These are the rules, everything that pertains to everyone who wishes to make any sort of interaction within this sub. Per the last META, clarity has been given in regards to bulk-type sales. Since EVERYTHING is here for you all to read, we expect there to be less issues with rule infractions and general confusion as to what’s acceptable, and what isn’t. We devote our time and energy for this sub to continuously never reach a balance amongst the users.
Our goal is to ensure the subreddit itself sticks around, along with trying to keep the userbase from being taken advantage of. Our rules make sense to some, and none to others but they serve a purpose. Regardless of how you feel, these are the rules and it is expected they be followed. At the time this post becomes visible, all of what’s listed below will be enforced as a hard rule, no more wrist slaps or babysitting.

Reporting Rules

Here are the Subreddit Reportable violations. Violating these rules will get you a ban.

Reddit Rules:

Reddit Rules regarding Firearms
No firearm sales. No Ammunition sales. No primers or gunpowder, as they are considered explosives.
No selling or distributing of files related to 3D printed firearms.
If you have no idea what this is referring to, please educate yourself before posting anything related to 3D printing files by reading up on them at the following websites:

• FOSSCAD.org
• Defense Distributed

Firearms: A Firearm is considered the serialized receiver or assembly of a working firearm. If you are unsure if an item is prohibited, contact the mods prior to posting it.
80% lowers and completion kits are not included in this prohibition as they are not firearms yet.
Bump-Stocks are considered Machine Guns by the ATF and are therefore prohibited from trading on the sub.
Binary Triggers, Cranks, and Rubber bands and other such items are not (currently) affected by this prohibition (unless Admins change their minds later).
Explosives & Hazmat: Gunpowder and Live Primers are considered as explosives and Hazardous Materials and are therefore prohibited from trade.
Ammunition: Reddit Admins use the ATF definition of ammunition which is as follows:

The term “Ammunition” means ammunition or cartridge cases, primers, bullets, or propellant powder designed for use in any firearm. The term shall not include (a) any shotgun shot or pellet not designed for use as the single, complete projectile load for one shotgun hull or casing, nor (b) any unloaded, non-metallic shotgun hull or casing not having a primer. 27 § 478.11

Brass and projectiles posted here will result in an immediate suspension by Reddit Admins, so if we find it first we will remove it.
Any violation of these above rules will result in a ban by us, or a site-wide suspension by Admins and their Anti-Evil goosesteppers.
Anyone attempting to skirt Reddit Rules will be given a 7 day ban on the first offense, a 30 day ban on the second offense, and a permaban thereafter due to the fact that Admins will use the bad behavior of a few to justify shutting down the sub for good.

Posting Rules:

This sub is for private sales only. Vendors must post in Gundeals or GunAccessoryVendors
Clarification on Vendor Rule: Don't include links to your business website, we are not a referral system, do your business on here. Please see the Reddit Self Promotion page for details on that. Reddit admins don't like you cutting in on their ad revenue. We do not support VENDORS, I.E. if you buy another company's products in bulk (such as Magpul), and just act as a distributoreseller, your business is not welcome here. That is /GunDeals territory. If you have an FFL, you cannot do business on here because are considered a firearm business, and cannot solicit any transactions involving firearms.
The limit on bulk sales/bulk items is 10, that means 10 of the same individual item can be posted for sale or trade. If you have 10 Geissele triggers, but only 4 are flat and 6 are curved, that will still count as 10, as they're the same branded trigger and likely purchased at the same time. If there are 3 OD Green items and 7 FDE that are otherwise the same item, that still count as 10. If you post 10 items of the same in one day, 10 the next, and 10 the following day after that, that will be viewed as vendor activity. To keep such things from happening, it will be limited to one sale of this type, per user, per week. The ONLY EXCEPTION to this rule is old magazines, as it is common for users to purge off part of their mag collection.
Please follow these rules when creating a listing: Prefix your title with the transaction type:
[WTS] - Want To Sell
[WTB] - Want To Buy
[WTT] - Want To Trade
[GIFT] - Gun It Forward Tactically
Suffix your title with your state (e.g. (GA) or (NY)). This will help incentivize local sales and could impact shipping costs. Also, it could affect legality of some items such as magazines and those accessories deemed as "assault weapon" parts by certain states.
Postings should all follow this general format as an example: "[WTS] M16A2 Carry Handle - $60 (VA)". If you do not list the price in the title, ensure that it is listed in the comments. Include a Dollar sign ($) or the bot will remove it.
Postings without a price value may be removed after a period of time. WTB posts require valid offering prices, and will be removed if they do not have one.
Postings with prices such as "$1 for the bot" or "$1,000,000 for the bot" that are intended to bypass our rules and automated removal system instead of posting a valid price, will be removed and a temporary ban will be issued immediately.
Postings without pictures will be removed immediately, unless these posts are WTB.
Do not post an item for sale if you do not have it in your possession at the time of posting. This includes an item you may have purchased elsewhere, you decided you don’t want it and it’s on its way to you, but it has yet to arrive. If you don’t have it, don’t post it.
If you post stock images of an item in your WTS/WTT post, that will result in a temp ban if it is your first time doing so, possibly permanent if done on multiple occasions. If you post images of someone else’s photos for “your” item, this will be viewed as scamming tactics and you will receive a permaban, immediately.
If you drop your price, use the Price Drop/NSFW Tag. If your items sell, use the Complete/Spoiler tag. Please don't delete the price of an item if it sells, because that can be used by people in the future to gauge what similar items may be worth.
If your post does not receive the traction you're wanting, refrain from reposting within a 24 hour time frame. You may repost after the 24 hours has passed, and a price drop is not required, but encouraged. Deleting your post and reposting afterwards is viewed as trying to evade this rule. It will be met with removal and a temp ban, possibly longer if done more than once.
Want to Buy/Sell/Trade (WTB/WTS/WTT): These transactions all require a price value for the item. If a listing does not include a price it may be removed and re-listed once it is in compliance. Giving an unrealistic price to avoid this rule will be treated as a rule violation. Examples of this are "WTB scope, $1" or "WTT Upper, $9999". Additionally, you must list what you are looking for in [WTT] posts. Fielding offers, testing the waters or any other post attempt to try and skirt this rule will result in the post being removed.
Gifting items forward: (GIFT) If you have small odds and ends that aren't worth much and the cost of shipping is prohibitive, you are allowed to offer items for free. The gifter is allowed to request compensation for shipping only, and can request a flair upgrade in the feedback thread for the transaction. If the receiver pays for shipping, they can also request a flair upgrade, but if they get the item for free, no flair upgrades for the recipient. Flair upgrades of this type are limited in order to avoid abuse, i.e. giving away 20 A2 grips in order to get +20 rep is not authorized.
Accounts with 5 or less flair (you must have at least 6) on GAFS are NOT eligible to participate in giveaways, due to users from other subs coming to win stuff without ever participating in GAFS, or GAFS users making multiple new burner accounts to enter giveaways.
New accounts (under 30 days of age) are not able to create WTS or WTT ads, nor should they offer things for sale in the comments of other peoples' posts. To prevent scams, new users can only post Want to Buy threads. If you want to attempt to bypass this account age requirement, you must be able to provide moderators evidence of a good trading history on another reputable online forum, such as Calgunner or AR15.com where you can show a longstanding history of positive trade feedback. If this is completed, moderators may provide an exception and allow WTS/WTT posts to be submitted by new users, with a warning caveat to any potential buyers to avoid using risky payment methods until the seller has had a chance to develop a positive trading reputation.
Any new accounts that utilize this subreddit that create names that are similar to a mods (i.e. sxbbzxro, sxbzxxro, subzxro, etc.) may be removed from participating here due to the possibility of confusing/having the ability to manipulate users into thinking they are in fact a mod.
Price Checks (PC): Because PC listings were abused by many to bypass the price rule, fish for "best offers", and otherwise snipe sales, they have been disabled after overwhelming support from the community.
We have a feedback system in place. The current month's flair thread is On the Sidebar, and is usually Stickied at the top as well. Check there for the specific directions. DO NOT create a thread for a sale that has already happened, or has happened in a different sub/website/forum etc. The Flair system is only for feedback for exchanges in /GAFS. Any attempts to game the flair system will be seen as an attempt to establish trust for scam purposes, and will be banned accordingly.
Law Enforcement: Be aware, we do not offer exemptions to any individuals who may have LE credentials. Due to the difficulty of verifying employment, possible job changes, leaving/termination from said job, etc. we treat all users as civilians. Any local and federal laws apply to all individuals who utilize this subreddit. Read up and stay up-to-date on these laws and regulations, you will be expected to know and abide by them. Failure to do so may lead to a ban.
External Sales:
NO LINKS to your external sales on TacSwap, eBay, Facebook, Armslist, Gunbroker, etc. Sales in multiple locations are allowed, but don't just provide a link to sale elsewhere. Make your listing here. The only caveat to these rules is to show a price point elsewhere if someone here has an item that is grossly overpriced, or is looking for an item.
This sub is not a "highest bid gets the item" format. There are also no lotteries for items i.e. 10 chances at $10 each to purchase a $75 flashlight with a random number generated to pick the winner.
High Value or Counterfeit Items:
To deter the sale of counterfeit products, any item that is serialized must have a picture of the serial. As firearms are not allowed for sale here, this shouldn't present a privacy issue to anyone. This policy covers items such as EOTechs, Aimpoints, Trijicons, etc. Along with this, if you're selling anything that's "new-in-box", you must unseal it and show the contents of said box/package.
No Stolen Property. If you are selling a knockoff item, indicate that fact. Items such as bipods, BUIS, flashlights, holsters, and scopes/optics are known to have some gray market options. KAC USMC Stamped Rear Sights are not stolen property and are allowed on here, unless another member can provide proof from a DoD source that they are in fact considered stolen government property.
All GAFS logos, icons, banners and visual content related to this subreddit, belong to the moderator team. Do not create/manufacture/produce items with this content onto itself. It is forbidden to profit off the GAFS name, unless discussed with the modteam in advance and given permission.

