Logfile_dump Week 11/22

2022-03-20
3 min read

It has been a mindnumbingly busy week at work. Here’s some of what I did outside of it:

  • I got the BHIS zine in and cracked the cipher in their cipher issue. (Side note, I wish they’d put the issue number in there somewhere.) I managed to get into the CTF website, but didn’t try out the challenges in there yet.
  • I’ve decided that Go is going to be the programming language for me. From what I’ve seen between it and Python, I’m liking Go more so far. I won’t completely abandon Python since that will still be useful, but I like the idea of a compiled language. I’ve started some courses on Udemy to get up and running. Plus seeing all the tools by people like Tomnomnom and Project Discovery is inspiring me.
    • On a related note, I also found the podcast Go Time that’s been fun to listen to.
    • From now on, every time you read my blogs and there’s a word with “go” in it I need you to know that yes, I did chuckle when I typed it.
  • I got a few books this week: “Hacker Methodology Handbook” by Thomas Bobeck, “Red Team Field Manual” by Ben Clark, “Bug Bounty Bootcamp” by Vickie Li, and then preorders of “The Art of Clean Code” by Christian Mayer and “JavaScript Crash Course” by Nick Morgan.
  • Watched some more SC-900 and Net+ videos.
  • Started watching the web hacking course on ITPro.TV.
  • Redeemed my free certification voucher promo with eLearnSecurity, so within the next year I will be taking the eJPT! While I still firmly believe that I have not mastered the fundamentals enough to say that I’m good enough for it yet, I will be still studying for things like Net+, Security+, and the Portswigger Web Testing Academy.
    • I’m toying with the idea of having a blog series about the pentesting side of the eJPT course, where I create really crappy tools in Bash, Go, and Python to help go through the course (yes that’s a pun, it’s okay to roll your eyes).
    • I confirmed with INE via email that they are still having the course be accessed through VPN instead of their in-browser labs like the course has switched (Q: “I just had a quick question regarding how the eJPT is accessed. I know in the past it was done via a VPN connection, but many of your labs are switching to the in-browser desktop. Are there plans to convert the eJPT to a similar form as well?” A: “No, at this time, there are no plans to change the exams.”). While I appreciate INE trying to make their courses and labs as accessible as possible, I do also prefer using a VPN as opposed to an in-browser connection (this is the same for me even with Try Hack Me and Hack The Box). Knowing that there aren’t plans to change this does make me feel like I don’t need to rush to take the exam, as opposed to if they were changing I’d feel like I needed to take it before that change took place. End rant.
Next Logfile_dump Week 10/22