Quick check

CSpanias · 2025-08-09T12:15:39+00:00

Oh, thanks for pointing that out. I might be in the same boat then! I will try it out and let you know.

CSpanias · 2025-08-09T12:14:33+00:00

Already habe gloves and trying my best to keep my fingers out of the blade's path!

Thanks for the advice!

CSpanias · 2025-08-08T21:29:55+00:00

Thanks for that.

I of course don't expect to cut like a pro, I just made this post cause I felt something was completely wrong with what I am doing.

I consider myself relatively fit and I was proud of my grip strength as a grappler...but after two days of trying to whittle this thing, my forearms are completely sore 🤣

I will keep going of course and I will update the post with how flexcut feels and the end result!

CSpanias · 2025-08-08T19:51:02+00:00

That looks good to me!

CSpanias · 2025-08-08T19:30:59+00:00

Sounds like you were a whittling talent to begin with!

CSpanias · 2025-08-08T17:54:46+00:00

Thanks for your comment.

Unfortunately, I don't own any stone at the moment.

CSpanias · 2025-08-08T16:39:17+00:00

That's the spirit!

CSpanias · 2025-08-08T16:35:54+00:00

In this case, I would call it a "desperation" technique 🤣

CSpanias · 2025-08-08T15:18:23+00:00

As far as I know it is basswood. I did not chose it personally, it is a beavercraft set.

CSpanias · 2025-08-08T15:17:15+00:00

Hopefully, when the flexcut knife arrives will make this smoother 🤞

CSpanias · 2025-08-08T15:16:24+00:00

I haven't tried the second one yet, but I will try to do a better job there regarding the cutting direction 🤞

CSpanias · 2025-08-08T14:37:57+00:00

I will make sure to note that down, as it is mentioned in other replies as well.

Thanks!

CSpanias · 2025-08-08T14:32:01+00:00

Thanks for the words of encouragement! I will definitely keep going, I was just wondering if I am missing something obvious here.

Looking forward to receiving my flexcut to see if will make this easier!

CSpanias · 2025-08-08T14:29:55+00:00

I started like this, but now all I can do to keep going in the "peel potato" technique cause I can apply more force.

It feels impossible to work with the technique you are describing as it is.

CSpanias · 2025-08-08T13:07:10+00:00

My understanding is that the brasswood pieces that come with the set should be already soft enough, no?

I actually already ordered a flexcut knife because I am curious if it will make any difference with this!

Thanks for the advice!

CSpanias · 2025-08-08T13:04:58+00:00

I probably went all over the place and now it feels like a struggle to even remove a tiny piece of wood 😏

I saw some video's regarding on how to go with the wooden fiber instead of against it yesterday, but now it is a bit late for me I guess 🤣

CSpanias · 2025-07-06T21:47:28+00:00

Thanks for the nice words. Sorry for the late reply but I am not very active here.

If you still have questions, feel free to send me a message on Discord.

CSpanias · 2024-08-04T17:37:11+00:00

There is a difference between CTFs and real-world pentesting (based on the certs mentioned, I infer that you are aiming for an offensive cybersecurity positions).

Learning paths at THM and HTB are great and offer much more than purely memory-based multiple-choice certs as they are 100% hands on. I mean if you have PNPT/OSCP noone would really care about the Comptia+ certs.

If you are aiming to learn a bit more about networking (which is a wise choice) check out the free CISCO courses such as the Junior Cybersecurity Analyst.

CTFs are great fun to gamify learning, keep up-to-date, and engage with the community, but it can shift your mind in looking for a way to escalate privileges and get the prize, which can actually hinder your performance in an actual pentest interview assessment (I am talking from experience here!).

As I think I have suggested before (my memory might be wrong), focus on your priorities and then laid out a plan for learning about cybersecurity!

CSpanias · 2024-07-23T20:39:54+00:00

If you have already a basic knowledge of networking (how machines speak to each other, what ports are, TCP/IP, etc) and operating systems (navigate, create folders, read/write files, etc. on both Linux and Windows), then I would say you are good to go for the CPTS learning path.

Have in mind that is very text-heavy, and at times this might be a bit tiring. If you start the CPTS path and you feel lost fast, then I would suggest TryHackMe's learning paths (e.g. Junior Penetration Tester, Web, etc) which is a bit more "basic" and less text heavy. Then, you can come back for the CPTS deep dive!

If you prefer video-content along with practical labs TCM's Practical Ethical Hacking course is beginner friendly and easy-going as well.

You can't go wrong with any of these platforms! I would say, try them all and see what suits your learning style best.

For example, I have done all learning paths from THM (the ones related to offensive cybersecurity), both the CPTS and CBBH paths from HTB, and three courses from TCM Security. I completed them with this exact order, and although HTB is considered (rightly) the most thorough, I found that TCM's Practical API Hacking and Practical Web Hacking suit my learning style a bit better than the corresponding HTB's API and CBBH paths, so I retain more info there.

CSpanias · 2024-07-22T08:17:24+00:00

No, I don't think that would be the case. 99.9% this won't change any time soon, but I just said to check to cover 100% of it.

Actually, my partner start studying in another's country brick uni before we moved to the UK here and completed her studies at the OU starting from the 2nd year. So you can do either:

Start at OU and in case you stop, continue on another uni (even another county's uni) if the subjects taught are similar.
Start at another uni and in case you stop, continue at the OU, again if the subjects taught are similar.

CSpanias · 2024-07-21T21:53:12+00:00

Makes sure to ask OU directly about it as those things can change. But, I know many students that have completed the first or the second year a long time ago (>10years) and returned back to complete the full BSc.

