Security Testing Journal Entry | w/e Friday May 17, 2024 - "Dankful" Ed.

Highlights for the week

As it happens, this was a great week full of a bunch of small wins coupled together. Sure the job hunt continues, but there's a lot to be hopeful about.

What We’re Grateful For

1. Having friends in important places to provide meaningful feedback.
2. Having a mentor also providing great feedback.
3. Having a roof over my head, food in the 'fridge, and a bed to sleep on.
4. Grateful to have the energy to make it another weak UE.

What We Loved

1. As always: the small wins, the grind, and the persistence to push through the hardwork, even when it feels frustrating at times.
2. Looking forward to this week's onsite test.

What We Learned

1. Automation, pt. 1 - Appium with Pytest: It took a couple of days and several hours of research before finally putting together a comprehensive suite for testing android and ios apps on mobile. On to the testing! Blog in the works!!
2. Automation, pt.2 - Successfully migrating security tests to new repo. Now for the tedius decoupling from the target project to make it more portable.
3. Pen Testing - moving through my current project, but going through Cybrary lecture. Learned some really interesting things. More to come.

What We Longed For

1. A good job
2. More time! My writing has taken a back seat to ongoing projects and shifting priorities.

What We Loathed

1. Lack of response from jobs I've applied to. The grind is getting old!
2. Trolls on reddit! Getting downvoted for being right and contesting a crap statement is the worst thing about that forum.

Security Testing Journal Entry | w/e Friday May 10, 2024 - "Mother's Day" Ed.

Highlights for the week

Another cool on-site test engagement this weekend. Pretty excited about that. Security automation tests in python - the project is coming along nicely. Seeing my mentee accomplish another interview .. amazing!!

What We’re Grateful For

1. As I've stated before, always grateful for health, a roof, bed, family
2. Grateful that I get to wake up and tackle the day head-on
3. Grateful to be constantly learning

What We Loved

1. A new pen test engagement .. always fun. Grinding one day, one test at a time!

What We Learned

1. Cybrary - Pen Testing: Thought it was going to be a waste of time .. boy how wrong I was. Learned some fun things.
2. U-Test: Learned a little about API testing and more.
3. Automation: Azure {paused; trial expired}. Security + Python - working like a charm
4. Burp Suite: Fell behind on "Race Condition" tests. Need to finish next week.

What We Longed For

1. As always, need that good job

What We Loathed

1. Lack of response from recruiters. They reached out to me, I responded, then crickets!

Security Testing Journal Entry | w/e Friday May 3, 2024 - "May the 4th Be With You .. Always!" Ed.

Highlights for the week

Mildly uneventful week. Managed to complete another pen test, completed the refactor of API security tests, and kicked off a campaign to automate some manual pen tests. Overall, a pretty good week.

What We’re Grateful For

1. Happy that I got to add another pod/live stream to my menu, this one deals with Cybersecurity news!
2. Grateful for good health and well-being
3. Grateful to have a full refrigerator (despite the absence of income)
4. Grateful for another month with a roof over my head
5. Thankful that a recruiter reached out to me and forwarded my application (finger's crossed)

What We Loved

1. Mom's birthday - we're talking. She still has yet to acknowledge what she's done, but I'm not one to hold grudges.
2. May is great for "Star Wars Nerds" (5/4) and Cinco De Mayo! As well as Mother's Day!

What We Learned

1. Automation - Learned to refactor API tests using Clients and improved syntax
2. Automation - Learned to write automation tests for DOM-Based XSS and Stored XSS .. more to come
3. Security - completed OrangeHRM Pen Test. Really happy with how the report looks and the progress made. Next week - mobiles!
4. "Husb..." - another week gone and no writing done. Gotta fix that and finish this.

What We Longed For

1. Need a job

What We Loathed

1. The lack of a job

Security Testing Journal Entry | w/e Friday April 26, 2024 - "Spring Cleaning & Healing" Ed.

Highlights for the week

Stepping out of my comfy zone to post about a project, warts & all (lesson - have your ducks in a row); tested IOT devices - awesome!; learned iOS Mobile (lesson - need to improve lab); Part of my personal spring cleaning (see "What we learned)

What We’re Grateful For

1. Gratful the moon woke me up early, which meant I got a good night's sleep and feel awesome! Was also productive
2. Grateful for having a roof over my head, a full fridge, and good health
3. Grateful to be humbled by learning new things and making rookie mistakes
4. Grateful for meeting my personal, professional, and fitness goals this past month!

