Well, well, well, the world has changed a lot since my last post. Definitely have a lot of irons in the fire as the old saying goes. Currently working on the PenTest+ certification from CompTIA. I’ll be following that up with the CEH exam. Between those two certs I’ll be working on and getting the ISACA’s Cybersecurity Audit Certificate. 2024 is shaping up to be another great year!
Hit a new deadlift PR at 521/237
A lot has been going on over the last 6 months or so. One of the primary things is that I’ll be doing is taking the ISC(2) Certified Cloud Security Professional exam on 4 NOV.
What does the CCSP cover you might ask?
Domain 1 covers architecture, concepts, and design. Domain 1 also includes cloud computing concepts which covers broad network access, on-demand services, resource pooling, rapid elasticity, multi-tenancy and more. It also includes cloud service models, IaaS, storage types, volume storage, object storage, PaaS, storage types and more.
The cloud service deployment model covers public cloud, private cloud, hybrid cloud, community cloud, management plane, and virtualization.
The things that are covered in the rest of Domain 1 are:
Security aspects of virtualization – Type 1 and Type 2 hypervisors.
Principles of secure cloud computing – covering roles and responsibilities, design principles and Identity and Access Management (IAM).
Design requirements – covering requirements analysis, functional requirements, inventory, valuation and more. Cloud model boundaries were also covered as well as the cloud service models, IaaS, PaaS and SaaS. Protecting sensitive information portion covered hardening, encryption, layer defense, common threats, secure data life cycles and more. And finally, the Threat Modeling portion of Domain 1 includes STRIDE, DREAD, the OWASP Top 10 security threats and the CSA Top 9 risks.
I’ll outline Domain 2 tomorrow along with some other important details.
Ive also been able to make back to CrossFit on a regular basis. Ive also been able to get out on the water a little more often and once I pass this exam in November I’ll take a couple months off and then at the beginning of the year go ALL IN on Heath Adams Practical Network Penetration Testing certification. After that I will take a nice long break from taking certification exams.
Today as a break from studying I took a nice long walk and I found this cool writing spider along the way.
And, it’s kind of fitting that I haven’t posted any sort of lifting videos in…forever, and when I finally get back to training that I end up posting a lifetime PR for my deadlift at 517#. Easy day.
Until next time…
Physical training for the day:
A1. Incline curls 10, 10, 10, 10 – :03 second lowering/eccentric load; rest 0
A2. Seated hammer curls 20, 20, 20, 20; rest 0
A3. Standard EZ bar curl 20, 20, 20, 20; rest 2mins
B1. Bench dips 20 x 3; rest 0
B2. Banded press downs 20, 20, 20; rest 0 – pause for two deep nasal breaths at the top of every 5th rep
B3. Triceps push-ups max effort/push to failure; rest 2mins
C1. EZ bar close grip curls 15, 15, 15; rest 0 – try to stay at the same weight for all 3 movements
C2. EZ bar drag curls 15, 15, 15; rest 0
C3. EZ bar overhead triceps exts. 20, 20, 20; rest 1
+
7 n 7 for 7
7 Hang power cleans & push press
7 walk out burpees without the pushup
On Monday I accepted an offer to begin teaching, part-time, for Chegg/Thinkful.com in their Cyber Security program. I’m really looking forward to helping the next wave of cyber sec professionals. It’ll be another great way to help keep up with current trends, continue to reinforce the fundamentals, and also share past and present experiences with a wide swath of new IT pros. Who knows, before long I just might be able to start posting videos of training and teaching again.
Current affairs:
Peter Onuf’s Jefferson & Reclaiming 1619
Hawks Smear War Opponents Again by Ted Galen Carpenter
Putin Wants His Own Monroe Doctrine by Patrick J. Buchanan
The hardest part wasn’t physical. It was the repetition, the daily grind that felt endless. Whether I was refining form under the barbell or troubleshooting code that refused to run, the challenge was the same: staying patient when nothing seemed to move forward.
Some days you make the lift. Some days the lift makes you. But the point is always to come back tomorrow.
At some point, I stopped expecting each session, physical or mental, to feel like a breakthrough. The breakthrough was the habit itself. The more I showed up, the more the process began to reveal patterns: what worked, what didn’t, and how small adjustments compound over time.
In strength and in cybersecurity, consistency is the quiet multiplier. Each drill, each review, each run-through, one more rep toward mastery.
That same mindset carries through everything I do now — training teams, hardening systems, or writing content. I don’t chase perfect outcomes anymore. I look for steady iterations. A little tighter form. A cleaner line of code. A stronger policy.
That’s how resilience is built, not simply through intensity, but through consistency.
Progress doesn’t shout. It stacks. And one day, you realize the work that used to test you has become the warm-up.
