent work?: For the most part yes. Like I said before, 2 reports and 2 blog posts were the beginnnig of the end.
  9. Was my performance sub-par?: Yes. I failed to meed the expectations of the role.
  10. Did I communicate my work?: Yes.

What We Longed For

  1. A great paycheck and great benefits.

What We Loathed

  1. Nothing. Not wasting energy on things I have no control over.
Posted by at No comments:

Friday, December 26, 2025

Security Testing Journal Entry | w/e Friday December 26, 2025 - "Christmas Holiday" Ed.


Highlights for the week

The holiday week came and went and I did my best to bring the energy. Not gonna lie, I wasn't feeling it. I was moody and depressed. I was sulking about finances and where I'm at as a man, as a husband, and as a father. Six months out of work and it's scaring me that I may never land another job. The thing I kept harping on was "missed opportunities." I've had chances. I've had opportunities. Am I at the age where I've used up all my tokens? No more lives left .. game over!

I was feeling a certain way and the universe spoke, as it often does, through YouTube. And I was listening to a few videos while working out. I felt a little better. Some common themes were: DONT QUIT .. FOCUS ON WHO YOU WANT TO BE BECAUSE it is never about luck. It is about preparation, opportunity, and discipline.

Remember that EGO KILLS GROWTH.

Remember, You're not walking through the fire alone! God is walking beside you too :) Also, Chiron asks you to heal yourself before you try to heal others. And also that you cannot walk into new opportunities carrying old baggage. You have to set those down and keep moving forward.

YOUR NEXT MOVE MATTERS MORE THAN YOUR LAST MISTAKE!! Stop dwelling on what didn't happen, or that you failed. Focus on what the lesson taught you.

  1. You didn't meet expectations ... GOOD! You reflect on where you fell short - excellence, work, competence - and build those up.
  2. You bombed the blog article ... GOOD! Keep writing. The problems were lack of clarity on the assignment and inexperience. You can do better, don't quit.
  3. You botched a few reports ... GOOD! You were getting better at the end. You failed because of your pride. Stay humble or get humbled.
  4. You shit the bed with the file upload component testing ... GOOD! You have since taken the steps to upskill and fix your flaws.
  5. You're weak at API, mobile and network pen testing ... GOOD! These are opportunities for growth. You've already gone through network pen testing and you're doing API now.
  6. You didn't get your chance to volunteer ... GOOD! You attended BSides-NYC and made a ton of new connections.
  7. You still need a mentor, but now you get to mentor others

So yeah, these past six months have been instrumental. I've also learned soooo much about AI. There's still more to go. In the end, the goal is to: Be empowered. Love yourself. Check the behavior pattern and fix what isn't working and move forward. Do this for your family and future self. Keep showing up, even when it's hard. Especially when it's hard. Your past will try to get in the way .. don't let it

What We’re Grateful For

  1. Every moment is a gift. Focus on the lesson and the blessing.
  2. Still here .. still breathing.
  3. Great fam to enjoy the holidays with.
  4. Staying healthy

What We Loved

  1. Loved that I have a lot of life left.

What We Learned

  1. AI Training [Status: Not Started!] - Moved to next week .. so few hours in the day.
  2. Writing: Chapter "War Cry" [Status: IN PROGRESS!]. Enemies are at the gate; Dee made the plans and DBack is testing the new aircraft.
  3. Reading: WAHH Chapter 19 - [Status: IN PROGRESS!]. Code Review Topic .. not easy.
  4. API Pen Testing: Lime [Status: IN PROGRESS!]. Putting APISEC lessons to practice; just wrapped Reconnaissance. Manual testing to follow.
  5. API Pen Testing Tutorial: [Status: IN PROGRESS!]. Learned about Mass Assignment; BFLA / BOLA
  6. QA Day: Performance Automation [Status: IN PROGRESS!]. Working on a cool project involving Playwright and K6.
  7. Mentor/Mentee w. IMANI, Test Cases Lesson: [Status: PAUSED!] Holiday Break!
  8. API Pen Testing: YNAB [Status: DONE!]. I'm writing this off.

What We Longed For

  1. As we wrap 2025, longing for a great job that I can grow into.

What We Loathed

  1. Feeling like a failure is absolutely the most loathsome thing I've had to endure these holidays.

Posted by at No comments:

Friday, December 19, 2025

Security Testing Journal Entry | w/e Friday December 19, 2025 - "Gloomy Rain, Beautiful Winter Snow" Ed.


Highlights for the week

Pep talk and words to live by: FOCUS + DISCIPILINE + CONSISTENCY = WINNING. You are not your past; You are not failing, you are learning.

Snowed on 12/14 .. that's about the good of this week.

Going to get my hormones checked .. finally! So that's a win!

