The Insider Weekly #5 - iOS Pentesting | ChatGPT my Teacher | Recon
There’s been a lot going on this past week and I don’t even know where to start. Or wait, I actually do.
Ever since the beginning of January, one of the items on one of my productivity lists has been to set my driving goals and bigger-picture plans for 2023. And I was able to do that last weekend.
One thing I can tell you is that I’ve established my social media milestones/goals for 2023. And by milestones I mean the numbers of subscribers and followers I wish to achieve on these platforms. The numbers are bold, but how else would I be motivated to move forward?
Likewise, I’ve set my financial goals and reconsidered my income streams. You never want to depend on a single stream of income, let alone a paycheck. I’ve also set my self-study/learning goals for this year.
Having the numbers on paper increases my clarity as well as my motivation to actively pursue them. And one thing that I do on a weekly basis is to revisit and maybe tweak my milestones. It’s hard to reach your destination without having a direction (some wise person said).
In the past two iterations of this newsletter, I kept complaining I wasn’t able to return to my early wake-up schedule (before 8 A.M.).
In the past week, I made some progress in this direction, waking up a little after 8 A.M. I still went to sleep slightly past midnight. So, it’s a small progress, and I’ll be getting there eventually.
And if we’re talking about slumber time here, my OURA ring told me I’ve been tracking my sleep for 2.5 years now. It’s been a game changer, no shadow of a doubt.
One of the ways to engage 101 with me is via the paid version of this newsletter. As a subscriber, you can send me quick questions on Twitter, and be sure to receive a reply from me.
I’m not sure why or what, but I’ve got this burning drive and motivation for self-directed study lately.
For one, I’m using ChatGPT to outline learning plans and then to thoroughly explain concepts with examples until I feel I get a good grasp of the subject. I’m refreshing my knowledge of machine learning algorithms; this AI has been a very good virtual teacher so far.
Alongside ChatGPT, I’m going through the following resources to improve my ML and deep learning knowledge:
At some point, I will develop an AI-related product/service/app so I’m very motivated to get through the training.
I’m also diving deep into authentication and authorization mechanisms (cybersecurity) to understand how to break them effectively (and ethically, of course).
One of my biggest challenges for the week is that I’ve been given a pentest for an iOS app and it involves dynamic testing. It’s gonna be a first-timer for me so I need to figure out how to set up the environment ASAP so that I start testing. It’s a banking/financial app.
Other (uncategorized):
I sold some NVIDIA stock and bought some TESLA
I’m in talks with potential partners who want to advertise/promo with me
ChatSonic, if prompted correctly, provides better factual answers vs. ChatGPT
I played around for a few hours with my private bounty targets on VPS (recon)
I discovered allsearch.ai, an AI tool to search thousands of books for your question
I played with perplexity.ai, an AI search engine you can ask follow-up questions
I conducted some data breach research with leakix.net (I’m a trusted researcher)
I read a bunch of security reports on my main topic (AuthZ/AuthN/BAC)
Here are some resources yours truly posted this week:
Uncovering Security Misconfiguration Flaws: What to Look For (thread)
2023 Hacker's Guide: How to Break into Pentesting and AppSec (thread)
Squeezing the juices out of robots.txt. A fully automated workflow (thread)
As I said last week, you can always reply to this email if you want to ask me or tell me something; I’ll see you in batch #6.