Category Archives: Uncategorized

It has been almost a month since my previous post, and a lot has happened.  I won’t bore you with the details, but I decided to begin working on my PenTest+ certification.  I was renewing my CEUs for Security+ and realized this was a great time to capitalize on the momentum of finishing up my MS in Cybersecurity.  My original goal was to pursue my CISSP at the end of my program, and while I still intend to sit for my CISSP, I will be doing the PenTest+ first.

This post isn’t a comparison of the two (apples and oranges) or even a discussion about certifications and what certs you should be getting.  There is plenty of content out there about what cert to get; “this one vs. that one”, where to start, what job I can get with X cert, and so on.  Maybe I will cover my thoughts on certs more in-depth in a later post.  My general feeling towards certs is to get the ones your want!  I believe that if you enjoy what you are doing and are passionate about it, success will follow.

That leads me to the reason I am pursuing my PenTest+.  I don’t need this cert for my day-to-day job or to advance my career.  Other Penetration Testing/Ethical Hacking certifications, like OSCP, the gold standard for penetration testing, and CEH, require a much more significant financial investment.  In my situation, it just doesn’t make sense to invest that time and money into these certifications at this point in my journey.  The PentTest+ has the added benefit of being a CompTIA certification, so my CEUs should be easier to manage, and it is a DoD 8570 Baseline Certification. 

As of right now, I am using the All-In-One PenTest+ study guide from McGraw Hill.  If you decide to start studying for this exam, make sure you are reviewing for Exam PT0-002.  The test was recently updated, and there is a lot of review material for 001 still on the market.  I don’t believe there are a lot of differences, but to improve your chances of passing, it is always best to be reviewing the most up-to-date content.  I have also been working through the PenTest+ learning path on TryHackMe.  I need to focus on several areas: wireless attacks, mobile device/application testing, and web/database attacks.  In addition to these areas, I need to brush up on scripting skills and tools like BurpSuite and Hydra.

My goal is to sit for the exam by the end of May, but I may have to be more realistic about my expectations.  I am in the middle of a move and still working on completing a professional development course.  And because this isn’t a requirement, my studies often take a back seat to other priorities.  I don’t want to wait too long, though, as the skills I have learned over the last two years will surely atrophy if not used.

The cybersecurity community boasts one of the most inclusive and welcoming professional communities that exist.  I offer this site as my humble contribution to this great community.

Over the last two years, I have spent countless hours learning about various aspects of cybersecurity.  Most of the time it didn’t feel like I was making much progress.  There is just so much to learn and so much ground to cover when it comes to cybersecurity.  I would soon come to learn, that there are no experts in cybersecurity. 

Two years ago, when I began working on my Masters in Cybersecurity at the University of Texas San Antonio (UTSA). My experience in cybersecurity was limited to a basic understanding of Wireshark and running basic Nmap scans. I must admit I was feeling nervous going into the program. Although I have an undergraduate degree in Management Information Systems and two industry certifications, I was feeling inadequately prepared for the technical challenges that lie ahead. 

                Fortunately for me, and anyone looking to get into cybersecurity, there is no shortage of resources available for learning the craft.  It is a bit overwhelming though deciding where to start and what resources will suit your needs best.  I have garnered a decent collection of resources over the last few years and have provided some of them on my Resources page.  My aim is to update this page frequently where it will ultimately serve as a collection point for various resources on a wide range of topics and ideas. Similarly, I have provided a Tools & Syntax page. With all the available tools and their wide range of applications, it is difficult to remember what to use, when to use it, and most importantly HOW to use it.  This is where the Tools & Syntax page earns its keep.  The page is not all-inclusive and is only a reflection of the tools I have used and have experience with.  It serves mainly as a journal of sorts to help document different tactics and techniques I have learned and can refer to as necessary.  

                Mainly this site serves as a personal portfolio and reference page for my journey in cybersecurity.  I share it openly in the spirit of a free and open internet. Thank you for visiting and I hope you enjoy the content provided.

WordPress is not as simple and intuitive as I thought it would be.

I am looking forward to the challenge of learning WordPress and adding it as another tool to my toolbox.

My Blogging Journey Begins

I have decided to begin documenting my journey in cybersecurity. And although my journey started several years ago when I downloaded and installed Kali Linux for the first time, I have not taken a deliberate and dedicated approach to improving my skills. As I approach the completion of my MSIT Cybersecurity degree from the University of Texas at San Antonio (UTSA) I have decided to continue my journey in cybersecurity and aim to improve my technical skills with the help of sites like Try Hack Me (profile is linked below).

Here is my public Try Hack Me profile. Footec02

Let’s see where this thing goes!