First post of the new year! I’ve learnt, doubted, struggled, persevered, and ready to do it all over again, on an improved level! Struggle and perseverance are the two I’ve resonated with the most this past week. As I’ve been learning a new exploit tool to add to my arsenal. Metasploit, which is an exploit framework capable of doing every process level within the penetration testing. This chapter is probably the biggest setback I’ve experienced so far in my journey, as I didn’t really understand much about the tool despite digesting the content.

Though now I’ve begun to consider my approach to learning in terms of practical content, and theoretical content cannot be the same. As I’ve been trying to understand the tool more on a theoretical standpoint, than actually knowing how to utilise the tool in a practical environment. Comparing my approach to when I was learning Networking, I read the passages, I taught it back to myself, and I set questions on topics in question to see my understanding, and my ability to put it into my own words, and it worked considerably. Though this approach to this topic in question, didn’t help me much. My first few task given were to basically scan the target machine, discover the vulnerabilities and utilise the plethora of modules to exploit the target machine, and I have no clue how to do it!

Now don’t get me wrong, the answers were within the passage, well a guide on how to do everything is given but, this extensive practical approach was a strain. I found myself using videos to get through most of the questions, and this made me doubt my understanding of the tool. With tools like Metasploit, the theory is a crucial factor in cultivating your skill with the tool, and the information learnt from the previous topics come into play, when using it. My issue is I didn’t know when to and how to.

As previously stated, I had to scan the target machine, and I had no idea how. Could this be an issue of not fully grasping the topics at hand? Rushing through the information just to get it done? Probably so, and I need to slow it down, and I understand that now. I’m going to utilise making more notes, I’ve downloaded a software known as Obsidian to help me make and organise my notes. The topics such as Networking, I personally don’t believe I needed to create notes, but sections like these where the information doesn’t really connect to me first try, notes are a good thing to utilise.

Challenges! TryHackMe has challenges that are available for one to use to test their understanding on all the topics learnt, but I haven’t utilised this yet, and that ends. Patience is a virtue that I lack and should improve, as I’m viewing a marathon as a sprint, and that’s detrimental to my learning long term.