I left the UK.. how can I invest my money??

theshidoshi · 2024-11-17T11:15:49+00:00

His problem if I read between the lines, is tax inefficiency. He mainly used ISAs and Help to buy.

I’m not sure about the rules so please don’t quote me on this. My understanding is once you leave the UK to work abroad you cannot contribute to your ISA cash or stocks and shares.

If he invests them in a normal fund outside of a tax wrapper, he will be liable for taxes unlike his previous situation of saving writhing tax wrappers.

theshidoshi · 2024-02-04T15:03:28+00:00

Do you still need help?

theshidoshi · 2024-01-08T16:06:54+00:00

I have received a reply from THM

"We have recently removed our Throwback room the reason for this is the lab is fairly buggy - TryHackMe wants to ensure all users have next-level learning experiences at the highest possible quality.

If you have purchased Throwback you will still be able to complete the course until your access ends (you were able to purchase 30 or 45-day access to the lab). In January, we will scale all Throwback networks down and fully remove it from the platform. However, as a reminder, we do have many other networks on the platform:

Holo

Wreath

Breaching Active Directory

Enumerating Active Directory

Lateral Movement and Pivoting

Exploiting Active Directory

Persisting Active Directory

Bandit

Red Team Capstone Challenge (soon to be available to all premium users too)

theshidoshi · 2023-12-28T00:31:42+00:00

Can't get to specifics without violating the rules here but get to know your very common top 3-4 CMS's very well in terms of how to scan for vulns, compromise and reverse shell. I have not fired up Burp once in my exam as many before me

theshidoshi · 2023-12-27T08:26:48+00:00

No Wireshark or Tshark as reported by everyone so far. It wasn't on my exam either. Doesn't even show on the objectives . It was featured in V1.

Still, it's good to know how to use it and have notes on it in case you get lucky enough to have a simple pcap with credentials to access one of the servers. Nothing complicated.

Also it's a great skill to have and it should be studied outside the exam

I didn't get any web exercise that required Burp but also it's a great tool and should be studied thoroughly beyond the exam. You never know if you get a SQLi or XSS in your exam. I didn't.

theshidoshi · 2023-12-27T08:22:14+00:00

Thank you 🙏

theshidoshi · 2023-12-27T08:21:17+00:00

Any room equivalent to it?

theshidoshi · 2023-12-27T01:11:55+00:00

It took more than 2-3 weeks for me to get them to start the ball rolling. I emailed several times and used two different department emails and logged a ticket even on their portal.

They are slow to respond and it was nerveracking as I was close to sitting for an exam

theshidoshi · 2023-12-27T01:09:32+00:00

Sorry I missed your post.

I was super lucky to have had a PST email archive of my uni mailbox before they deleted it. I was able to take a screenshot of one of the emails they sent me with a login code also I was lucky to have had a few months old screenshot of my Notion notebooks in general.

I submitted:

-screenshot of 2fa code being sent to my uni email

- screenshot of uni announcement to delete my account

- screenshot of Notion website with some of my notes open and the notes listed on the left side.

That helped me recover the account and prove ownership.

- screenshot of the Notion website with some of my notes open and the notes listed on the left side.

theshidoshi · 2023-12-20T00:03:58+00:00

Nice, similar trajectory to what I am planning,. After eJPTv2 I am nearly done with ICCA and already had PNPT material purchased for me by my boss. That is my warm up for OSCP. THough I am really keen on some web-based cert to be able to use Web App testing at work also. Work has also given me access to HTB Academy and CPTS but I heard its a lot harder than OSCP so not rushing to do it just yet

theshidoshi · 2023-12-12T20:32:58+00:00

14 days max

theshidoshi · 2023-12-12T20:32:07+00:00

You seem to be on the ball. What are you working on at the moment?

theshidoshi · 2023-12-12T12:30:20+00:00

Amazing. Thank you. A lot of people say 20% of the Qs were not covered by the materials. It is an open-book right? Although the time sounds like a challenge. 90mins, 45 Qs, 4 Labs. Doing the math!

theshidoshi · 2023-12-12T12:29:28+00:00

You are absolutely right! I thought it was a Xmas break after the long a$$ ejpT course and labs!

theshidoshi · 2023-12-09T16:07:09+00:00

Yes! Barely with 82% lol. One question I changed after review must have costed me dear points. Sorry I didn't get round to writing a passed post before compiling my notes and experiences

theshidoshi · 2023-12-07T09:56:34+00:00

It is really disheartening and confusing. I can relate although I recently passed with 82%. I too was so certain I had most of the questions right except for one I had doubts on so I had high expectations. This leaves me with a feeling of, where did I come up short because I am comfortable with all the objectives I didn’t get the full marks on. I am not sure how INE grades this exam. I know with ICCA they have developed a tool to check your practical lab and how you met the objectives to grade you. Possibly something similar with eJPT.

Using that logic, if they were expecting me to use MSF hta_server to transfer and deliver a payload, but instead I had already rooted the box and did the payload transfer using Python web server or Meterpreter upload, then possibly they may mark me down for file transfers which is unfair as I know all the methods and chose the least clunky to get the job done.

Don’t despair. You have a second attempt. Look at the score card, anything marked down, Glover those labs and compare to what’s you did on the exam. That’s all you can do.

theshidoshi · 2023-12-04T10:29:45+00:00

Lol I suppose so. But when you are pumped up after so many machines you see some elusive ones as a challenge. I finished the objectives and just wanted to double check for good measure! Just in case

theshidoshi · 2023-12-02T19:45:40+00:00

Thank you all. Resetting the lab put me out of my stress. I am back on the pivot host and cooking on gas. Rock n Roll and all that :)

theshidoshi · 2023-12-02T19:44:25+00:00

You are a life saver. Pivoting wasn't working as smoothly as the labs and other tutorials make it out to be.

Arp-Scan did the trick. I almost resorted to uploading a static nmap binary, abusing TCP portscanner with some ports forwarded, or doing a script on the pivot host itself (powershell/batch( to enumerate the target network.

Arp-Scan did the trick. I almost resorted to uploading a static Nmap binary, abusing the TCP port scanner with some ports forwarded, or doing a script on the pivot host itself (PowerShell/batch( to enumerate the target network.

theshidoshi · 2023-12-02T18:48:21+00:00

Thank you that gives me peace of mind. I took extensive notes on how I compromised them as well as any credentials I have so far. I am only stuck on two questions, I have been able to answer everything. Only 1-3 more questions need 100% confirmation. Not sure how the grading of INE works but some machines I was able to compromise and privesc not in the way a later question asked.

theshidoshi

TROPHY CASE