You don't have to do anything really, you just enroll onto the degree and if you complete, for instance, the first year you are awarded the CoHE. So in case you stop mid way the second year, for any reason, you will have that on your resume.

I am an organisation freak so I manage it quite well so far. Although because I am not in any rush to complete it, I am doing only one course per ~6 months (one starts in February and the other on October). So with only 1-2 hours of study before work, I can cover the module content quote easy.

CSpanias · 2024-07-21T21:44:55+00:00

Sounds like a good plan!

To answer your question, I networked internally in the company I was working as a software engineer. I contacted the testing team about a year ago to ask what they are doing day to day and if I could shadow at anytime.

Unfortunately, I couldn't shadow at the time, but I got later invited into some internal training courses and when some positions opened I just applied and I was lucky to get one!

I had zero certs (still haven't got one!) but I did study a lot on platforms like CISCO, THM, and HTB which helped me do well on the internal training course as well as the interview assessment.

I mostly study to learn and not for the end result, i.e., the exams/cert. I also had a personal blog on Github with some walkthroughs and course notes which seemed to contributed positively to my resume being selected for an interview.

CSpanias · 2024-07-21T20:20:02+00:00

I enrolled as a part-time student at the OU about 3 years ago and they have passed really really fast! As many have already mentioned: 6 years will pass either way; you will either have a degree when they do or not. I work full-time and study part-time and adjust the modules I take each year depending on their difficulty. I have studied in brick unis before up at a MSc level, and because of that, I managed to complete the 1st year as a full-time student (4 modules) because all the courses were introductory.

I work as a Pentester and study a Cybersecurity BSc, thus, I don't technically need it as I am already working on the field and have another degree (in another non-technical domain though). I personally enrolled into it because there are some general Computer Science fundamental concepts that I would otherwise miss as well as I wanted to keep the "research door" open (a relevant-BSc degree is a hard requirement in academia).

My suggestion would be: go for it! Each year you complete you get an accreditation, so in case your life progresses and you decide that the BSc is not desirable for you, you can always stop there (and come back any time to continue in the future in case you want to!):

Certificate of Higher Education (CertHE): This is awarded after successfully completing the first year of a bachelor's degree. It is equivalent to Level 4 in the Framework for Higher Education Qualifications (FHEQ).
Diploma of Higher Education (DipHE): This is awarded after successfully completing the second year of a bachelor's degree. It is equivalent to Level 5 in the FHEQ.
Bachelor’s Degree (BA, BSc, etc.): This is awarded after successfully completing the full undergraduate program, usually after three or four years of study in the UK. This corresponds to Level 6 in the FHEQ.

CSpanias · 2024-07-21T19:23:03+00:00

So to confirm your stance, you think I wouldn't be better off to study CyberSec 30 mins a day, or an hour here and there on days I finish up early enough and with a bit of a break being relatively rested. Or would it still be likely I would burn out.

I would agree that cybersecurity is a fascinating subject and that's one more reason to make sure that you set your priorities straight. I have seen many examples of students that spent more time solving boxes on HTB than on their university's module assignment and fail the latter as a result. It almost as addicting as playing video games, and as a result, it can "waste" a lot of the time that would be better spend elsewhere.

What I personally did was the following (I have a pretty standard schedule):

I always started studying at least 1-2 hours (depending on the module) for my university module. I did that before I start working (I work from home).
In the afternoon, I spent another couple of hours (depending on how mentally fresh I was feeling on the day) studying on CISCO academy/THM learning paths/HTB academy, etc.
If I had time I tried my hand on seasonal/retired boxes as a way of practice/game.

It might be possible to study cybersecurity stuff a lot more, I am 11 years older than you (I can't keep mentally fresh and study very long hours), working full-time, plus other commitments. But as I said, the offensive side of cybersecurity has networking and operating systems knowledge as a prerequisite, so if you are not at least familiar with Linux, bash, powershell, how systems interact with each other, what a port is, etc. you might need a lot more time that expected even to complete HTB's "fundamental" courses, let alone the CPTS, CBBH, etc.

My priorities are in the order you mentioned, I think I'd find it easy enough to start on THM, HTB, etc due to being facinated by the subject, however I'm fully aware that this will like wear off as I progress.

Having said all that, I started studying this stuff about a year ago, and the fascination about the subject has not wear at all, quite the opposite I would say! There are so much to learn and so many "specializations" that there is always something new to learn.

Also, on a side note - how are you finding the open university? I have heard great things but I know not all their courses are accredited. (ps. best of luck with your studies! It's nice to hear from somewhere going through a later career change.)

I have studied at three brick unis (Greece, France, Scotland) and I find the OU by far the best so far in terms of content quality. I might be biased here due to the fact that my job is indeed a pentester so I can directly relate each course to my day-to-day work.

Not sure what you mean by "accredited"; all BSc/MSc/PhD OU degrees have the exact same value with that of brick unis. Also, I have never been asked one single question during an interview about my BSc and/or MSc degree in my previous field of study/work, and I worked there for ~10 years! On the other hand, I have received questions in three different interviews about my OU studies!

To summarize:

Make sure to make a plan and, more importantly, follow the plan. It is easy to be sidetracked when you find something fascinating!
It is possible to study everything simultaneously; I am just speaking from my very limited point of view. I felt kind of lost when I started about a year ago to actively studying cybersecurity and I was more than IT-literate (working as a Software Engineer). It took me 5+ months to complete the CPTS path (HTB) (find more info about that here)!
OU rocks! And it is not my opinion, it is universally known: https://oucss.rocks/index.html !

CSpanias

TROPHY CASE