Shipping/Insurance Rules:

The official policy is for the mods to not get involved with issues regarding lost packages, provided that the parties can prove it was actually lost. If you feel like insurance should be added to your transaction, please take care to add that before finalizing terms.

General Rules:

WARNING: Be aware of all state and federal laws that apply to you and any parties involved in a firearms-related transaction. You are responsible for knowing and following the law. This Subreddit and its staff are in no way responsible for informing you of the law, but will make every effort to do so. As a buyer, be familiar with your state/county/city rules. As a seller, do not knowingly sell prohibited items to areas that have laws against your items, such as certain capacity magazines. Any person, buyer, or seller, who knowingly solicits a trade that is illegal for them may be subject to a ban.
Respect all federal and local laws for any transaction you take part in. This includes federal drug laws. Drug activity tied to your account tied to any other issues is sufficient grounds for banning. Here is the ATF Letter that explains why any suspected drug activity, including marijuana, is grounds for immediate banning from the sub. Illegal gun activity such as unregistered SBRs, AOWs, destructive devices, DIAS or lightning links in your reddit profile (in or outside the sub) can be reason for banning. Do not spread bad information regarding laws.
Any item you post for sale is expected to be in your current possession. If this is not the case, you must specify this in the listing. Circumstances such as selling for a friend is allowed, but pictures of your items are required to be shared to the public. You do not need an imgur.com account in order to host pictures of your item on imgur, so that is not an excuse.
If you are scammed, inform the mods as soon as you can so that we may investigate and ban the offending parties if necessary.
Do not post the personal information of any Reddit users. The exception to this is if someone uses PayPal to scam a member, this information may be sent to the mods to prevent others from also being scammed. Doxxing people will not be tolerated.
Do not antagonize posters about their price, opinion, or sexual orientation (etc). This translates to be a general rule of "no dickish behavior". If you disagree with someone's price, and can post evidence that their item has a current or recent better price elsewhere such as a link to a vendor, that information is authorized to be posted. That is not antagonism. People may comment on prices and offer counter-offers, as long as behavior is not insulting or unprofessional. If you feel that someone is being unprofessional regarding pricing, report it and the mods will evaluate the case. They are the determining factor whether behavior warrants muting, temporary banning, or permanent banning based on severity of incident, past behavior, and other factors. If your behavior does not contribute towards the positive image of firearms ownership, your participation in this subreddit may not be welcome.
Soliciting any type of transaction regarding prohibited items may result in a ban. This includes Price Checks of firearms and other prohibited items, as this can be seen as an attempt to garner PM offers for prohibited items. Remember that there is no expectation of privacy from Reddit Admins, and that they have shown in the past that they have access to private message histories.
As a general guideline, if a buyer wants to use PayPal Goods and Services (G&S) rather than Friends and family (F&F), it is expected that they will absorb the ~3% fee for the increased protections. However, PayPal F&F, Zelle, and Venmo and similar payment methods are discouraged here due to a lack of protections.
All rules and guidelines are subject to change. The moderators have the final say in all issues in relation to the rules and how to enforce them.

Due to the anonymous and mostly unregulated nature of the internet and the ease with which it is possible to make fake websites for attracting people, along with the ability of communicating via email has made the online world a fertile ground for scammers. Lots of people have been fooled out of their money in different ways and binary investment scams are one of them. Binary options trading has also provided these scammers the opportunity to make a living by convincing people to part with their cash. How can this happen?
First and foremost, binary options trading is a fully legitimate form of trading. But, the online nature of the trading itself as well as the service providers, combined with the fact that it is relatively new, has made it a stomping ground for scammers. As compared to traditional stocks and commodities trading that requires established and large brokers, binary options trading only requires a convincing website that can lure uninformed individuals to a service where they are scammed. Since you cannot see or hear people you are communicating with, it is easier than ever for scammers to get away with it.
Most binary investment scams involve scammers presenting a binary options trading opportunity to people, asking them to invest their money. Upon receiving their investment, they first claim to make profits and show the numbers to convince people to invest more and more. At the end of the day, they claim that there was a loss and all subsequent trades will also result in a loss. Thus, the investor will be left empty-handed because the trades didn’t work in their favor. There are also cases where the scammer may not just be content with the money they get from people.
Some of the binary investment scams out there also involve ‘identity theft’, which means the scammer steals sensitive information like passwords, bank account numbers, credit card numbers and even social security numbers. They can use this information for nefarious purposes and it can lead to disastrous consequences for the investor.
With the constant onslaught of such binary options trading system that are designed to deceive people and scam them, a lot of people become discouraged. These scams are ruining the image and credibility of the binary options industry, even though it is a legitimate way of earning.

Before we begin: what do you think Betrayal would and should look like as a core game mechanic? What expectations do you have for it? In addition, try to think of what Betrayal's place would be in the game were it simply implemented exactly as is, but somewhat less common than it is at the moment because it will compete with other masters for appearances (assuming they're mutually exclusive).
PROBLEMS AND SOLUTIONS:

• "Core" league vs "current" league
• Betrayal Safehouse loot is bad and so is low-level farming
  • The Good
  • The Bad
  • The Middle
  • Betrayal does not scale well with area level
• Betrayal Veiled items are bad but not that bad
• Manipulating the Syndicate feels bad
  • It feels bad to walk away from Betrayal encounters
  • The Mastermind

​
"Core" league vs "current" league
Description of problem: This isn't actually a problem, just a byproduct of GGG's league design. I decided to talk about this at the very start to differentiate between two things: How GGG "should" design a current league and how GGG should adapt that league into core content. The league's content is stretched to last for three months, and since the encounter rate is high, the rewards are correspondingly miniscule. Content that is now core has a relatively lower encounter rate, but the rewards are larger per encounter (but still small to make up for the fact that content has been cumulative for years on end, lending to how crazy maps can get). Since temporary leagues have long been the de facto "way" of playing the game, people seem to have forgotten GGG's disclaimers that temporary league balance has a high likelihood of being off. GGG rarely hits out of the park on the first try, but they have a history of nailing it the next time around. Invasion was nerfed, Necrovigil and Phylacteral Link were removed, Order of the Frozen Sky isn't horrific anymore, Malachai was nerfed, Bestiary was fixed, Betrayal's bugs were (eventually) fixed, and so forth. I have faith that GGG will do what's right and I'm looking forward to what GGG will do with a "core" Betrayal because the "league" Betrayal is already history at this point. We're already in the preliminary stages of the next round of new league hypebuilding.
​
Betrayal Safehouse loot is bad and so is low-level farming
Description of problem: At the core of ARPGs, everything comes back to loot. We're not helping Zana because we care; we want to snatch the eyes right out of Uber Elder's writhing head. This talk will be split into two parts: Safehouses and Veiled items. Let's start with Safehouses. Here is a graphic of all Betrayal rewards and how I have personally ranked them, according to their value within BSC and the opportunity cost of putting a member in one branch and not another. Some of these could be shifted around according to one's preferences (some people don't want to deal with Guff's benches, other people don't value Cameria's legacy Uniques because the chances of getting something good are too low, etc). But this is a rough guide for what most players will see when they get Safehouse loot.

