Blog

There is a lot of uncertainty in the world right now. Layoffs are happening, stocks are on a roller coaster ride, and millions are quarantined in their homes. This is a good wake up call for people to start investing in themselves. Here is an inconvenient truth: The only person responsible for you, is you. This means that you need to continually invest your time and money to expanded thinking, more streams of income, and a greater focus towards self-improvement. The dividends of these investments are recognized in times of uncertainty. I have to practice social isolation for the next couple of weeks so here are some things I am doing (and maybe things you should be doing):

1. Reading: I don’t know for certain if reading makes you smarter, but I have never met a dumb person who reads on a consistent basis.
2. Cooking: I’ve been doing this since I began living on my own, but now I am starting to get exotic with it. This past weekend I bought/baked my first whole ham. It was an awesome (and tasty) experience!

3. Review your Finances: Make sure you know where your money is coming from, and more importantly, where it is going. A good place to start for financial freedom is using Dave Ramsey’s Baby Steps. Dave’s baby steps have changed my life.
4. Work on your career: I consistently put in 15-20 hours a week outside of work towards improving my cybersecurity career. I haven’t really seen any returns on this investment yet, but I know they are coming. Helen Keller once said, “Optimism is the faith that leads to achievement. Nothing can be done without hope and confidence.”

Don’t give up. Don’t ever give up.

-Pete C.

Hey everyone! I just realized I haven’t had a blog post in awhile so I thought I would give a quick update on the things I have been doing. I have so much time on my hands because of the Covid-19 quarantine.

Current Books I’m Reading:
– The Web Application Hacker’s Handbook 2nd Ed by Dafydd and Stuttard and Marcus Pinto
– Learning Malware Analysis by Monnappa K A
– Permanent Record by Edward Snowden

Web App hacking and Malware are two areas I am exploring. I always like reading technical books, probably because they are always filled with screen shots and code snippets. It is incredible what people are doing. Permanent Record is the most interesting/controversial book I’ve read in awhile. I like the book but I am conflicted on how I feel about different parts of the information. I also have A LOT of questions.

Current Projects:
– The Harvester: This is a tool on the Kali Linux platform that I have recently become interested in. I have a really cool feature idea for it that I thought of during an OSINT CTF that I was doing. I really need to sit down, fork the code, and get working. I also need to brush up on my Python for this.

– US Cyber Challenge: This challenge is an online competition for those looking to increase their cyber skills. The top challengers get invited to a week long cyber camp at different locations in the United States! I did it last year and had an absolute blast. I’m definitely doing it again this year. More information can be found here.

– Home Lab: I’ve decided to build an actual home lab because it looks fun and it will improve my cyber security/IT skills. I’m currently collecting hardware and ideas for it. So far I have a server, firewall, and a few computers harvested from friends and work. I’m still deciding on what exactly what I want to do, but I’m seriously contemplating the idea of just building a mock corporate LAN where I am the Network/Sys Admin and Cyber defender. This would help me improve on vulnerability management, AD, and writing policies like DRP, Acceptable Usage, etc. If you have any ideas, please contact me.

Current Toys:
– Proxmark Pro by Rysc Corp: One of these things fell into my lap and it’s been so cool! It’s a device used to identify and exploit RFID and NFC systems. I’ve been tasked with playing with it, get it up and running, and create a user’s guide for it. It’s incredible!

– DSTIKE Deauther Watch: I’ve been researching one of these lately and it looks pretty cool. I’m tempted to order one. I recently discovered websites which are essentially maps of wireless networks around the world so these two things could pair nicely. I’m starting to form an idea on a program which could utilize these things. I think it could be a nice red team tool.

What I am Studying:
I’m still studying for the (ISC)2 CISSP exam and I am still on schedule to take it sometime late this year. I just hope the testing centers will be open again by then. It can be hard to find time for this so I started the habit of waking up at 5AM and studying from 5-7 every morning. I think it has been really effective: It’s so quiet and nobody/nothing is awake to bother me.

And that’s it! This is what I have been doing lately! Hopefully it won’t be so long until I post again!

-Pete C.

I have my first CTF competition of 2020 coming up and I’m super excited! This one is an OSINT CTF for missing persons sponsored by TraceLabs. I don’t know much about OSINT which is why I’m really excited for it. During the last couple of days, I have been just pouring over information, finding popular tools to use, reading and learning about what other people do, and just getting familiar with the whole aspect of sneaking around the internet trying to find information about people. I had an idea for a python script which might automate some of the searching so I might have to warm up my coding fingers! I have no idea what to expect for this kind of CTF since the flags are not pre-hidden so it should be interesting! I’ll have to write up an after action report about how I feel about it.

While I don’t believe you should start making changes to your life simply because it is the beginning of the year, I do get hyped up every January. I get excited because I find so much potential in the year ahead. There is so much potential for success and happiness in the months ahead and I believe everyone should capitalize on it in their own way. 2020 (and every other year) is going to be my year, and there is going to be a lot of personal development happening. Some of my top goals this year in no particular order are:

-Read at least 20 books: This should be an easy one. It’s January 2nd, and I’ve already finished one
– Be conversational in Spanish: I’ve been studying Spanish off and on over the last year and I think I’m close enough to be conversational. It would be nice if my Spanish tutor would practice with me more though. (I hope she sees this)
– Have a better faith life: I’m cradle Catholic, but my faith has been weak so I need to step it up.
– Setup a home lab: I’ve always wanted to do this and I finally have the money and enough knowledge to put something together. I attended a really cool talk on building a SOC using only open source tools and it inspired me to build a home lab. The talk was purely conceptual, but I am interested in actually implementing something like that.

I hope everyone has a great 2020 and an even better decade. 2020 is the year of vision and I hope everyone tries to maximize their potential.