Yes, I have no idea how to spell miselaneous, or whatever.
Finished up the OSCP a couple of weeks ago, and booked the exam for the semesters break. Feeling ok about taking the exam, not super optimistic, but definitely not bad. I feel like the key to doing well is thorough information gathering and going through things with a fine tooth comb. Which, unlike the more technical skills, isn’t really taught throughout the course. But alas. I left myself a week and a bit after my last assignment is due to brush up on some techniques, which I think I’ll mostly put to use by going through example blogs of old OSCP machines, and finding/adapting some good privilege escalation scripts, to really get a handle of the holistic aspects of a penetration test (because I feel pretty comfortable with the strictly technical aspects, but I will, nonetheless brush up on those a bit too). From what I’ve read there’s no real consensus on whether the exam is nothing to worry about, and doesn’t actually require pulling an all nighter, or whether it’s the most challenging thing I’ve ever done. But worst case scenario, I guess, is that I get a vibe for it and take it again after a bit more practice.
More recently, I’ve been focusing on a software capstone for uni, essentially a large, semester-long group project. We chose (from the given options) to create a stock portfolio management web app. So, users can create portfolios, add stocks to them, and see how their performance is tracking, with a clean, easy to use, minimalist user interface. We decided to use Django/React (who knows why). So I’ve spent the last couple of weeks doing everything myself, as group projects go. But it has been interesting, and I’ve learned a lot. I created a Django REST API, and a React front end and got everything to a functional state.
Fortunately, after having a meeting with the rest of the group this week, everyone else has decided that they are going to start working on the app as well, and we decided what we wanted to get done this sprint and who was going to build what. Since then I’ve updated that models to be closer to the data structure that we’ll need to get the main functionality working, and set the correct permissions on all of the API views. I’m optimistic about all of us getting everything we need this sprint done, so hopefully we have a clean, functional product by Friday week so we can start adding some extra features in the last sprint.
My Portfolio 