I definitely have a bit of a reddit problem. I find I spend a little bit of time every day looking to post, trying not to waste time or energy on pointless arguments, and trying to help where I can. Some peopl are just too dense. Speaking of which, my one mentee has not responded in well over three months. Unclear if I pissed her off or not, but the radio silence is telling. Did she have a meltdown? Did she quit everything? Is she ok? I'm trying to be indifferent, but some part of me wants to know she's ok. If I'm the a**hole, at least I know where I stand. But if there's something deeper, more problematic, and I can help then I surely would like to try. cest la vie

So tired of failing. So tired of the rejections. Had chances and opportunities. WTF to all of this!!

It makes me wonder what is the truth and what is the lie. Was I ever good at any of this? Are my best days behind me? What is the point anymore?

FFS, 50 YO AND STARTING OVER; STILL OPERATING AT A JUNIOR LEVEL ?! What is the truth and what is the lie?

Less than 8 days of unemployment insurance remaining. Bills are paid for now, but after next month .. yikes!! And too many people are saying 2026 is not going to be better. WTF?! And have I mentioned how Mondays are absolutely trash for job searching?? Well, they are! As of the time of this post (Friday), I just looked at severa job listings I applied to and got rejected from REPOSTED!! on the job board. What is the truth and what is the lie? Are they hiring, or just perpetuating the lie that they are succceeding for investor money.

What We’re Grateful For

  1. Trying to find the positives this week. At least I have air in my lungs, food in my 'fridge, and a roof over my head.
  2. Definitely grateful for waking up and having the health to grind.

What We Loved

  1. Again, not much to love being so close to the holidays and unemployed ... again! This pattern has to stop.

What We Learned

  1. U-TEST - Handled another U-Test Cycle. Found (1) issue I'm expecting to get rejected as a possible duplicate.
  2. APISEC - APISec/VAPI learnings in progress. Learned about Crunch and JWT_TOOL to hijack authentication tokens and attack APIs. Cool recon process as well.
  3. Bugcrowd/YNAB is still blocked. No new updates.
  4. Bugcrowd/Lime is scoped. Waiting on YNAB before starting.
  5. WAHH Chapter 19 - all about code review.
  6. "HUSB" - Need to sit this weekend and really hammer out "War Cry"

What We Longed For

  1. As always, a job doing cool things with cool people for great pay.

What We Loathed

  1. The 2025 EMPLOYMENT MARKET
  2. Hating my current situation with no money.
  3. Hating that I feel like an abject failure.
  4. Hating that I'm rejected for jobs that I see reposted on the job sites .. repeatedly
Posted by at No comments:

Friday, December 12, 2025

Security Testing Journal Entry | w/e Friday December 12, 2025 - "Six Months of UE, 2025" Ed.


Highlights for the week

So yeah! We're at six months of unemployment. The job market doesn't seem to be letting up. If fact, there seems to be a sinister correlation between laid off employees and surging stock prices. One could almost argue companies are incentivized to lay people off, especially in the Q4 business cycle (October - January) to improve their profit margins. The lie sold to investors is that the company is "profitable." The truth is far less rosy. Companies overhired back in 2019 and have been adjusting for those expenses ever since. Couple with the looming promise that AI is going to automate everyone out of a job, and you have a perfect recipe for a garbage end to 2025 and a worse 2026. And to make matters exceedingly worse still, the seven giant tech companies comprise 40% of the national GDP. They've entangled each other in a financial mess that threatens to take the entire economy down.

Where does that leave me? Who the f** knows. I am well past the grieving stages of my job loss to SI. Well past the shame and hurt of getting fired. I have spent these last six months reflecting on EVERYTHING: who I am; what I want, what I value most; what ever are my values; and how to fix where I failed. There was a lot I could be mad at with SI. In the end, I can't blame them for my performance. I can only take them to task for not getting the proper instruction or mentorship I was begging for. Somethings they did well, other things not at all.

These past six months have been nothing short of educational and productive. What isn't working so far is job hunting. 120 jobs, not one phone call.

  • Working on personal values and improving my self-discipline. Some areas still need work, but I have been getting better at faith, family, fitness, and finances.
  • June and July were healing months. I learned a lot about where I failed at SI, starting with my performance and lack of experience. There were things that weren't gelling and it's all my fault.
  • Burp Suite File Upload Lab: I revisited this to learn where exactly I bombed the job in May at SI. File Upload Vuln. learned exactly what I did wrong!
  • Continuing learnings on API Security testing. Learned about Kiterunner, a tool in Kali for API enumeration. API enumeration - Something I never learned at SI and how poorly I actually tested the file upload components when I found them. Stupid of me to have used the payload that I did.
  • First thing I did was learn the fundamentals of network pen testing. Network PT - my biggest weakness at SI
  • Started bug bounties. This has been instrumental in keeping my skills up and practicing my reporting skills .. Reporting - another area where I was weak at during my time at SI.
  • Continued my skills with software testing. U-Test is still a mess when it comes to moderating bugs.
  • Automation script in Typescript for E2E testing and APIs. Not the thing I'm strongest at but having
  • Spent a considerable amount of time with AI, starting with basics on prompt engineering, learning the tech stack, and playing with Gandalf AI for "hacking." Portswigger had some labs for harassing the chatbot.
  • Reading through WAHH. The material is dated and the content is now part of portswigger. The labs are as well.
  • Mentored a few people. That's been a blessing.

