2022 January review

3 minute read

Monthly reviews are a collection of posts where I try to review the previous month and set the expectations for the upcoming month. Not only it helps me keep track of what I have on my plate, but also works a public record of things I have done and achieved, both on a personal level and in my profession.

The year started off with me getting sick. The first week was mostly wasted due to recovering from COVID-19 infection, while the others were super fast-paced with an increasing needs at work.

In the end, I think this month was productive, although I failed some of my personal objectives for it - like preparing for OSCP or finishing “Serious Cryptography”. The latter was mostly because I was expecting some more practical content. I do know things inevitably get so as the book unfold, so I will probably force myself to continue where I stopped.

As for OSCP, I already knew this was going to be an ongoing process. After their announced changes in December, I definitely need to change my plan to include AD - which is an area I always neglected, shamefully.

From this post onwards, I’m deciding to drop the “Major” out of the “Achievements” sections. Major or minor, they are all achievements. Embrace celebrating the minor wins too!

Achievements

  • Started now working on big projects that will have impact throughout the company. At this stage, I should not really reveal any other detail but I will surely be coming back to this, to at least think about conclusions, lessons learned and struggles. It is going to take months for sure, if not years, so I hope I still keep this practice of regular writing.
  • Wrote a good piece on account takeover prevention in this blog. Modesty over 9000, I know.
  • Migrate my site’s default branch to main to follow industry standards.
  • Got my first contributor in pmz. Good feedback and was a good opportunity to get motivated to push some features to it. Thanks a lot - very humbling experience really.
  • Finalised a fully-integrated SAST ecosystem on top of GitLab. It was quite challenging, as we had some unexpected problems to deal with. Sometime, if allowed, I’ll write a more in-depth post about it.
  • Read Seth Godin’s “The Practice” book and it is kind of forcing me to rethink how I approach work, the battles I chose to tackle and most of the fears I struggle with. I will be testing some ideas and values this book talks about to see if it helps me deal with imposter syndrome, fear of failure and general stress to get to the results.

Plans and Next Focuses

  • As I have been using pmz more often at work, I noticed essentially two problems I need to tackle: Linking notes with each other and searching. Definitely need to start adding the necessary features for a better searching, like searching for tags or contents in the text. The latter will probably require concurrency to speed up this process, otherwise as the number of notes grows it would take forever.
  • Depending on the workload I am going to get, I wanted to get back to developing web application skills. Need to practice some payloads, this time focusing on PortSwigger Academy. The goal is to start getting more used to test and modify known payloads for actual testing scenarios.

comments powered by Disqus