My current state of affairs
By Mark
Published: 2023-10-25
Thanks for checking back into my site. I have abandoned this for a couple months while I keep job hunting. Life gets busy, as you all know, but I have been working on making myself more, I guess, marketable? More so, I have been trying to nail down a more specified field in this massive industry.
Security
I have been playing around with my home lab, running some VMs with pfSense, Metasploitable, Ubuntu and Kali. This has been super fun; I’ve been working with HackTheBox and a couple of books for hands on learning and getting familiar with the most common tools. The two books I’ve been using for hands on practice are Ethical Hacking by Daniel G. Graham and Python for Security and Networking - 3rd Ed. by José Manuel Ortega. For more general knowledge I’ve been reading Threat Modeling: Designing for Security by Adam Shostack.
I really have enjoyed jumping back into GNU/Linux environments since it’s been a while since I’ve used them. Since most of my boxes are a little old, I consider running multiple VMs on them as an extreme form of stress testing them. A few years ago though I got my hands on a cheap little Asus netboook, which could barely run Windows 10, but still was marketed as being capable of running Windows, albeit barely. First I threw Ubuntu on it, since that was what I’ve worked with in my AS program, but even Ubuntu was too hefty for the little guy. So the search began for a new distro. I’ve played around with Kali, and enjoy it, but since I already had several VMs with Kali, I wanted to branch out and test others. I settled on Parrot OS Security, and let me tell ya, it’s been a dream so far. It’s lightweight and built on Debian so I’m pretty comfortable with it already. I have found, I really like the MATE desktop environment (I know, it’s essentially just GNOME 2) since it’s not as heavy as some of the others, looking at you GNOME 3. My little guy does not struggle running a bunch of processes like it did with Ubuntu, also not having Snap is so nice.
As is the most common case, I’ve been using Python exclusively in my exploration of security. Python has nice libraries, like scapy which is the most recent one I’ve been getting comfortable with. I’ve been playing around with ARP; spoofing, spoofing detection and MAC flooding. Of course, Wireshark and nmap have been my go-to’s for recon. At this point, I am most definitely a script kiddie, but that is changing.
Data
Honestly, I didn’t expect to love working with data as much as I have. Data reporting, like KPIs and demographics, has been a blast to dig into, though, frustrating at times. That frustration has mostly come from the fact that most reporting services available are either super expensive or overly complex for the needs of the project I am working on. In my internship I’ve been working on creating a reporting dashboard and I have had two main concerns, price and complexity. Price is a major factor since the client is a non-profit so funding is always an issue, and complexity is the other since I will be handing this off to incoming interns to maintain. I would prefer to not have a future intern getting overwhelmed with the size and complexity of a reporting ecosystem like PowerBI, though arguably, PowerBI is one of the best out there. Free options are out there, but since our stack is using .NET Core 6, it has been nigh impossible to find packages that work with .NET Core 6, since Microsoft likes to abandon projects. The closest I have found that could work would be something like eazyBI from Jira since we are using Jira as our project management suite. Both of these would have a decently steep learning curve, so I was hoping to set and forget this dashboard (for the most part). Long story short (not really), I decided that SSRS and a Report Server would be the easiest and most cost effective for us to use. More details to follow
Leetcode
This one is self explanatory. I just need practice questions and leetcode seems to be the most popular offering used in interviews, and another developer recommended this it as well. On top of leetcode I make probably the best purchase of my life, Cracking the Coding Interview by Gayle Laakman McDowell. She’s a powerhouse of knowledge. So far I am digging it.
Extras
And between all of this and AFK life, I am still trying to work on my own projects. The one I’m currently working on is a sudoku app. I have a probably unhealthy obsession with sudoku, and specifically the version made by the NYT. I just love their interface more than the dozens of other sudoku apps I’ve tried. My goal for it is, cross-platform using .NET Core 7 and Avalonia (on MAUI) for the UI. Right now I am working on my backtracking algorithm to solve, which will aid in actually creating a uniquely solvable puzzle. Haven’t had as much time to work on this one as much as I would like, but, such is life, and as much as I’d like it to be easy, hard work is how you make your luck in life right?
Cheers, thanks for reading my ramblings.