Total # of possible rewards: 68	# of good rewards: 15	# of middling rewards: 16	# of bad rewards: 37
# of level-scaled rewards: 15	# of good rewards scaled by level: 0	# of middling rewards scaled by level: 0	# of bad rewards scaled by level: 15

Let's talk about the three types of rewards I've delineated.
The Good: GGG did well with the good rewards. Stuff like turning Rare amulets into Talismans (effectively solving Talisman's long-standing problem of being inferior Rare items because you could never control the explicit rolls), adding White sockets to any gear (not just craftable bases like Delve's Fractured Fossils), "free" Exalt slams, breaking the quality cap, and so forth. PoE is a character building game and giving players these kinds of small optimizations (on top of the big and risky stuff like double-corruption rooms) is precisely what separates the top builds on poe.ninja from the budget cookie-cutter stuff with inferior performance. In fact, I wouldn't mind them being at their current rarity level once they go core because that's just how strong they are.
The Bad: Thing #1 is that it's okay for the Syndicate to have bad rewards. It would have happened regardless of design since even when all things are good, some things are relatively less good. Additionally, if everything was good in a generic and non-specific way, the Syndicate as a whole would lack flavor. For example, Leo gives Torment Scarabs because he's the Ghost of PvP Past and Tormented Spirits are about as fun and rewarding as PoE PvP in 2019. Jokes aside, it's also possible to mitigate the bad rewards by interrogating these people for intel in lieu of others because they don't matter anyways, unlike a 3* Cameria in Intervention. So we can't deny that Betrayal's got flavor. The bad news is that the flavor is "the juice that leaks out from the bottom of black garbage bags". Instead of "everything being good so nothing matters", we have "almost nothing is good, so only a few things matter". Really, I don't know what GGG was thinking when it came to some of Vagan, Haku, and Elreon's rewards. They literally drop less than a white unrolled map for all the effort that goes into making a Safehouse.
Thing #2 is that there's too much "bad". Much of it could be converted to "middling" with some adjustment, which would make an undesirable safehouse outcome much less galling to swallow. Alternatively, many "bad" rewards would simply become less relevant if syndicate manipulation had more quality of life and less tedium. If Betrayal was simply dumped into the core game with a lower encounter rate right now, it would be frustrating to deal with and a mediocre gameplay experience as a result.
The Middle: The middling rewards mostly relate to items you can get from other sources, like Fossils, Fragments, Essences, Currencies, Divination Cards, and Maps. In the case of Maps and anything to do with them, I think some of the devaluation can also be blamed on Pure Breachstones, which have inflated supply (The HarbingeBeachhead effect).
The problem is simple: It is more efficient to obtain those items from other sources (including their original sources) than it is to farm the Syndicate for them. I'm not advocating for the reverse, because then only the Syndicate would be relevant content unless it was significantly gated. But as it stands, Korell's fossils are a joke because doing Delve for them is better. Stacks or spreads of random Divination cards are a joke because it's better to use a Divination Card scarab on a zone that actually gives the Divination card you want in a somewhat deterministic fashion (You know, the point of Divination cards); Gravicius ain't no Putrid Cloister. Fragments are better farmed from the trade website and twinned triple boss corrupted maps and currencies and uniques are better found simply by running a map.
Betrayal does not scale well with area level:
Oh boy, here we go.
This. This right here. This is the reason why we were running Harbour Bridge and Foothills for the whole league. This is the reason why people were able to target-farm Pure Breachstones and pump out more than half the amount of level 100s in Standard (the cumulative history of the game) in a single league. If Betrayal's content and rewards had scaled more appropriately with area level, we could have had a league that excels in both low and high-level content, like Delve.
So, you do easy stuff, you should get meh rewards. If you do hard stuff, you should get good rewards. One of the most fundamental ingrained ideas behind gaming design. What constitutes "hard stuff" can be difficult to describe at times since the layered content and occasional lack of visual clarity in PoE creates difficulty spikes and each build and player is challenged by different aspects of the game. But content design and controlled encounters can remove the possibility of difficulty spiking due to unexpected variables, which means Betrayal has less excuses for its ratio of difficulty to reward. You feel bored when you do hundreds of hours of monotonous low-level zones. You feel excited when something challenges you and forces you to upgrade your build and pay close attention to positioning and enemy patterns. You feel betrayed when hard content gives you bad loot and you feel annoyed when easy content gives you good loot because the game's design gives you a begrudging reason to do the tedious and easy content as opposed to the more varied difficult content. That's what Betrayal, as a league, was.
If you look at the second row of my table above, you'll see that less than a fourth of all possible Safehouse rewards scale with area level. And all of them are "bad" outcomes. Arguably, Jorgin's "Aspect rares" are potentially middling because you could split them with a Bestiary recipe and get a craftable base in case you're not finding a Fenumal Hybrid Spider or a Farric whatever, thus enabling SSF builds. And that part of Jorgin is good because it gives a partially deterministic outcome. Here's the other commonality between all of these bad, level-scaling rewards: there are a lot of rare item outcomes. Hell, I didn't even read this thread, but it probably does an excellent job of explaining the numerous problems with rare items. As it stands, there is virtually no reason to do Betrayal in Tier 16 maps: you get plenty of risk, without a corresponding increase in reward.
Proposed solutions to problem: The solution should be grounded in thinking about "where" Betrayal fits in the loot acquisition possibilities of the game as a whole. Delve, for example, is an all-rounded system with good scaling that bolsters Rare item crafting. Bestiary is mostly mid to end-game with respect to customizing flasks, obtaining random Unique items, and using obscure crafting techniques. Incursion falls into the same mold, with Alva's temples being the most influential as a supplement for early mapping (map drops within the Temple of Atzoatl) and for various powerful "crafting benches" and upgraded Incursion Uniques that are reserved for the elite (or ludicrously lucky) of Wraeclast. Bloodlines, Nemesis, Invasion, Beyond, Domination, and various other leagues are instance and enemy seasoning.
What I mean when I say "where does Betrayal belong" is that Betrayal has a tremendous untapped niche that has been buried all along because of GGG's flawed reward distribution. This niche is "deterministic farming". Manipulating the Syndicate and targeting certain members in certain branches to get Harbinger Orbs to upgrade your stagnant map pool or getting crucial gem levels on your spells to get an extra power boost, that's what I'd really love to do. Betrayal could be like Divination cards 2.0 in giving mid to end-game players a solid process for obtaining otherwise obscure items and niche services that will really push their itemization to the next level while also giving lower-level players powerful Rare items and crafting options while leveling. Frankly, I have no idea what I'd want to make this happen, so this is just an idea at present. So what I'm suggesting will merely be tweaks on top of what exists at the moment rather than a radical overhaul to bring Betrayal more in line with something like Divination cards.
The good rewards are fine and could even be a little rarer (especially to preserve the value and intrigue of those services). Especially Pure Breachstones. Look, I enjoy being level 100 as much as any of you guys, but it's a little ridiculous, right? That this single Safehouse outcome alone was so influential as to influence gem experience markets, map valuation, rare jewelry markets, build archetypes, and generate a majority of "the reason why people are running Harbour Bridge"? We know it, GGG knows it; it's going to be destroyed harder than CoC was in the past.
The middling rewards are largely a ratio of reward against tedium and quantity. If GGG can balance this ratio, it'll just work. Make Betrayal less tedious to manipulate; more on that later. Make the currency-based rewards drop a guaranteed higher-tier currency of the respective type or a higher quantity of the lower tiers. Essences of Hysteria, Delirium, etc. Faceted and Hollow fossils. Divine and Annulment Orbs. Uber Atziri fragments. That's what we should be seeing once Betrayal goes core. Make quantity scale with the 3* mechanic and make quality scale with area level, because a level 60 3* Syndicate member is far less dangerous than a level 83 1* Syndicate member.
The bad rewards need to either be scaled up or changed entirely, full stop. On an individual basis, my ideas:

1. Aisling's stashes should drop more Veiled items now that the Syndicate will be less common.
2. Elreon should give more Unique items or give a guaranteed higher rarity tier of them. Every league has given increased means to obtain Unique items and compared to them, Elreon is an utter joke. I get more Uniques from completing one Incursion in a yellow map than I do from Elreon.
3. Why does Haku give items with quality in Research. I can buy Whetstones and Armourer scraps from vendors. Even Delve gives "Superior" (30% quality) items, which I'd count as better than Haku. What does Haku even "do" in Transportation?
4. Hillock map quality. This would only be valued back in the days when people Exalted maps.
5. ITF should give more Breach Splinters, more Abyss Jewels. To be honest, I'm not sure why they gave it Abyss Jewels instead of Breach Rings. Maybe because they realized that Breach Rings are hot garbage.
6. More Talismans from Jorgin, perhaps with a guaranteed cascade of tiers and even some Tier 4 Greatwolfs (not the Unique variety), which we haven't seen since the days of Rigwald. Most if not all of the Talisman affixes are useful, hence why I don't distinguish so much between tiers 1 to 3 and would want equal access to all of them.
7. For SSF, I'd rate Riker as a middling pick because ilvl100 can be useful for some bases and a choice of Unique is better than Elreon's "Rain of Alch Shards". But it's still not great since we're getting "one" item and it's probably not great. Better options would be the obvious pick, not sure what would fly besides that. Maybe if we could go between five Trapped tabs, pick out five items, and get two randomly out of five? It'd ruin the deterministic flavor though, which I like about Trapped stashes. I'd almost even like a Tetris or matching game.
8. Tora should give the highest tier of enchant on bases of the best possible item variant. Getting a Merciless Labyrinth enchant on utter trash is disheartening. Shaper or Elder influence would be a welcome addition as well.
9. Vagan.