What We’re Grateful For

  1. Grateful for good health and mental clarity.
  2. Grateful for family this season. It has been a rough end to 2025.
  3. Although I don't have the finances in order, I can't think of a better way to spend the holidays than knowing things will get better.

What We Loved

  1. Loved that I was able to attend a great google meeting about AI and volunteered at BSides-NYC. That will be the highlight of 2025.

What We Learned

  1. Writing: Chapter "War Cry" [Status: NOT STARTED!]. Outline is done. Need to make time to put hands on keys.
  2. API Pen Testing: YNAB [Status: BLOCKED!]. The platform reached out to the project owner for follow-up.
  3. API Pen Testing Tutorial: [Status: IN PROGRESS!]. Learned a few new things.
  4. QA Day: API Automation [Status: DONE!]. Used Google Gemini to review my work and provide additional scenarios I had not considered.
  5. AI Training [Status: Not Started!] - Moved to next week .. so few hours in the day.
  6. Mentor/Mentee w. IMANI, Test Plan Lesson: [Status: IN PROGRESS!] Her submission required a lengthy conversation. Discussions of more lessons in the week to come this Sunday.
  7. Reading: WAHH Chapter 18 - [Status: DONE!]. Moving through Chapter 19 - Attacks on Server.
  8. Burp Suite: HTTP Header Labs [Status: DONE!]
  9. Burp Suite: API PT Labs [Status: DONE!]

What We Longed For

  1. With unemployment about to run out, my bank account nearing depletion, the longing for a great job is clear as day. Manifesting something happens with KAIZEN. Great pay, great job, great location. Fingers-crossed!

What We Loathed

  1. The pattern of getting hired > getting fired needs to stop!! I'm 50 and starting over ... UNACCEPTABLE!!
  2. THE JOB MARKET IN 2025. More layoffs have happened in the last six months, and corporate doesn't seem to be letting up. Nervous for 2026.
Posted by at No comments:

Sunday, December 7, 2025

Security Testing Journal Entry | w/e Friday December 5, 2025 - "Long December" Ed.


Highlights for the week

A post on linked in started me down a mental thought spiral. It posed a question: "ARE YOU RELIABLE? Can we depend on you to get the job done?" -- These words hit me like a mack truck and probably the source of why I've been in a Hire/Fire pattern. Thinking back, a lot of the reasons for why I've lost my many jobs can be boiled down to this word, RELIABILITY (or DEPENDABILITY). As I reflect on that I'm realizing the changes I need to make.

Although I've been out of work, I've been supremely busy. Started on a new API Pen Testing endeavor. AI is hot on its heels.

Mentorship has been the best blessing, however it's made me realize peopl work on their own schedules. Imani is progressing nicely. Luna is MIA. Nothing from Shree either.

What We’re Grateful For

  1. As always, I'm grateful for my family near and far.
  2. Grateful to be a mentor to my student, Imani. She's teaching me about myself.
  3. I'm truly blessed to have good health, a great mindset, and the opportunity to keep learning and improving where I failed. Work in progress, always!!

What We Loved

  1. Loving teaching QA.
  2. Really starting to appreciate my API Pen Testing.

What We Learned

  1. API Pen Testing: YNAB [Status: BLOCKED!]. The platform reached out to the project owner for follow-up.
  2. BBH! 2 Tickets created but declared "Not Applicable" - an open port that cannot be exploited further is not an issue.
  3. VAMPI [Status: DONE!]
  4. AI Training [Status: Not Started!] - Moved to next week.
  5. Mentor/Mentee w. IMANI, Lesson 6: [Status: DONE!] Her submission required a lengthy conversation. Discussions of more lessons in the week to come.
  6. Reading: WAHH Chapter 18 - [Status: IN PROGRESS!] Haven't really made the time to read. Been busy!!
  7. Writing: Chapter "War Cry" [Status: NOT STARTED!]. Outline is done. Need to make time to put hands on keys.
  8. Burp Suite: HTTP Header Labs [Status: TO DO!]
  9. QA Day: API Automation [Status: DONE!]. Leveraged Google Gemini to review my work, convert the test to proper Typescript notation. Tests pass intermittently, but not because the test code is bad.

What We Longed For

  1. As always, a good job with a steady pay check, working on cool sh***, with amazing people. Long-term: I'd love to be a part of project zero (Google).

What We Loathed

  1. Filed 2 Bugcrowd Tickets .. rejected. Seems like the moderators are consistently rejecting issues. That being said, finding them was fun. I tested the two issues to the fullest and learned a ton.
  2. Hate not having a proper income, but I don't hate NOT having a job.
Posted by at No comments:
Subscribe to: Comments (Atom)