Organisation In Cybersecurity

go back / p4p1


Created on Wed 19 Oct 2022



I come from a heavy developer background and most developers are used to work with the "Agile" framework. Note that I personally use agile very loosely I am not a Agility expert, I usually don't have much balance anyway.

This post will cover my personal approach at organising my workflow and how I do most of my work. In cyber security we talk about dark stuff most of the time between insecurities and vulnerabilities. Usually pretty grim stuff. Now I think it should be good to talk about being happy more and I kind of see organising my work as therapy. At first it was a chore and finding the right way to do stuff was a pain but now that I have I believe that I am optimised for any heavy task coming my way.

My organisation

Honestly my organisation is all over the place. I forget a lot of stuff all the time. My brain is mostly filled up by vim bindings anyway.

To counter my main problem of forgetting I just ended up using a bunch of lists. Lists everywhere!! My first one is the one directly on my desktop. I use conky for my config and it displays on my desktop usefull information about my system, servers and the network I am pluggedIn (more on the latter soon 😉).

On this todo list I usually keep my big picture projects and ideas. Stuff that I will do in the long term future. Imagine it like the next year goal.

After going through that one when I first boot I then usually open my web browser first which there I have trello or github as my "Homepage" usually I will go on either depending on the mood. Trello is the first one we will go through.

Trello

In trello I have two things planned out. Imagine it as being the next 3 months and the day to day stuff. I usually work better day to day with a week basis to know what happened. By seeing the previous work I did I get motivated to do more. When I feel down I usually just go on my linkedin profile/blog and when I look at my certs or posts I usually feel like I am going somewhere. So most of my boards are organised the same:

I have a TODO section where I just dump everything inside of it when I get tasks or when I just have an idea of something to do. I usually try to keep it relatively small and organised with the top one the most urgent. Usually I have medium to small tasks there. Then each tasks have different states that it can be in:

I use the card labels to specify a category so that if I really wanna do pentest or dev I can but I also have 3 states DONE which is straight forward. ON-GOING which basically when I see that I know that I should pick up working on it the soonest. Finally PUSH-BACK which basically means that it is ON-GOING but something more important came up.

Github

For each big project I have on github they each have their own little like so. Even this website has one. I try to go through those as well when I can but obviously since they are project dependant I don't go on them that often. Having project dependant boards like so really helps me on picking up and then leaving a project for a few months to then catch up pretty quick on it.

All of my project look exactly like that with 3 sections. A TODO where I put all of my ideas a IN PROGRESS where I store the ones that I started or need to pickup and FINISH which is where I have the completed ones. Nothing ground braking but if it works don't fix it.

After those boards I then have a more day to day section that I built today.

Day To Day

So before I used to only use the previous github's and trello boards. Honestly it isn't perfect because I spend a lot of time going through them and picking what I need to do. Now today I built a webpage which fixes that problem.

I organise with mainly tools aimed for developers so those things have "automation" built in mind most of the time. Trello and github both have a public API which are well documented and can be used for a bunch of stuff. I basically use the Trello API to retrieve all of the tasks that I need to pick up quick and I display them on a nice cute front-end:

The main objective of the page is to display from my trello board the ONGOING tasks that I have so that I get to work on them first thing. I use the trello for organisation mainly but I also have custom cards where I store useful information like things to read/documentation cool tools I found so after going the work that needs to be done with this page I will have all of the article ready. This is what those cards looks like on trello:

Now obviously looking at them it's obvious that them tucked on the side means I don't open them often unless I have to add something to them. Now with the API I fetch them and get them all displayed nice on the page:

The top section is the articles and documentation I want to read / research and at the bottom it's a collection of tools I've found. I never really open my bookmarks on my browser so having them lay out here makes it simpler to go through.

I also have quality of life stuff on the page like my colorscheme for designing my website and it's content:

I also put a funny little message which makes me laugh when I open it. The other great thing about this page is that since I have my own webserver with email accounts. I use thunderbird for my email software where you can give it a little "HomePage" and I did design most of this so that I can use it with that:

Now when you look at the custom page you can see a sign-in with github that part hasn't been coded yet. Basically I would like a card system where I can see my projects with a last updated section where I display the last commit date and time. To motivate me in picking back up projects I haven't worked on in a while. I also am thinking of adding monitors on my different accounts not sure how yet :)


Thank you so much for reading this less technical post. I won't do many posts like this on my blog I think this is my 3rd less technical post. I'll be honest I prefer the coding bit than the overall strategy so I will keep the blog to that. But since my last project I might use the linkedin organisation I made to post more "simple to understand" stuff. If you enjoyed this please do look at my other posts/projects :) Also a quick note this project that I showcased at the end it is not publicly available yet sadly. But when I finish with the github section and if people contact me for it I might publish it publicly.

p4p1-arch
arch linux iso

A linux distribution with my entire config pre-installed. Great for learning linux and pentesting with a steep learning curve.

repo | website
Book a phishing campaign
arch linux iso

You can book a phishing campaign from me on your organisation by contacting me.

contact@leosmith.xyz
Questions / Feedback
For any questions or feedback you can contact me on contact@leosmith.xyz