The sad part about the level-scaling was that GGG could have done it before this point. They could have done it all along and made Betrayal a truly great league.
So, what should they do going forward? I've read some people who proposed that the 3* system should be abolished completely and that all rewards should simply be scaled by area level, but I don't see why they couldn't utilize both systems. As I said earlier, quantity should scale with the 3* mechanic and quality should scale with area level because the latter is the far more dangerous (and important, if we want to incentivize playing in high-level content).

1. As I said for currency stashes, give a chance to drop either one of a high-tier currency or several lower-tier currencies of the same type.
2. Intervention stashes should perform similarly. Make the 3* continue to give a guaranteed gilded scarab of the member's type (since this worked fine in the league), but make area level scale linearly with chances to give additional Polished or Rusted Scarabs (with an extra Scarab being granted per 6 levels divisible past area level 65 (so an area level 83 zone gives a neat chance to give 4 Scarabs per stash and 1-3 in anything less). I'm assuming that Scarabs will stay locked behind Betrayal instead of becoming a general currency drop, but we could get an Annulment Orb treatment.
3. Research rewards are tricky, since they consist of crafting bench services that can't really be meaningfully changed and are already very good. But change some of the crappy ones, my god...
   1. Gravicius is a joke: the tier of card given should at least be of the same rarity tier, or it could be something like a Tier 3 Sacrifice chamber where a card with a same "set count" is given (thus drastically revaluing 8-set cards).
   2. Or it could be changed to "create duplicates of an inserted card", with the number scaling according to Gravicius' level and the set count of that card.
4. Janus and Cadiro as a whole need to be rebalanced; it's a crying shame for such a widely praised league with solid early-mid game integration and SSF potential to go to waste because Cadiro is now an overcharging Rare jewelry vendor.
5. Haku should do something completely different. My idea is to upgrade items with "low" base into items of a "high" base. This has been a longstanding idea, but I've never heard it mentioned with respect to the Syndicate (which surprises me, since the Syndicate is all about outlandish ideas). For example, going from a Destroyer Regalia to a Vaal Regalia. Obviously, not all items have a 1:1 example like this, so the applications would need to be done on a case by case basis.
6. Several rare-item related rewards should be changed to have a deterministic mod on them or provide a craftable base a la Jorgin's Aspect items. "More Rare items to identify" is not the solution. Identifying items is a tedious exercise in item-filtering that takes away from gameplay and adds to unnecessary micro-management that is no different from the end of an Incursion or Delve node. Giving us something to craft and sink currency into; that's engaging, that's "Delve meta-mod item" kinda stuff right there. The Syndicate is all about customization, so give us something to customize. Abyss jewels could have Delve fossil modifiers already on them, Rare items with Essence mods could drop, sealed Bestiary Orbs with beasts inside... the possibilities are far larger than what GGG has laid forth
7. This is the most outlandish idea I've thought of yet: Make the Syndicate change rewards per league, like Zana. They could still stick to general themes, but any way to shake up potential future metas involving Betrayal as a core league mechanic is huge. Especially with respect to the "discovery" theme of Betrayal, if we had to relearn what the rewards were each league. I seriously didn't think of this until just now and I don't think GGG will do it, but it's an interesting proposition for sure.

​
Betrayal Veiled items are bad but not that bad
Description of problem: Veiled items share the same problems as rare items because they are rare items with a crafted affix on top. As one's crafting bench completion increases, Veiled items become increasingly useless to pick up and annoying to unveil. The veiled signature mods of Syndicate members, in particular, require special attention to obtain. 20 chaos orbs for It that Fled veiled mods will become far worse in future leagues.
Proposed solution to problem: Rare items are another can of worms, so it's regrettable that there's no way to make veiled item drops impactful beyond early game, recipe unlocking, and the occasional very rare good item. The crafting bench problem will not be alleviated by making veiled items more rare (an assumed condition of Betrayal going core exactly as it is now): you'll simply have the same problem at the top-end with a corresponding increase in the price of unveiled items,crafting services, and scamming. Solutions are numerous, but they all boil down to "make more veiled items drop" because it is likely that the difficulty of finishing one's crafting bench may even be intentional. Veiled items could drop in the core game and not merely from Syndicate members. Syndicate members could have a guaranteed drop of at least one veiled item. More Syndicate members could spawn per encounter, or Jun could become an Alva-style master and be encountered multiple times per instance, but only spawn the encounter once you speak with her (rather than running across them in the wild as we do now, as the spawning of one Syndicate encounter removes the existence of previous unfinished ones due to the Betrayal board increments by "turns". I was going to suggest making unveils more likely to give unknown or incomplete recipes, but the way veiled items generate prohibits that. Finally, GGG could shake up crafting as we know it in 3.6 and add more recipes, move some veiled mods to in-map recipes, or make Syndicate members themselves drop recipe objects that grant the recipe in question.
​
​
Manipulating the Syndicate feels bad
Description of problem: While having two choices per encounter may have worked for Incursion, it doesn't work for Betrayal. With Incursion, you get 11 encounters and that's it; each one increments progress, even if you die and fail to kill either of the Architects.
With Betrayal, encounters do not necessarily increment progress towards a Safehouse because other options continually come up. I said that there were "two" options per member per encounter, but in practice, this number is often lower. While interrogation will guarantee that progress increases, it is generally reserved for moving undesirable members around to allow desired members to fill their places or for keeping a safehouse locked because it decreases the quality of rewards from the interrogated member and lowers their rank, resulting in less intelligence and necessitating yet more executions to level members up. In the course of "naturally" playing Betrayal (as opposed to targeted farming), interrogation is mathematically the least efficient option, if necessary at times to cap off a Safehouse.
While GGG may have envisioned Betrayal like a tidal pool with patterns constantly in flux, ultimately yielding a beneficial outcome, we players would rather have a bird in a hand than some unknown garbage in the bush. Thus, valued members are rarely interrogated (because there's no guarantee that they'd return to their original position due to the randomness involved in encounters) and single-member encounters are often utterly useless, especially for the purposes of securing intelligence. The reward design of the Syndicate coupled with the mechanics of progressing towards a Safehouse result in an optimal and preferable structure that largely removes the annoyances of the two inferior Syndicate branches (Transportation and Fortification) while promoting investment into a few key members in Research and Intervention. Theoretically, it would also be possible to farm Fortification and Transportation quite rapidly and profitably because they are more common than their sister branches, but again, the reward structure dissuades this type of farming.
The specter of level-scaling also rears its head here. While higher area levels seem to increase the chance for multiple Syndicate members to spawn (alongside appropriate relationships), they also increase the difficulty of the encounter multiplicatively. Red map mods on top of higher area level on top of whatever items and ranks the Syndicate members have on top of there simply being more members around to attack you. By contrast, Harbour Bridge farming is extremely tame. There's also time to take into consideration: higher level areas take more time to clear than Harbour Bridge or Foothills, assuming that the same build were to deal with both. While a high level area might have extra features that might give returns for the time invested (aka, you do the rest of the map after you do the Syndicate), there's nothing quite so fast and precise as farming the Syndicate in Foothill. Level scaling also has absolutely no effect on intel gains, apart from the possibility of spawning more members (which is more safely and rapidly done by creating new instances in low level zones).
Of course, what I've mentioned thus far is if everything in the Syndicate works like clockwork and people simply go into encounters, click whichever buttons, and go on their merry way. What actually happens is that players are constantly forced to walk away from encounters because the given options would actually set them back.
It feels bad to walk away from Betrayal encounters. Or from any encounter in general. Take Alva, for example. Due to the way instance generation works, her three appearances within an instance sharply limit our ability to get specific Tier 3 Temple rooms (namely, the highly desired Corruption and Sacrifice rooms). When an instance is created, content is not generated as it is encountered; it is created all at once. This means that Alva cannot offer to affect the same room more than once within a single set of three Incursions (whereas she was capable of offering consecutive upgrades during Incursion league). If you were to naturally do 3-3-3-2 Incursions, you would only have 4 chances to affect a given room in the Temple. There is a small trick you can do to increase your chances of affecting a desirable room: When Alva offers a room, that offer remains on the table if you leave the instance and spawn a new Alva elsewhere. Consequently, if you get a bad offer from Alva, you can just skip her current Incursion, spawn another Alva, and then the other 2 Incursions in the new set of 3 cannot be that "bad" offer that she's currently got.
The problem is that this trick increases the amount of time it would take you to access a temple. Let's say you constantly perform this trick, such that you only effectively do 2 Incursions per Alva. Instead of taking 4 Alvas to access a Temple, it would take 6. In addition, let's say you're getting Alva on high pack size maps or maps with desirable Divination cards. If you skip an Alva encounter in that instance, you're losing out on loot and experience. This is technically a trade-off, as you are trading away Alva encounters in order to potentially get better results from your Temple. But that's not what it feels like, due to the opportunity costs involved with walking away from Alva.
And now let's bring it back to Betrayal. When you meet the Syndicate, what's the worst that could happen? Well, you might get members who won't be kicked out, or you'll kick them out but they just come back, or desirable members will try to leave, or they'll offer to remove all rivalries when you don't want to, or they'll offer to become trusted, or they'll offer to do some kind of betrayal that you don't want (which are most of what happens when it's down to two people, hence the preference for rivalries over trusted statuses), or you'll simply only get one lone guy to show up and it isn't because he's 3* and can't summon unranked members, it's because you just got bad RNG, and you'll have no choice but to turn tail and gloomily walk out of that Research lab. And it'll keep on happening over and over, though at least Betrayal going core means you won't get this crap happening in every single instance.
That's what I mean when I say manipulating the Syndicate feels bad. If the league went core exactly as it is today, with an appearance rate shared between all of the masters, you would virtually never complete a safehouse with desirable outcomes.
I would be remiss to not mention that there are quality of life problems with the Syndicate that have nothing to do with the league's mechanical design. For instance, the visual web of lines connecting members can become so tangled as to be incomprehensible. Only dialogue outputted to chat can give clear indicators of what each member thinks of their colleagues (because the infighting tends to be unnoticeable in the storm of VFX that typically occupy any PoE player's screen or the enemies die too quickly to do anything). Syndicate members can also rarely die out of bounds while performing movement skills. Finally, there are persistent damage skills on some Syndicate members and mobs that can annoy someone who's just trying to bargain with the fallen, including the electrified nets and Cameria's icicle cone. These self-same skill effects will also become invisible if you go too far off-screen and come back.
But wait. There's more.
The Mastermind.
It's Catarina. Spoilers, by the way. People have different opinions about the design of the fight. Some people think that the visual effects of the attacks, the relative scarcity of flask-granting adds, the indicators for how to progress the phases of the fight, and the area of denial mechanics that limit the viability of some build types within that fight are bad. Others think that her fight is the best thing since sliced bread. So the design of her fight is not necessarily a problem, though it's worth a mention because it's contentious.
What is a problem is how she interacts with the Syndicate. As GGG's own statistics have shown, players have still deemed it more punishing than not to actually complete her fight. Even after they adjusted her fight to give the rewards of the four safehouse leaders at the time of her defeat. Even though many of her dropped items are somewhat expensive thanks to a lack of supply. This is down to the Syndicate being a pain in the ass to manipulate and set back up (especially once you've locked undesirable members into undesirable branches and prefer to keep them that way) on top of her fight resetting the entire Syndicate's members and progress. In addition, if you fail the fight, you reset all of her progress . This isn't really important considering how people mostly only fight her for challenge-related purposes (and the loot is simply a byproduct), but it is noticeably more punishing than most other endgame boss fights. Shaper and Uber Elder can simply be fought again and are known to be tough but fair. Catarina is hardly so gracious. Even though it turns out she's always hiding in the Forbidden Vault, you've got to find her all over again.
If Betrayal goes core exactly as it is, barring some people who would like to get some of her exclusive crafts for services in the new league, I don't see why people would bother with her fight. It would still be more profitable to farm for scarabs and crafting benches than to screw up a painstakingly laid Syndicate.
Proposed solution to problem: To reiterate, the problems with the mechanics of the Syndicate include the binary choice system a la Incursion, the undesirable outcomes of any given Betrayal offer (including the interrogation option), the tedium caused by the random nature of said offers compounded with the fact that you only get a few choices in the matter, and the fact that progressing the Syndicate and getting better rewards from it has nearly no relation to high level content. Oh, and the Mastermind may as well not exist. Here are some options:

