This is my /now page, updated ~monthly.
Last updated: 18-MAR-2025
1. Exploit proofs-of-concept
Last week, I kicked off a series of exploit posts — picking an interesting CVE, building a self-contained proof-of-concept, and writing about it. Over the next ~two weeks, I'll be working on two more of these posts based on recent CVEs that caught my eye.
2. RTFM and being intentional with LLM
"Desirable difficulty", a term coined by psychologist Robert Bjork, suggests that learning is more effective when it involves some level of challenge or effort. I've noticed myself RTFM less, and asking an LLM for assistance on scripting/coding tasks more over the last few months. While this is efficient, I feel like I've been missing out on some of the cognitive load that leads to actual learning.
Lately, I've become more intentional about when, why, and how I reference an LLM for such tasks, vs. consulting the documentation.
3. Bash refresh
Tied to my RTFM vs. LLM shift, I realized my Bash scripting was getting rusty (which pains me). This month I've been refreshing and leveling-up my Bash skills — writing recon and exploit scripts during CTF challenges (vs. having an LLM do it for me).
4. Road to CPTS and OSCP
I'm a few months into preparing for CPTS (Certified Penetration Testing Specialist) and OSCP (Offensive Security Certified Professional), and the grind continues.