Admin Update

on under Admin
2 minute read

We just had a giant winter storm in Texas, which knocked out a lot of electrical infrastructure. Coldest weather temperatures in the past 100 years, I believe.
I took a week off. Then another week off. And this next week would be the third week off.
I have been taking time off from studying in the evenings partly due to being burnt-out from work at a high-volume MSP, and partly because I want more time with my family.

During this time not pushing forward n development, I have been thinking about methods, thinking about core motivations, and thinking about how painful but nice it is to be doing “nothing.”
I feel very conflicted about doing nothing, because even while doing nothing, in my mind I am still doing something. There are always these nagging thoughts about how I can improve this, cut the fluff out of that, etc.
It doesn’t help that I continue to read through subreddits related to hacking and OSCP prep.

I have realized that I need more of a methodology to streamline my actual learning.
I need to drop taking notes for each course I study through, and instead migrate all data into a core run-book.
Run book should include everything I should do and have done, ever.
Every time I learn something new, I need to add it to the run-book.
I need to create a template directory on my hacking laptop, with a run-book within it.
Every time I decide to attack a new box, I should be able to just copy the directory as box name, and get straight to work.
I should be merging that run-book every time I own a box, so that I’m collecting that data.
I need to start book-marking every single resource and repo I’ve gone back to more than once, and organize it for reference.
I also need to tweak my Autorecon config, then commit it to my github.
I should also template my blog posts.
I should also create a template for write-ups, so that I can go back through boxed I’ve pwned and write them up with repeatable commands, but also with thought process included.

I have also been thinking that I need to reach back out to local pentesters and ask specifically if they’d want a fresh co-worker to have a CCNA.
I could do eJPT then CCNA, or vice versa. I might be ready for eJPT already, but I have this entire year for development for my first Cyber Security job.
I know that Security+, Network+, CEH, and 2 years of Level 2 experience are not enough for even intro Cyber Security positions.
But Security+, Netowrk+, CEH, CCNA, eJPT, 3 years of Level 2 experience, and 50 System Owns on HackTheBox might be enough for an intro Cyber Security position.

First thing is first…I need to revisit the very foundation of my learning and lay down some SOLID methodology. After all, I am not merely pitching a tent.

comments powered by Disqus