• Encounters will be less frequent, so GGG should simply make them always have at least 2 members, regardless of the relationships between said members (though it should prioritize relationship statuses before inserting random members).
• Make Syndicate members give more options. I cannot stress enough just how bad it is to have virtually 1-2 choices per encounter: we wouldn't be constantly walking away from encounters otherwise. It would be absolutely unacceptable for us to have to do this in the core game. This could be something as simple and reductive as simply allowing us to always execute a member (You might not necessarily get progress because they're already 3*, but at least they drop their items) regardless of how many members are present (on top of a Bargain or Betray option).
  • Or it could be something as complex as a wholesale rework of the interaction mechanics. Personally, I favor a drag-and-drop board with intuitive decision making.
    • Each member in the encounter should be highlighted with a black and green flame border as per the colors of Betrayal.
    • Their relationship lines should glow brightly when that member is hovered over, and green or red outlines should appear based on what relationship the selected member has with a given member (and make them hues that are friendly to more common varieties of colorblindness).
    • When a member is selected, there should be a menu of options to choose from, including Interrogation, Execution, Bargaining for Intel, Bargaining for Items, Destroying a Branch's items, Freeing Prisoners and any number of available Betrayal options where they're available (if trusted members are in the zone).
    • The "drag and drop" aspect would be for removing members (putting them in the trash bin to get swapped with someone who isn't in the Syndicate) and for switching the positions of members between branches or between leadership positions (only leaders can switch with other leaders and only subordinates can switch with leaders in their branch).
• Allow multiple encounters within a zone. I suggested this for the purpose of improving the feeling of dealing with Veiled Items, but this would also apply to interacting with Syndicate mechanics by giving a sense of rapid and impactful progression through a single set of Jun encounters. Of course, only different branches or keystone members might be allowed to show up, which could prove to be troublesome for manipulation purposes, but if it came hand in hand with increases to intel gains or bargaining/execution options, it could be fine. The impromptu feeling of stumbling into the four distinct mission types is appealing though, hence why having Jun as the start trigger might not be possible (especially when it comes to Intervention, which is supposed to ambush you).
• Make area level have an effect on Syndicate progress. Once it goes core, infrequent encounters mean that intel could be adjusted to fill with fewer encounters based on area level and not just rank within the Syndicate. In addition, intel could scale asymptotically with the amount of relationships that a member has (makes sense, right? More friends/enemies, more info). The way I see it, Safehouses don't really come into play until at least level 60; it's all veiled items and manipulation before then. This means that Safehouse farming in low-level zones should be diminished by changing how intel is gathered and farming in high-level zones will be rewarding both with respect to looting and to interfacing with the content. In addition, to promote some degree of multi-safehouse farming, we could have cross-department intel (give intel for their own branch as well as the branch they appeared to help with).
• Make the Mastermind worthwhile to do. This would be helped by making the Syndicate less tedious to set up in some way, whether by one of the above methods or some other method. This depends on how GGG wants the Mastermind to be treated by players: as an integral end-goal that is equivalent to other established Syndicate farming methods, or just as a nice bonus on top, or something else? If the former, then GGG should double the rewards made available by the Safehouse leaders. Four stashes against two is a clear winner, especially considering that we're skipping out on the safehouse members by doing this as well as the potential difficulty of getting the Mastermind in future leagues. This also really promotes a risk/reward mechanic and justifies having Catarina disappear for another several Safehouses should you fail to kill her. Having an "incomplete" reset of the Syndicate might also be good (explain it by saying that previous members keep some of their old ties after being reorganized), though the ability to wipe the board is useful for people who have screwed up too much and would rather start over without moving people around (again, depends on if Betrayal interaction is changed when it goes core). The criteria for not being reset could be an amount of relationships (rivalries/trusts) or a rank requirement (3* in the leader position, thus shielding the subordinates from reset).
• Finally, making alternative farming methods within the Syndicate viable through interaction mechanics. While the suggestions about loot increases could help to incentivize some people to pick more of the currently middling/bad rewards and therefore farm outside of Intervention and Research, what people generally do is they set up everyone to have rivalries (because of the problem with bad choices, especially when members are trusted). I'd like to see a more distinct set of advantages/disadvantages that are different but equal for trusted/rival statuses. I don't think that Intervention or Research will necessarily be devalued by making Transportation and Fortification more accessible and rewarding; they have worthwhile rewards that can stand against simple numeric increases in currency drops from the common branches. Making it easier to move members where you want or keep them where they are (instead of constantly rolling the dice and walking away when it the outcome is unsuitable) would help with shifting the current meta of "locking" the "undesirable" Syndicate branches, although the targeted farming is appealing in it's own player-invented ingenuity.

In closing, I would rather Betrayal get a "Bestiary" treatment if GGG doesn't have a game plan for how they're going to make it into core content. Better to wait a few months and do the job right than to botch it. Betrayal is tied to a lot of crafting options at the moment, but they could be moved to environmental Atlas recipes for the time being or veiled items could drop regardless of the Syndicate's presence in Wraeclast (a little odd to have a Veiled master without a Syndicate to fight though, hence why I'm fairly certain GGG already has something up their sleeve for this). GGG has invested a lot of resources into writing and polishing Betrayal and creatively engineering its mechanics, and it shows. Most content that GGG has ever made tends to return in one way or another, thanks to how asset use and systems design work in this game. It isn't a matter of "if", it's a matter of "when". I hope GGG makes the right calls on this and I look forward to what you guys think should be done.

