Work has graciously bestowed on me the gift of the INE Premier Pass. In there is the PTP course which preps me for the eCPPTv2. So I am gradually going through it, and I forgot how many slides there are. The class goes right into assembly, which is fine, but not too much fun. I hope there are more labs and this gets more fun. Because I am picking up little nuggets, but not a lot at the moment.
I have a year of the Premier Pass, so I suppose a year to go through the test, and I am going SLOW…. I need more “impact hours” on it. At least 1 hour a day. I can do this. If you are reading this, you can check out my notes.
I generally start listening to books, and if the book feels like it’s a wealth of knowledge, then I will buy a hardcopy. I did this for The Everyday Hero Manifesto by Robin Sharma, and I did it for this book that I am currently reading, The Wealthy Gardener by John Saforic. I can see why the criticism to the book in some ways – it follows the “Think and Grow Rich” mantra of the world is working in your favor, but it takes this to that a higher power is working in your favor, if you meet it halfway. Why not? I mean, I believe that there is more to life than we yet know, and all I know is my higher power has always been there for me. Jesus said, “With man this is impossible, but with God all things are possible.” Also, the lessons in this book about how to grow financially independent all make sense. I like it, and I think it’s a good book to at least read and think about :). So how did I come across this book? Well, I stumbled onto Kristina Karlsson’s podcast through Robin Sharma, she recommended the book, I picked up, and here we are. Check it out: https://wealthygardener.com/. You won’t be disappointed.
Yes, WordPress is a place for a slew of vulnerabilities and not really seen as a good place to showcase my “technical work” as WP is generally for newcomers and easy-peasy blogging. Well, one, I am fortifying this blog as much as I can to prevent it from getting hacked and two, I just haven’t learned GitHub yet. I’ll get there. Let me work through a few pen testing courses and in due time, I’ll move over. Rome wasn’t built in a day, everyone.
I feel like Moana – you know how the water called to her? Well, this may sound a little nerdy, but my OSCP journey still calls to me. It’s hard, like really hard. Mad props to all those who are flaunting their OSCP on LinkedIn – I am going to get there, but it’s been some time, and I need to refresh, not cheat through walkthroughs, and just focus. After some deliberation, I took a look at this comment from /u/Howl50vride and ultimately decided on The Cyber Mentor’s Practical Ethical Hacking Course to get back into it.
I think the course is a great place to take few steps back and just refresh. From there, I think I am going to pursue my eCPPT and then onto the OSCP again. I think a lot about my role now in cybersecurity, and I have decided that this will help it. It’s not perfectly aligned, but that’s ok. Who knows what the future will hold. I should follow my passion and see where the world takes me.
Robin Sharma’s books are great. Here is what I have read from him so far:
- Family Wisdom from the Monk Who Sold His Ferrari
- The 5 AM Club: Own Your Morning. Elevate Your Life
- The Secret Letters Of The Monk Who Sold His Ferrari
I am currently working on the The Everyday Hero Manifesto. The one that has changed my routine at least on a daily basis is the 5 AM club. This new book, The Everyday Hero Manifesto is powerful, and hard to put down. It’s full of great wisdom on how to lead a successful life on your terms and I highly recommend it. The main theme in it that I am finding so far is how to be a great person, and how to respect, honor, and appreciate the world we live in. It’s a beautiful manifesto to live by.
I hope you don’t mind if I steal a little of your doughnut. 🙂
I started the test on Friday, and just finished up this morning with a 93.5% passing rate. I am totally glad I decided to chunk this milestone into my Pen Testing journey!
Next, I think I am going to take some time to learn Git. I have this book, Pro Git, that I will go through a bit. It would be cool to develop some simple pen test tools and at minimum, understand Git. Then, back into PenTesting.
Offensive Security started an official Discord channel. On there, I found all the 31337s meme’s. Lol.
10 days till I take the eJPT and I feel pretty confident about it. I have done the three black boxes at the end of the course and they were a bit tricky, I feel like I have the fundamentals down after studying for the OSCP first. With the kids at home, work taking priority (gotta put food on the table) and other various things (running, reading, meditating, living life), I am finally at the point where I just need to take the test. I have heard to not over think it. I am not sure if I will go back to the OSCP (eCPPT, maybe?), or move on to more relevant certs in my current career path or not. Either case, I really, really like pen testing and it is really fun. I am currently pulling through wreath at Try Hack Me and having a blast.
Hell World –
Daylight savings begins today, which means it’s spring and the weather is getting much warmer. I took a bike ride with my son yesterday, and fell back in love with living in the city. I think a lot of people are – well, actually everyone, is pretty tired of being cooped up due to COVID. It was nice to see people out and about outside, but a bit cautious because we aren’t all vaccinated yet.
I joined an ISACA book club, and read “Hackable” by Ted Harrington.
It was a pretty easy read, but did highlight issues with application security – specifically black-box testing and app scanning. Basically, just scanning for vulnerabilities is not enough. You have to do application security testing. Also, never do a black-box test. You won’t get enough information, so white-box testing is the way to go. Overall, a good read, and I recommend it if you are looking for something light to read.
On another note, I am picking back up PTSv4. I don’t know why I haven’t gone for my eJPT yet. I think if I can get some more solid studying in – basically finish the black boxes, I will give it a go. Pen testing has been such a journey for me, but having the time to do it has been hard when the kids are up and about. I’ll get there!