Often times as people of the digital technology age, and especially as Penetration Testers we tend to get “Information Overload”, just like computers. And much the same as computers, we need to do a Memory Dump, before we crash.
I felt it was important to write about this in a blog article, because we all need to step away from the screen from time to time, even for just a little while, so we can regain our focus. I can’t tell you how many times I have been on a Pentesting Team, and the team spent hours upon hours going on circles just because a team member was thought to have performed a task to further the teams goal, and because of “Information Overload” simply forgot to do the task, or otherwise note the results. It’s super frustrating, so I understood; it happens to us all.
Eventually, when I was a Team Leader, before we started an active Pentest, I mandated every team member to 3 days of nothing. Meaning, no research, no testing, no report writing, nothing. It was 3 days to go do what ever they wanted (Except for the above mentioned) to clear their minds. I dubbed it “3 days of Memory Dumps, no logs”, which was quite funny at the time — Nothing worse than a memdump with no log of it lol
They key takeaway here is, what ever you do, don’t allow yourself to burn out. Take some “Me Time” out for just you. Do what ever makes you decompress and relax. Go get a deep tissue massage, go veg out and watch endless hours of Mr. Robot, or simply sleep. What ever it takes to clear your memory. You’ll thank me later when you are on an active engagement and blaze right through it like Tank from the Matrix 🙂