Training for the day:
7 mins of:
7 Banded Sumos
7 Banded bodyweight squats w/moderate band
7 Calf raises
+
A. Back Squat 10, 10,10,10; rest 2/2:30 – 10 RM-ish
B1. Heels elevated air squats x 10 x 3; rest :10
B2. RDL w/an empty bar, sweep away — lumbar focus x 15 x 3; rest 1
C. SL RDL stability, unloaded x 10 x 3; — 5 per leg; rest 1
+
10min alt EMOM:
20 Step-ups – 10 per
15 push-ups
Martial skill work — 5 x 5 min rounds of Z2-Z4 striking, upper push/pull bodyweight movements in trapping/grappling range, and take down defense/sprawling/working underhook escapes et cetera.
Today in my world of Linux and pentesting I worked on building out an Active Directory Lab and worked on the initial attack vectors when attacking an AD based system. Things like LLMNR Poisoning, Capturing NTLMv2 Hashes with Responder, Password Cracking with Hashcat, LLMNR Poisoning Defense, SMB Relay Attacks, Discovering Hosts with SMB Signing Disabled, Start SMB Relay Attack Defenses, & Gaining Shell Access.
Current affairs:
We Got Him (Again, and Again, and Again): On the Latest ISIS Takedown In a Long Line of American Military Actions by Andrew Bacevich
Virginia Supreme Court throws out challenge to Youngkin mask order
Bombshell Proof The ATTACK On Joe Rogan Is Politically Funded! This Is Deeper Than Spotify!
Boom: Rumble offers Joe Rogan $100M to leave Spotify…
And of course, the twat waffle who is Jonah Goldberg, is returning to his roots.
Training:
A1. Seated Arnold rotations x 20, 20, 20; rest :30
A2. Banded triceps press down 20, 20, 20; rest 1
B1. SA DB row x 10-12 reps x 3; @31X1 on the first 5 reps rest :10 secs b/t arms
B2. Snatch grip BTN press w/an empty bar x 15 x 3; rest 1
C1. Assisted pullups using barbell and feet in pullup cage x 6-8 x 3; rest :0
C2. DB push press 15, 15, 15; rest 1
D1. DB shrugs 30, 30, 30, 30; rest :30
D2. Banded upright row 25, 25, 25, 25; rest 90
5 sets of :30secs of work/:30 secs of rest
:30secs KBS – 2pd.
:30secs rest
:30 secs pushups
:30secs rest
:30 secs DB RDL – 55/h
:30secs rest
:30secs 24” box step-ups
:30secs rest
Today’s professional training covered Linux User Accounts and Groups along with Managing File Ownership and Permission. Then in network penetration we covered privilege using Sudo + about hour of training over at tryhackme.
Current Affairs:
The Media Outlets Demanding Joe Rogan’s Removal from Spotify Spread Far More Disinformation
Today in Syria 13 people killed, including six children and four women, during a SF pre-dawn raid targeting ISIS leader Abu Ibrahim al-Hashimi al-Qurayshi.
Johns Hopkins Study: Lockdowns Only Reduce Mortality by 0.2 Percent – good thing they didn’t announce this study on Rogan’s show.
Trudeau’s lies about Freedom Convoy/Canadian truckers show he’s just gaslighting the everyday working man
CORONAVIRUS — Majority of Canadians Now Want COVID Rules to End After Trucker Revolt — Massive 15 point swing in sentiment suggests trucker are not “fringe minority.”
Warm-up – 10 mins of:
5 air squats
10 banded shoulder pass-throughs
15 banded good mornings
30 Shoulder ROT/stability – 10 to horizontally to the chest, 10 semi-vertically front/down to clavicles, 10 BTN, then…
7 sets of:
6 goblet reverse lunges per leg
3 goblet step-ups per leg
3 goblet squats
6 SA KB Press per arm
6 SA KB Row per arm
6 SA KB Swing per arm
Martial skill work
45 mins of JKD and Wing Chun striking + short-range kicking and counter wrestling
Today’s studies included:
Linux: working toward mastery of the CLI & searching and extracting data from files and archiving. I also focused my practical network penetration testing studies to privilege escalation in a Linux environment.
Bipartisan Congressional War Drums Are Beating Again
The GOAT calls it a career — Tom Brady officially announced he is retiring today.
万事俱备,只欠东风
wàn shì jù bèi, zhǐ qiàn dōng fēng
Everything is ready — now we wait for the East wind…
Today’s purification ritual
A1. Strict press 10, 10, 10, 10; rest 0
A2. Ys & Ts 10 & 10 x 4; rest 2
B1. Heavy laterals 15, 15, 15, 15; rest 0
B2. DB Shrugs 15, 15, 15, 15; rest 2
C1. Rear delt flies 15, 15, 15, 15; rest 0
C2. Anterior raises 15, 15, 15, 15; rest 0
C3. Banded upright rows 15 x 4; rest 2
+
E2MOM for 10 mins
:10 second SPRINT
1:50 rest off the bike
covered a mile in :50 seconds – almost yacked. solid work again today.
10 minutes of movement prep then…
4 sets:
250m row
20 push-ups
20 KBS
20 Hammer curls
20 Russian twists
20 back exts
-Rest 3
Matt Shannon, Security Pro 