(continued from part 1)
Unlocker is a tool to help delete those irritating locked files that give you an error message like "cannot delete file" or "access is denied." It helps with killing processes, unloading DLLs, deleting index.dat files, as well as unlocking, deleting, renaming, and moving locked files—typically without requiring a reboot.
IIS Crypto's newest version adds advanced settings; registry backup; new, simpler templates; support for Windows Server 2019 and more. This tool lets you enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows and reorder SSL/TLS cipher suites from IIS, change advanced settings, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions.
RocketDock is an application launcher with a clean interface that lets you drag/drop shortcuts for easy access and minimize windows to the dock. Features running application indicators, multi-monitor support, alpha-blended PNG and ICO icons, auto-hide and popup on mouse over, positioning and layering options. Fully customizable, portable, and compatible with MobyDock, ObjectDock, RK Launcher and Y'z Dock skins. Works even on slower computers and is Unicode compliant. Suggested by lieutenantcigarette: "If you like the dock on MacOS but prefer to use Windows, RocketDock has you covered. A superb and highly customisable dock that you can add your favourites to for easy and elegant access."
Baby FTP Server offers only the basics, but with the power to serve as a foundation for a more-complex server. Features include multi-threading, a real-time server log, support for PASV and non-PASV mode, ability to set permissions for download/upload/rename/delete/create directory. Only allows anonymous connections. Our thanks to FatherPrax for suggesting this one.
Strace is a Linux diagnostic, debugging and instructional userspace tool with a traditional command-line interface. Uses the ptrace kernel feature to monitor and tamper with interactions between processes and the kernel, including system calls, signal deliveries and changes of process state.
exa is a small, fast replacement for ls with more features and better defaults. It uses colors to distinguish file types and metadata, and it recognizes symlinks, extended attributes and Git. All in one single binary. phils_lab describes it as "'ls' on steroids, written in Rust."
rsync is a faster file transfer program for Unix to bring remote files into sync. It sends just the differences in the files across the link, without requiring both sets of files to be present at one of the ends. Suggested by zorinlynx, who adds that "rsync is GODLY for moving data around efficiently. And if an rsync is interrupted, just run it again."
Matter Wiki is a simple WYSIWYG wiki that can help teams store and collaborate. Every article gets filed under a topic, transparently, so you can tell who made what changes to which document and when. Thanks to bciar-iwdc for the recommendation.
LockHunter is a file unlocking tool that enables you to delete files that are being blocked for unknown reasons. Can be useful for fighting malware and other programs that are causing trouble. Deletes files into the recycle bin so you can restore them if necessary. Chucky2401 finds it preferable to Unlocker, "since I am on Windows 7. There are no new updates since July 2017, but the last beta was in June of this year."
aria2 is a lightweight multi-source command-line download utility that supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. It can be manipulated via built-in JSON-RPC and XML-RPC interfaces. Recommended by jftuga, who appreciates it as a "cross-platform command line downloader (similar to wget or curl), but with the -x option can run a segmented download of a single file to increase throughput."
Free Services
Temp-Mail allows you to receive email at a temporary address that self-destructs after a certain period of time. Outwit all the forums, Wi-Fi owners, websites and blogs that insist you register to use them. Petti-The-Yeti says, "I don't give any company my direct email anymore. If I want to trial something but they ask for an email signup, I just grab a temporary email from here, sign up with it, and wait for the trial link or license info to come through. Then, you just download the file and close the website."
Duck DNS will point a DNS (sub domains of duckdns.org) to an IP of your choice. DDNS is a handy way for you to refer to a serverouter with an easily rememberable name for situations when the server's ip address will likely change. Suggested by xgnarf, who finds it "so much better for the free tier of noip—no 30-day nag to keep your host up."
Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed reports. The Community Edition of Joe Sandbox Cloud allows you to run a maximum of 6 analyses per month, 3 per day on Windows, Linux and Android with limited analysis output. This one is from dangibbons94, who wanted to "share this cool service ... for malware analysis. I usually use Virus total for URL scanning, but this goes a lot more in depth. I just used basic analysis, which is free and enough for my needs."
Hybrid Analysis is a malware analysis service that detects and analyzes unknown threats for the community. This one was suggested by compupheonix, who adds that it "gets you super detailed reports... it's about the most fleshed out and detailed one I can find."
JustBeamIt is a file-transfer service that allows you to send files of any size via a peer-to-peer streaming model. Simply drag and drop your file and specify the recipient's email address. They will then receive a link that will trigger the download directly from your computer, so the file does not have to be uploaded to the service itself. The link is good for one download and expires after 10 minutes. Thanks to cooljacob204sfw for the recommendation!
ShieldsUP is a quick but powerful internet security checkup and information service. It was created by security researcher Steve Gibson to scan ports and let you know which ones have been opened through your firewalls or NAT routers.
Firefox Send is an encrypted file transfer service that allows you to share files up to 2.5GB from any browser or an Android app. Uses end-to-end encryption to keep data secure and offers security controls you can set. You can determine when your file link expires, the number of downloads, and whether to add a password. Your recipient receives a link to download the file, and they don’t need a Firefox account. This one comes from DePingus, who appreciates the focus on privacy. "They have E2E, expiring links, and a clear privacy policy."
Free DNS is a service where programmers share domain names with one another at no cost. Offers free hosting as well as dynamic DNS, static DNS, subdomain and domain hosting. They can host your domain's DNS as well as allowing you to register hostnames from domains they're hosting already. If you don't have a domain, you can sign up for a free account and create up to 5 subdomains off the domains others have contributed and point these hosts anywhere on the Internet. Thanks to 0x000000000000004C (yes, that's a username) for the suggestion!
ANY.RUN is an interactive malware analysis service for dynamic and static research of the majority of threats in any environment. It can provide a convenient in-depth analysis of new, unidentified malicious objects and help with the investigation of incidents. ImAshtonTurner appreciates it as "a great sandbox tool for viewing malware, etc."
Plik is a scalable, temporary file upload system similar to wetransfer that is written in golang. Thanks go to I_eat_Narwhals for this one!
Free My IP offers free, dynamic DNS. This service comes with no login, no ads, no newsletters, no links to click and no hassle. Kindly suggested by Jack of All Trades.
Mailinator provides free, temporary email inboxes on a receive-only, attachment-free system that requires no sign-up. All @mailinator.com addresses are public, readable and discoverable by anyone at any time—but are automatically deleted after a few hours. Can be a nice option for times when you to give out an address that won't be accessible longterm. Recommended by nachomountain, who's been using it "for years."
Magic Wormhole is a service for sending files directly with no intermediate upload, no web interface and no login. When both parties are online you with the minimal software installed, the wormhole is invoked via command line identifying the file you want to send. The server then provides a speakable, one-time-use password that you give the recipient. When they enter that password in their wormhole console, key exchange occurs and the download begins directly between your computers. rjohnson99 explains, "Magic Wormhole is sort of like JustBeamIt but is open-source and is built on Python. I use it a lot on Linux servers."
EveryCloud's Free Phish is our own, new Phishing Simulator. Once you've filled in the form and logged in, you can choose from lots of email templates (many of which we've coped from what we see in our Email Security business) and landing pages. Run a one-off free phish, then see who clicked or submitted data so you can understand where your organization is vulnerable and act accordingly.
Hardening Guides
CIS Hardening Guides contain the system security benchmarks developed by a global community of cybersecurity experts. Over 140 configuration guidelines are provided to help safeguard systems against threats. Recommended by cyanghost109 "to get a start on looking at hardening your own systems."
