The Insider Weekly #17 - Full-time Pentesting | Close Call with a Grizzly in the Wild

Cristi

May 8, 2023

It’s been a month since my last post. Up until then, I wanted to voice out once a week for the Insider Weekly, but then I got a boatload of pentesting work and a lot of time away from the keyboard, so I naturally steered away from writing.

Insider Weekly isn’t going anywhere because I like writing (I’ve been writing for 12 years now). However, I’m going to do it on a non-predetermined frequency.

So, what’s been going on?

First, I took my hands off SecGPT. I might discontinue the project altogether and keep it offline for personal use only. I learned a lot about AI, large language models, different tools, and pieces of software while building it. Yet, it’s not worth my dedicated time, given the current AI advancements going live by the big players. I can’t compete and I don’t want to either.

Thus, the majority of my time on keyboard has been spent actively working on pentests for clients: 90% focusing on work at hand and then ~10% focusing on learning and actively building my skills by studying new techniques and hands-on practice. I started working through Web Security Academy. I think it’s the best resource out there.

My focus and dedication paid off because April 2023 has been the month with my highest income ever, the majority of it coming from pentesting alone.

What about bug bounties?

My pentesting results made me realize that I will not spend much time on bug bounty hunting in the near or distant future. I might be doing it for an hour here or there on private programs. But doing it for the money or leaderboards, likely not. Common bounty rewards are not attractive to me; and what’s most unappealing is the triage process happening on some of the platforms, which I find unprofessional, to say the least. And I’d rather stay away from that.

And AI?

Despite taking my hands-off SecGPT and jumping off the ChatGPT hype bandwagon, I’ve been nose-deep into reading AI research papers, as well as remaining current with the latest tools and developments in the field. I’m not going anywhere with respect to that.

In fact, I’d like to find more ways to help the average human use AI for personal use as I know (personally) it can be a massive multiplier in many areas of life, from productivity to personal development. If you’re someone who wants to make better use of AI tools and language models, I’m doing a few limited 1-0-1 consulting calls. Reply to this email and let me help you.

Personally, I’m still waiting for OpenAI access to ChatGPT code interpreter and browsing plugins; and then I’ll dive deep into experimenting. Can’t wait!

Life

This past month I spent a lot of time outdoors, biking, walking, and hiking. I went on a few trips. On one of the trips, I went on a trail that was sort of away off the beaten path and I had a ground-zero encounter with a grizzly bear. Luckily, it was a male and it got scared and ran away. It was a huge creature though. That moment was pretty intense because there was nobody around, nowhere to run or hide and I wasn’t prepared with either bear spray or firecrackers. I later realized that was a close one and thank God it didn’t end up bad.

On another note, I’ve spent less and less time on my phone. I uninstalled even more apps and since I have no notifications (except calls and text), the majority of my phone use is on my notes app, on Kindle (when away from my tablet) and manually checking the notifications in the few apps I still have left installed a few times per day.

I also reduced the number of books I’m currently reading to 11 (from ~20), and I added three very interesting titles to the list: Outlive by Peter Attia, Emotional Agility by Susan David and Never Split the Difference by Chris Voss.

I also reduced my short, medium, and long-term planning lists; and this makes everything clearer! It’s never perfect so I’m always on an ongoing journey of simplifying, reducing, and optimizing.

One thing is for sure, it feels incredibly amazing not being distracted, having a few things on the agenda, and focusing abundantly on doing those things to the best of my capabilities.

Until next time, have a good one!