Stepping Up My Game: A Week of Learning, Building, and Experimenting
The rhythm of life has always brought to me a series of opportunities, challenges, and moments of epiphany. This week was no exception, as I dived headfirst into the whirlwind that is SANS, specifically the GFACT course.
SANS, with its reputation, is already an intimidating undertaking. But right from the get-go, the GFACT course had me intrigued and engrossed. The "OHHHH" moments, those sudden, gratifying flashes of understanding and clarity, began almost immediately. There's a unique sense of satisfaction in realizing that what might seem simple can often be foundational. It’s these foundational concepts that pave the way to understanding the intricacies of more advanced topics. And while ASU's CSE-110 course also kicked off this week, my attention has been primarily on SANS. ASU will have its moment in my calendar soon, but right now, I'm immersing myself in the depths of GFACT.
However, the learning didn’t stop there. As someone who struggles with the ever-elusive attention span – let's be honest, 30 seconds feels like a marathon at times – I found a new way to challenge myself: converting my MacBook Pro 2018 into a Proxmox server. This endeavor wasn't just about tinkering with a system but creating a space for experimentation. Despite some initial hiccups (like a network interface that seemed to love going in circles), the satisfaction of viewing my creations on the Proxmox dashboard felt, for lack of a better comparison, very "pug-like" (a nod to my VETSEC pals). With ISO images uploaded and pfSense up and running, my roadmap includes configuring the system, ensuring it's fortified against potential attacks, setting up a malware lab, creating "victim" boxes for penetration testing, and perhaps revisiting the intricacies of Active Directory.
But wait, there's more! In the pockets of time between these immersive activities, I've embarked on a project that I'm genuinely excited about: SaintNSin. This self-curated lab guide aims to simulate a cybersecurity incident within an Active Directory environment. By weaving in both blue team (defense) and red team (attack) techniques, SaintNSin offers an experiential learning journey. From crafting and deploying malware to executing incident responses and diving deep into malware analysis, this guide promises to be comprehensive. But that's a story for another day, or perhaps another blog post.
So, as I juggle, learn, experiment, and sometimes stumble, my journey continues, and I invite you to be a part of it. Whether it's a tip, a question, or just a simple hello, your interaction enriches this adventure. Until next time, keep learning, keep experimenting, and most importantly, keep having those "OHHHH" moments. They truly are the best.