Podcasts
Daily Tech News is Tom Merrit's show covering the latest tech issues with some of the top experts in the field. With the focus on daily tech news and analysis, it's a great way to stay current. Thanks to EmoPolarbear for drawing it to our attention.
This Week in Enterprise Tech is a podcast that features IT experts explaining the complicated details of cutting-edge enterprise technology. Join host Lou Maresca on this informative exploration of enterprise solutions, with new episodes recorded every Friday afternoon.
Security Weekly is a podcast where a "bunch of security nerds" get together and talk shop. Topics are greatly varied, and the atmosphere is relaxed and conversational. The show typically tops out at 2 hours, which is perfect for those with a long commute. If you’re fascinated by discussion of deep technical and security-related topics, this may be a nice addition to your podcast repertoire.
Grumpy Old Geeks—What Went Wrong on the Internet and Who's To Blame is a podcast about the internet, technology and geek culture—among other things. The hosts bring their grumpy brand of humor to the "state of the world as they see it" in these roughly hour-long weekly episodes. Recommended by mkaxsnyder, who enjoys it because, "They are a good team that talk about recent and relevant topics from an IT perspective."
The Social-Engineer Podcast is a monthly discussion among the hosts—a group of security experts from SEORG—and a diverse assortment of guests. Topics focus around human behavior and how it affects information security, with new episodes released on the second Monday of every month. Thanks to MrAshRhodes for the suggestion.
The CyberWire podcasts discuss what's happening in cyberspace, providing news and commentary from industry experts. This cyber security-focused news service delivers concise, accessible, and relevant content without the gossip, sensationalism, and the marketing buzz that often distract from the stories that really matter. Appreciation to supermicromainboard for the suggestion.
Malicious Life is a podcast that tells the fascinating—and often unknown—stories of the wildest hacks you can ever imagine. Host Ran Levi, a cybersecurity expert and author, talks with the people who were actually involved to reveal the history of each event in depth. Our appreciation goes to peraphon for the recommendation.
The Broadcast Storm is a podcast for Cisco networking professionals. BluePieceOfPaper suggests it "for people studying for their CCNA/NP. Kevin Wallace is a CCIE Collaboration so he knows his *ishk. Good format for learning too. Most podcasts are about 8-15 mins long and its 'usually' an exam topic. It will be something like "HSPR" but instead of just explaining it super boring like Ben Stein reading a powerpoint, he usually goes into a story about how (insert time in his career) HSPR would have been super useful..."
Software Engineering Radio is a podcast for developers who are looking for an educational resource with original content that isn't recycled from other venues. Consists of conversations on relevant topics with experts from the software engineering world, with new episodes released three to four times per month. a9JDvXLWHumjaC tells us this is "a solid podcast for devs."
Books
System Center 2012 Configuration Manager is a comprehensive technical guide designed to help you optimize Microsoft's Configuration Manager 2012 according to your requirements and then to deploy and use it successfully. This methodical, step-by-step reference covers: the intentions behind the product and its role in the broader System Center product suite; planning, design, and implementation; and details on each of the most-important feature sets. Learn how to leverage the user-centric capabilities to provide anytime/anywhere services & software, while strengthening control and improving compliance.
Network Warrior: Everything You Need to Know That Wasn’t on the CCNA Exam is a practical guide to network infrastructure. Provides an in-depth view of routers and routing, switching (with Cisco Catalyst and Nexus switches as examples), SOHO VoIP and SOHO wireless access point design and configuration, introduction to IPv6 with configuration examples, telecom technologies in the data-networking world (including T1, DS3, frame relay, and MPLS), security, firewall theory and configuration, ACL and authentication, Quality of Service (QoS), with an emphasis on low-latency queuing (LLQ), IP address allocation, Network Time Protocol (NTP) and device failures.
Beginning the Linux Command Line is your ally in mastering Linux from the keyboard. It is intended for system administrators, software developers, and enthusiastic users who want a guide that will be useful for most distributions—i.e., all items have been checked against Ubuntu, Red Hat and SUSE. Addresses administering users and security and deploying firewalls. Updated to the latest versions of Linux to cover files and directories, including the Btrfs file system and its management and systemd boot procedure and firewall management with firewalld.
Modern Operating Systems, 4th Ed. is written for students taking intro courses on Operating Systems and for those who want an OS reference guide for work. The author, an OS researcher, includes both the latest materials on relevant operating systems as well as current research. The previous edition of Modern Operating Systems received the 2010 McGuffey Longevity Award that recognizes textbooks for excellence over time.
Time Management for System Administrators is a guide for organizing your approach to this challenging role in a way that improves your results. Bestselling author Thomas Limoncelli offers a collection of tips and techniques for navigating the competing goals and concurrent responsibilities that go along with working on large projects while also taking care of individual user's needs. The book focuses on strategies to help with daily tasks that will also allow you to handle the critical situations that inevitably require your attention. You'll learn how to manage interruptions, eliminate time wasters, keep an effective calendar, develop routines and prioritize, stay focused on the task at hand and document/automate to speed processes.
The Practice of System and Network Administration, 3rd Edition introduces beginners to advanced frameworks while serving as a guide to best practices in system administration that is helpful for even the most advanced experts. Organized into four major sections that build from the foundational elements of system administration through improved techniques for upgrades and change management to exploring assorted management topics. Covers the basics and then moves onto the advanced things that can be built on top of those basics to wield real power and execute difficult projects.
Learn Windows PowerShell in a Month of Lunches, Third Edition is designed to teach you PowerShell in a month's worth of 1-hour lessons. This updated edition covers PowerShell features that run on Windows 7, Windows Server 2008 R2 and later, PowerShell v3 and later, and it includes v5 features like PowerShellGet. For PowerShell v3 and up, Windows 7 and Windows Server 2008 R2 and later.
Troubleshooting with the Windows Sysinternals Tools is a guide to the powerful Sysinternals tools for diagnosing and troubleshooting issues. Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis provide a deep understanding of Windows core concepts that aren’t well-documented elsewhere along with details on how to use Sysinternals tools to optimize any Windows system’s reliability, efficiency, performance and security. Includes an explanation of Sysinternals capabilities, details on each major tool, and examples of how the tools can be used to solve real-world cases involving error messages, hangs, sluggishness, malware infections and more.
DNS and BIND, 5th Ed. explains how to work with the Internet's distributed host information database—which is responsible for translating names into addresses, routing mail to its proper destination, and listing phone numbers according to the ENUM standard. Covers BIND 9.3.2 & 8.4.7, the what/how/why of DNS, name servers, MX records, subdividing domains (parenting), DNSSEC, TSIG, troubleshooting and more. PEPCK tells us this is "generally considered the DNS reference book (aside from the RFCs of course!)"
Windows PowerShell in Action, 3rd Ed. is a comprehensive guide to PowerShell. Written by language designer Bruce Payette and MVP Richard Siddaway, this volume gives a great introduction to Powershell, including everyday use cases and detailed examples for more-advanced topics like performance and module architecture. Covers workflows and classes, writing modules and scripts, desired state configuration and programming APIs/pipelines.This edition has been updated for PowerShell v6.
Zero Trust Networks: Building Secure Systems in Untrusted Networks explains the principles behind zero trust architecture, along with what's needed to implement it. Covers the evolution of perimeter-based defenses and how they evolved into the current broken model, case studies of zero trust in production networks on both the client and server side, example configurations for open-source tools that are useful for building a zero trust network and how to migrate from a perimeter-based network to a zero trust network in production. Kindly recommended by jaginfosec.
Tips
Here are a couple handy Windows shortcuts:

