hashtalk 001: Getting out of rabbit holes in CTFs, note-taking app recommendation and how to talk to leaders in corporate

h@shtalk
4 min readOct 25, 2024

--

Photo by GuerrillaBuzz on Unsplash

By Eva Georgieva

What’s up bugs? It’s been a while since I wrote something, somehow this always happens, but in the meantime I decided to change things up a bit.

The truth is the more I talk to people that don’t work in cybersecurity, the more I understand that cybersecurity is presented as such a mysterious, far-away, unreachable land and we rarely discuss the mundanity of it. There are weeks where I say that I work in cybersecurity, but all I do is attend tremendously long meetings, fill in reports and try to ingest as much caffeine as I can to get myself through the day.

Hors d’œuvre

Since this is now gonna be twice a week full-course meal on all things cyber and around cyber, let me introduce today’s hashtalk’s topics:

  • CTF challenge that got me stuck for hours and severely bruised my ego
  • A note-taking app that has really been a game changer
  • A very specific topic on how to talk to leaders in corporate

Painful CTF Challenge

Rabbit holes are a real thing. Recently participated in a CTF Challenge and while pentesting is kinda my strong suit, your girl here got stuck. The thing about rabbit holes is that when you’re in a rabbit hole, you might not know you’re in one, so that makes the whole ‘get the fuck out of there’ process harder.

Now based on my own experience, here are several practical tips on what to do when you are actually self aware enough that you’re in one:

Set a time limit: Give yourself a set amount of time for exploration (e.g., 20 minutes). Set a timer, and when it goes off, assess if you’ve reached your goal or if it’s time to pause, re-assess and move on. This can maybe be applicable to other things besides CTFs.

Refocus on Your Goal: Revisit the original goal or question you started with. If the current path isn’t serving that, write down your findings so far, then return to your main objective.

Prioritize Key Questions: Define a few key questions or criteria you need answers for and stick to finding those answers. If something doesn’t directly contribute, save it for later.

Create a Task List: List the steps you need to accomplish to finish the task and stick to completing them one at a time to avoid detours.

Use a ‘Holding Document’: Have a document where you jot down ideas or links you want to explore later. This lets you capture valuable insights without getting sidetracked.

Take a Break: Sometimes, stepping away for a few minutes helps clear your mind and bring focus back to the primary task.

Another thing to consider is that even though in other cases this is quite rarely the solution, giving up, and hear me out, giving up on one challenge to solve three different ones is still three wins more than what you had before, which is nada.

Note-Taking App Crush

Organization is not my forte. Now having that said, I am absolutely obsessed with Obsidian.

This app has been my note fortress for all things cybersecurity and all the different projects, ideas, certificates or everything that my brain fails to store in its hard drive.

I am quite a visual person as well, so the fact that I can also create diagrams and map things out makes this my personal favorite. Now when anyone asks me which application do I use for note-taking, I stand behind this one very firmly.

How to talk to leaders in corporate

This one is quite near and dear to my heart and super discussed in my group of people recently, so I thought I’d share my humble opinion on the topic.

Learn to read the room. And I cannot emphasize this enough. Usually the loud, harsh leader that is trying to convey a message clearly is not the enemy. More often is the one that likes to discuss kayaking with you, but always avoids business topics or hearing your opinion. Now reading the room is not as easy as it seems, you actually need to get yourself in a few rooms before you nail this process down. At the beginning, although I believe this is always applicable, listen more than you speak.

Another thing, skip the jargon and cut to the core. Get your points across fast — clarity is king, and busy execs don’t have time for fluff. Frame your message around value: how does it help the business, drive growth, or solve a pain point.

Most of all, stay confident but chill; leaders respect people who know their stuff and aren’t afraid to keep it real.

Let’s keep in touch

I’d always be willing to discuss more, exchange ideas and continue the hash talk.

Reach me at: evaincybersec@gmail.com

--

--

h@shtalk
h@shtalk

Written by h@shtalk

engineer by day, offsec enthusiast always—serving tech bites that matter and pushing security automation to the next level