What We Loved

1. New opportunities testing IOT devices

What We Learned

1. Learning to take action, especially when its difficult or challenging .. may result in a win or not!
2. Learning to get rid of limiting beliefs & pick up affirmations
3. Working on getting rid of old habits & pick up new "good" ones
4. Tough week for getting anything done. Pen testing is behind schedule.
5. Finally got Azure working. Learned there was a request that needed to be made, probably to prevent bit mining.
6. Posted API security automation test and was met with some great (humbling) feedback. Note to self - make sure to be 100% perfect before going live!
7. Spent last weekend with iOS DIVA. Need to set up my framework to test better.
8. "Husb ..." {paused} -- been a hectic, productive week for QA testing

What We Longed For

1. I said it last week, and I'll probably keep saying it ... a good job, with great pay and benefits, working with cool people, doing cool sh**

What We Loathed

1. Unemployment sucks!
2. Ghost jobs suck!
3. Feeling like I'm never going to get a job ... definitely sucks!

Security Testing Journal Entry | w/e Friday April 19, 2024 - "Connections, Old & New" Ed.

Highlights for the week

Made a new connection, have similar career paths; helped an old connection w. work; mentee is frustrated; gratitdue section to template

What We’re Grateful For

1. Happy that my wife & child are in good health
2. Grateful to have stamina and good health to work out
3. Happy that I get to have a great pair of mentees
4. Thrilled that, while I'm not working, I get to work on what I want to do with my career

What We Loved

1. Finally got Android and iOS DVA working. Successfully finished Android, on to iOS!
2. Also getting around to API Security Testing

What We Learned

1. Blogging - building an audience is goign to take time, but I'm proud of the work
2. Android Pen Testing
3. iOS Pen Testing (in progress)
4. API Pen Testing - managed to successfully complete 9 of 10 tests. The 10th didn't apply.
5. Web App Pen Testing (in progress) ... pushed to next week, maybe longer!
6. Azure DevOps - blocked! Sent request for parallelized testing
7. U-Test - Voice Assistant Testing; PII; Capture Crash logs on iOS/Android devices
8. "Husb..." - need to wrap this sucker up and get back to the real book

What We Longed For

1. As always: a proper job, pay, benefits, cool people, great location

What We Loathed

1. Nothing much to be angry about. Keeping it positive!

Security Testing Journal Entry | w/e Friday April 12, 2024 - "Eclipse" Ed.

Highlights for the week

This week was a mixed bag of highs and lows. A couple of notable highs include a solar eclipse that happened at the top of the week, and a 4.8 earthquake that shook my desk for a few seconds.

Some lows include having to turn down a TesterWork job. Not sure how long I'm keeping them, but until I land a job, I'll have to play the game. Another low was the struggle to get my ios app pen testing environment up. That took up most of my Thursday, and ate into my other tasks.

What We Loved

1. A big win! Finished another pen test. Sent that draft to my mentor for review, waiting on feedback.
2. Another win! Got my environment set up to do mobile app testing.
3. Loving the results of my workout. Need to eat better, but seeing some progress.

What We Learned

1. Automation - Finished Cypress and jumped back into playwright with python, finished automation for that form.
2. U-test - finished modules regarding testing, tickets, and capturing the evidence.
3. Azure DevOps - tried to deploy my project but got blocked by the need for a subscription. Will revisit again next week.

What We Longed For

1. As always, patiently wating for that job. ZERO - jobs applied to this week.
2. "Husb ..." - didn't get much writing done this week! Longing for more time. Priorities took up most of the week.

What We Loathed

1. Need to get more disciplined. Been procrastinating a teenie bit.

Security Testing Journal Entry | w/e Friday April 5, 2024 - "Pr-Eclipse" Ed.

Highlights for the week

So yeah! We are having an eclipse on 4/8. There was also a 4.8 earthquake on Friday (the day of this journal entry). Thankfully, no one in the family is hurt and there was no damage to anything anywhere. Other than that, a fairly quiet week. Not a lot to report.

What We Loved

1. Another successful week of learnings.

What We Learned

1. Linked In Learning: Completed OWASP-Top 10.
2. Linked In Learning: Completed Threat Modeling fundamentals
3. U-Test: Signed up and started some of their tutorials. I feel like there's an issue with their "Bug Report" practice module.
4. RemoWork: Deleted that account. Nothing came out of it.
5. Azure DevOps: Finished the modules. Need to deploy my practice site.
6. Cypress: Need to finish some front-end tests. Need to play with the API tests
7. "Husb...": New chapter around D's origins.

What We Longed For

1. As always: a good job, a good paycheck, working with great people

What We Loathed

1. Phoniness on social media, namely linked in. You go and help people, no kind of a "thank you!"