This Week’s Recap

Hello. It’s been a while since I’ve had the time to publish one of these roundups. I’ve been incredibly busy doing cool things but I hope to get back to publishing these every week. Here are some of the things I’ve done in the last few weeks that have taken up most of my free time.

• Released AutoDeploy which is is a tool written in 100% bash that allows for extensible synchronization of configuration files, auto installation of programs your commonly use, and allows for git-like pull/commit.

• Started learning Rust

• Pushed a major update to this site to make it a little cleaner.

  • Although I’m running into so limitations with hugo that I will need to address soon…

• Attended Wild West Hackin’ Fest: Deadwood

  • Volunteered for BB King’s modern web app pentesting class
  • Had an incredible time talking with tons of great people

• Started doing contract pentesting work

  • This has been something I’ve been wanting to do for a long time. I love the freedom associated with contact work.
  • I would love to expand this to other “consulting work” in the near future. Ideally I would love to help small-medium businesses for a drastically cheaper price than you get going to a larger consulting firm but we will see what happens in the future. (Reach out to me if you’re interested, would love to talk)

• Passed my GDSA exam. This was surprisingly one of my favorite certs/classes I’ve taken so far.

• Additionally, I spent a lot of time trying to figure out the best way (for me) to teach myself many of the skills I want to learn. I watched and read a lot of material on this including this fantastic video by @mttaggart that heavily influenced what I finally settled on

  • I will probably write a full blog post at some point, but at a high level, this is what I landed on for now. It will likely change
  • Essentially I’m listing every technology I want to learn, the depth at which I want to learn it (based off of Bloom’s Taxonomy), the time commitment required, and the (mental) bandwidth required. The idea is that learning something like Rust at a deep level will take a lot more time and effort than learning what terraform is.

  

10/24/2022

• Decided I should take a break from the internet for a bit while I focus on studying.
• I finished reading book 3 of GCED.
• Currently I have 4 certs/trainings I’m focusing on.
  • GCED -> I’ve been waiting to take the exam due to other external factors that I’m sure I’ll discuss at some point…
  • CISSP -> I’m signed up for the Antisyphon/Professionally Evil CISSP mentorship program and have been trying my best to keep up with the readings each week. I have found that my personal preference is that I would much rather read material from a textbook than have it presented in a lecture format.
  • GXPN -> I’ve gone through the training class but I do not absorb information well through watching videos. I will need to spend alot of time in these books/labs because it is very low level material.
  • OSCP -> The good ole OSCP. My lab time ends on Halloween. I’ve done a handful of labs but I have so much going on it is difficult to justify spending hours working on these labs.

10/25/2022

• Finished reading book 4 of GCED

10/26/2022

• Finished reading book 5 of GCED
• Finished creating an index of GCED book 1 using my SansTerminalIndexer program.
  • Speaking of SansTerminalIndexer, I pushed an update that fixed a lot of little bugs and updated the UI. This tool is one of my secrets for getting through so many certs so quickly.

10/27/2022

• Finished creating an index of GCED book 2 and 3 using my SansTerminalIndexer program.

10/28/2022

• Finished creating an index of GCED book 4 using my SansTerminalIndexer program.
• Wrote my first rust program by following along with this tutorial to make a very simple chat server. I will say that this video was incredibly hard to follow due to the amount of VS code nonsense going on…
  • 

10/29/2022

• Finished creating an index of GCED book 5 using my SansTerminalIndexer program.
  • Compiled my index into a printable CSV with color coding. Ideally I would like to add this as a feature to STI, but that will have to wait until I get more free time.
• Took a 20 question practice test from the CISSP books just to see how I did. I scored a 75% which isn’t too bad considering I’ve only gone through maybe 20% of the material.

10/30/2022

• Tabbed out the books for GCED.
• Took the first practice test for GCED
• Published this roundup :)
• I’ve found that creating a Gantt chart is really helpful for me to track my progress in certifications. This is an example of my tracking for the GCED cert that has had most of my attention this week.

Note that book 2 is not included in here because it is basically “intro to pentesting” which I didn’t feel like I needed to read cover to cover :)

Have any questions

Happy new year! Do you have any questions? Feel free to reach out to me on twitter. See you next Sunday. :)