Friday, December 12, 2025

Security Testing Journal Entry | w/e Friday December 12, 2025 - "Six Months of UE, 2025" Ed.


Highlights for the week

So yeah! We're at six months of unemployment. The job market doesn't seem to be letting up. If fact, there seems to be a sinister correlation between laid off employees and surging stock prices. One could almost argue companies are incentivized to lay people off, especially in the Q4 business cycle (October - January) to improve their profit margins. The lie sold to investors is that the company is "profitable." The truth is far less rosy. Companies overhired back in 2019 and have been adjusting for those expenses ever since. Couple with the looming promise that AI is going to automate everyone out of a job, and you have a perfect recipe for a garbage end to 2025 and a worse 2026. And to make matters exceedingly worse still, the seven giant tech companies comprise 40% of the national GDP. They've entangled each other in a financial mess that threatens to take the entire economy down.

Where does that leave me? Who the f** knows. I am well past the grieving stages of my job loss to SI. Well past the shame and hurt of getting fired. I have spent these last six months reflecting on EVERYTHING: who I am; what I want, what I value most; what ever are my values; and how to fix where I failed. There was a lot I could be mad at with SI. In the end, I can't blame them for my performance. I can only take them to task for not getting the proper instruction or mentorship I was begging for. Somethings they did well, other things not at all.

These past six months have been nothing short of educational and productive. What isn't working so far is job hunting. 120 jobs, not one phone call.

  • Working on personal values and improving my self-discipline. Some areas still need work, but I have been getting better at faith, family, fitness, and finances.
  • June and July were healing months. I learned a lot about where I failed at SI, starting with my performance and lack of experience. There were things that weren't gelling and it's all my fault.
  • Burp Suite File Upload Lab: I revisited this to learn where exactly I bombed the job in May at SI. File Upload Vuln. learned exactly what I did wrong!
  • Continuing learnings on API Security testing. Learned about Kiterunner, a tool in Kali for API enumeration. API enumeration - Something I never learned at SI and how poorly I actually tested the file upload components when I found them. Stupid of me to have used the payload that I did.
  • First thing I did was learn the fundamentals of network pen testing. Network PT - my biggest weakness at SI
  • Started bug bounties. This has been instrumental in keeping my skills up and practicing my reporting skills .. Reporting - another area where I was weak at during my time at SI.
  • Continued my skills with software testing. U-Test is still a mess when it comes to moderating bugs.
  • Automation script in Typescript for E2E testing and APIs. Not the thing I'm strongest at but having
  • Spent a considerable amount of time with AI, starting with basics on prompt engineering, learning the tech stack, and playing with Gandalf AI for "hacking." Portswigger had some labs for harassing the chatbot.
  • Reading through WAHH. The material is dated and the content is now part of portswigger. The labs are as well.
  • Mentored a few people. That's been a blessing.

What We’re Grateful For

  1. Grateful for good health and mental clarity.
  2. Grateful for family this season. It has been a rough end to 2025.
  3. Although I don't have the finances in order, I can't think of a better way to spend the holidays than knowing things will get better.

What We Loved

  1. Loved that I was able to attend a great google meeting about AI and volunteered at BSides-NYC. That will be the highlight of 2025.

What We Learned

  1. Writing: Chapter "War Cry" [Status: NOT STARTED!]. Outline is done. Need to make time to put hands on keys.
  2. API Pen Testing: YNAB [Status: BLOCKED!]. The platform reached out to the project owner for follow-up.
  3. API Pen Testing Tutorial: [Status: IN PROGRESS!]. Learned a few new things.
  4. QA Day: API Automation [Status: DONE!]. Used Google Gemini to review my work and provide additional scenarios I had not considered.
  5. AI Training [Status: Not Started!] - Moved to next week .. so few hours in the day.
  6. Mentor/Mentee w. IMANI, Test Plan Lesson: [Status: IN PROGRESS!] Her submission required a lengthy conversation. Discussions of more lessons in the week to come this Sunday.
  7. Reading: WAHH Chapter 18 - [Status: DONE!]. Moving through Chapter 19 - Attacks on Server.
  8. Burp Suite: HTTP Header Labs [Status: DONE!]
  9. Burp Suite: API PT Labs [Status: DONE!]

What We Longed For

  1. With unemployment about to run out, my bank account nearing depletion, the longing for a great job is clear as day. Manifesting something happens with KAIZEN. Great pay, great job, great location. Fingers-crossed!

What We Loathed

  1. The pattern of getting hired > getting fired needs to stop!! I'm 50 and starting over ... UNACCEPTABLE!!
  2. THE JOB MARKET IN 2025. More layoffs have happened in the last six months, and corporate doesn't seem to be letting up. Nervous for 2026.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)