Tech Xombie

Hurray, I am starting my webdev learning journey, to document my security journey! It sounds like a lot of work...because it is. That is why this looks like shit right now!

Below are some of the things I am studying and my gameplan:

• Pentest+ (Rewatch Jason Dion training, do some Mitre training, review concepts on THM that are unclear; schedule exam)
• Python! (What in Python? Well I need to start somewhere, so I am planning on finishing the Python for Kids book)
• Hack the planet! Jk. But I did order a WiFi Pineapple to help me get some practical use out of some skills. I love working with hardware and in tech I think this was my are of speciality so revamping my physical toolkit will naturally be fun.
• Make this site actually look nice! Create a wiremap, mess around in codecademy to remind myself of what tags I need to use where and when to fight with css and javascript.
• Learn Splunk better...this is more of a work related goal, but I feel like professionally it will help me more quickly navigate the syntax of varied query languages. I am fairly ok with JQL (Jira Query Language) already,so this should translate a bit...fingers crossed!

No concrete dates for any of these items yet, but I think it is safe to say that this will be an annual group of goals and I would be happy to rock any one out completely.

And then there is Philly's site: Philly

XSS

Populating alerts, input validation vulns, and video training, 20230205

Just discovered https://xss-game.appspot.com/ which is a fun cross-site scripting game developed by Google! I have been messing around with it this morning and also ran through a few lessons of Jason Dion for my pentest+. Getting some of the practice in this morning!

This week in having too many overlapping goals

THM OWASP TOP 10 Vulns 20230204

Busy week! I spent some time this morning completing another room in THM. It went over the OWASP Top 10. Taking a lot of notes and I need to review them. Tomorrow or later today I will spend some time reviewing my Jason Dion content. Today is just a pentest+ type of day. Will try to fit in some more structure tomorrow.

Tech Xombie - bringing the learning back to life

BurpSuite, 20230128

Ran through the tryhackme for Burpsuite Repeater - it is pretty rad. I was able to setup the FoxyProxy to intercept all traffic as needed and then sent to the repeater. I was able to modify the GET requests and send them to capture them flags. I need to do some PortSwigger training though. Following along with exercises is easy but not as helpful to sink it all in.

About Me

Image

Tech xombie, bringing tech back to life!

Popular Post

Image

Image

Image

Follow Me

Some text..