• Win + Shift + S: Captures a user-selectable area of the screen to the clipboard (on Windows 10 Ver 1703+)
• WIN + CTRL + F4: Close a virtual desktop

Here's a shortcut for a 4-pane explorer in Windows without installing 3rd-party software:

• Win + E, win + left, up
• Win + E, win + right, up
• Win + E, win + left, down
• Win + E, win + right, down

(Keep the win key down for the arrows, and no pauses.) Appreciation goes to ZAFJB for this one.
Our recent tip for a shortcut to get a 4-pane explorer in Windows, triggered this suggestion from SevaraB: "You can do that for an even larger grid of Windows by right-clicking the clock in the taskbar, and clicking 'Show windows side by side' to arrange them neatly. Did this for 4 rows of 6 windows when I had to have a quick 'n' dirty "video wall" of windows monitoring servers at our branches." ZAFJB adds that it actually works when you right-click "anywhere on the taskbar, except application icons or start button."
This tip comes courtesy of shipsass: "When I need to use Windows Explorer but I don't want to take my hands off the keyboard, I press Windows-E to launch Explorer and then Ctrl-L to jump to the address line and type my path. The Ctrl-L trick also works with any web browser, and it's an efficient way of talking less-technical people through instructions when 'browse to [location]' stumps them."
Clear browser history/cookies by pressing CTRL-SHIFT-DELETE on most major browsers. Thanks go to synapticpanda, who adds that this "saves me so much time when troubleshooting web apps where I am playing with the cache and such."
To rename a file with F2, while still editing the name of that file: Hit TAB to tab into the renaming of the next file. Thanks to abeeftaco for this one!
Alt-D is a reliable alternative to Ctrl-L for jumping to the address line in a browser. Thanks for this one go to fencepost_ajm, who explains: "Ctrl-L comes from the browser side as a shortcut for Location, Alt-D from the Windows Explorer side for Directory."
Browser shortcut: When typing a URL that ends with dot com, Ctrl + Enter will place the ".com" and take you to the page. Thanks to wpierre for this one!
This tip comes from anynonus, as something that daily that saves a few clicks: "Running a program with ctrl + shift + enter from start menu will start it as administrator (alt + y will select YES to run as admin) ... my user account is local admin [so] I don't feel like that is unsafe"
Building on our PowerShell resources, we received the following suggestion from halbaradkenafin: aka.ms/pskoans is "a way to learn PowerShell using PowerShell (and Pester). It's really cool and a bunch of folks have high praise for it (including a few teams within MSFT)."
Keyboard shortcut: If you already have an application open, hold ctrl + shift and middle click on the application in your task bar to open another instance as admin. Thanks go to Polymira for this one.
Remote Server Tip: "Critical advice. When testing out network configuration changes, prior to restarting the networking service or rebooting, always create a cron job that will restore your original network configuration and then reboot/restart networking on the machine after 5 minutes. If your config worked, you have enough time to remove it. If it didn't, it will fix itself. This is a beautifully simple solution that I learned from my old mentor at my very first job. I've held on to it for a long time." Thanks go to FrigidNox for the tip!
Websites
Deployment Research is the website of Johan Arwidmark, MS MVP in System Center Cloud and Datacenter Management. It is dedicated to sharing information and guidance around System Center, OS deployment, migration and more. The author shares tips and tricks to help improve the quality of IT Pros’ daily work.
Next of Windows is a website on (mostly) Microsoft-related technology. It's the place where Kent Chen—a computer veteran with many years of field experience—and Jonathan Hu—a web/mobile app developer and self-described "cool geek"—share what they know, what they learn and what they find in the hope of helping others learn and benefit.
High Scalability brings together all the relevant information about building scalable websites in one place. Because building a website with confidence requires a body of knowledge that can be slow to develop, the site focuses on moving visitors along the learning curve at a faster pace.
Information Technology Research Library is a great resource for IT-related research, white papers, reports, case studies, magazines, and eBooks. This library is provided at no charge by TradePub.com. GullibleDetective tells us it offers "free PDF files from a WIIIIIIDE variety of topics, not even just IT. Only caveat: as its a vendor-supported publishing company, you will have to give them a bit of information such as name, email address and possibly a company name. You undoubtedly have the ability to create fake information on this, mind you. The articles range from Excel templates, learning python, powershell, nosql etc. to converged architecture."
SS64 is a web-based reference guide for syntax and examples of the most-common database and OS computing commands. Recommended by Petti-The-Yeti, who adds, "I use this site all the time to look up commands and find examples while I'm building CMD and PS1 scripts."
Phishing and Malware Reporting. This website helps you put a stop to scams by getting fraudulent pages blocked. Easily report phishing webpages so they can be added to blacklists in as little as 15 minutes of your report. "Player024 tells us, "I highly recommend anyone in the industry to bookmark this page...With an average of about 10 minutes of work, I'm usually able to take down the phishing pages we receive thanks to the links posted on that website."
A Slack Channel
Windows Admin Slack is a great drive-by resource for the Windows sysadmin. This team has 33 public channels in total that cover different areas of helpful content on Windows administration.
Blogs
KC's Blog is the place where Microsoft MVP and web developer Kent Chen shares his IT insights and discoveries. The rather large library of posts offer helpful hints, how-tos, resources and news of interest to those in the Windows world.
The Windows Server Daily is the ever-current blog of technologist Katherine Moss, VP of open source & community engagement for StormlightTech. Offers brief daily posts on topics related to Windows server, Windows 10 and Administration.
An Infosec Slideshow
This security training slideshow was created for use during a quarterly infosec class. The content is offered generously by shalafi71, who adds, "Take this as a skeleton and flesh it out on your own. Take an hour or two and research the things I talk about. Tailor this to your own environment and users. Make it relevant to your people. Include corporate stories, include your audience, exclude yourself. This ain't about how smart you are at infosec, and I can't stress this enough, talk about how people can defend themselves. Give them things to look for and action they can take. No one gives a shit about your firewall rules."
Tech Tutorials
Tutorialspoint Library. This large collection of tech tutorials is a great resource for online learning. You'll find nearly 150 high-quality tutorials covering a wide array of languages and topics—from fundamentals to cutting-edge technologies. For example, this Powershell tutorial is designed for those with practical experience handling Windows-based Servers who want to learn how to install and use Windows Server 2012.
The Python Tutorial is a nice introduction to many of Python’s best features, enabling you to read and write Python modules and programs. It offers an understanding of the language's style and prepares you to learn more about the various Python library modules described in 'The Python Standard Library.' Kindly suggested by sharjeelsayed.
SysAdmin Humor
Day in the Life of a SysAdmin Episode 5: Lunch Break is an amusing look at a SysAdmin's attempt to take a brief lunch break. We imagine many of you can relate!
Have a fantastic week and as usual, let me know any comments or suggestions.
u/crispyducks

'''
Recover stolen funds from Binary Options
Have you ever been tempted to get involved in binary options? Have you had a bad experience? Have you been scammed. How do you recover from binary option scam.
It happens to too many people, even professional educated people. The first thing if you have been scammed is to not blame yourself wholly. Neither beating yourself up will help. More importantly do not even think about suicide, while there is breath there is still life and hope of better things to come.
There was a case of a Mexican man who got scammed, lost a lot of money and then committed suicide. There are many stories of people who have been scammed and have no clue how to recover from binary options. I was scammed myself when I first got started then I met Lyubov. Who is a crypto guru and helped me through my refund process. I didn’t believe at first. But I got all the money I lost back.
Firstly it goes without saying, prevention is better than cure. Here are some tips to help

1. Make sure the broker that you are using are registered with a proper regulatory authority like the FCA.
2. Make sure you only risk money you can afford to lose
3. Don’t do any investments to make a quick get rich program they are bound to lose you money.
4. Learn and educate yourself in financial matters
5. Never take advice from a broker as they make money if you win or lose. Many people who listened to a broker have in many instances lost money, you would be better doing the reverse of the trading advice.
6. Practice on the demo until you are proficient and never add funds to cover a shortfall as it probably means you are going to lose it.
7. Generally better to stay away from binary schemes and go more for forex.
8. But same principles apply for forex trading.
9. Stay away from trading robots and automated systems as in many cases they are scams.
10. Always try and use a credit card as you get a level of protection against fraud.

If you have already lost money to binary option and you are in deep need of refund contact “Rodney Stegall” via Skype.
A lot of people make their first contact with binary options through a scam. Many people are called out of the blue, or be careful subscribing for investment advice from websites as your details could be passed on to scammers. Never join a company from a phone call always do due diligence and check reviews on a company first.
'''
Context Link
Go1dfish undelete link
unreddit undelete link
Author: joegrimes1010

(continued from part #1)
Unlocker is a tool to help delete those irritating locked files that give you an error message like "cannot delete file" or "access is denied." It helps with killing processes, unloading DLLs, deleting index.dat files, as well as unlocking, deleting, renaming, and moving locked files—typically without requiring a reboot.
IIS Crypto's newest version adds advanced settings; registry backup; new, simpler templates; support for Windows Server 2019 and more. This tool lets you enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows and reorder SSL/TLS cipher suites from IIS, change advanced settings, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions.
RocketDock is an application launcher with a clean interface that lets you drag/drop shortcuts for easy access and minimize windows to the dock. Features running application indicators, multi-monitor support, alpha-blended PNG and ICO icons, auto-hide and popup on mouse over, positioning and layering options. Fully customizable, portable, and compatible with MobyDock, ObjectDock, RK Launcher and Y'z Dock skins. Works even on slower computers and is Unicode compliant. Suggested by lieutenantcigarette: "If you like the dock on MacOS but prefer to use Windows, RocketDock has you covered. A superb and highly customisable dock that you can add your favourites to for easy and elegant access."
Baby FTP Server offers only the basics, but with the power to serve as a foundation for a more-complex server. Features include multi-threading, a real-time server log, support for PASV and non-PASV mode, ability to set permissions for download/upload/rename/delete/create directory. Only allows anonymous connections. Our thanks to FatherPrax for suggesting this one.
Strace is a Linux diagnostic, debugging and instructional userspace tool with a traditional command-line interface. Uses the ptrace kernel feature to monitor and tamper with interactions between processes and the kernel, including system calls, signal deliveries and changes of process state.
exa is a small, fast replacement for ls with more features and better defaults. It uses colors to distinguish file types and metadata, and it recognizes symlinks, extended attributes and Git. All in one single binary. phils_lab describes it as "'ls' on steroids, written in Rust."
rsync is a faster file transfer program for Unix to bring remote files into sync. It sends just the differences in the files across the link, without requiring both sets of files to be present at one of the ends. Suggested by zorinlynx, who adds that "rsync is GODLY for moving data around efficiently. And if an rsync is interrupted, just run it again."
Matter Wiki is a simple WYSIWYG wiki that can help teams store and collaborate. Every article gets filed under a topic, transparently, so you can tell who made what changes to which document and when. Thanks to bciar-iwdc for the recommendation.
LockHunter is a file unlocking tool that enables you to delete files that are being blocked for unknown reasons. Can be useful for fighting malware and other programs that are causing trouble. Deletes files into the recycle bin so you can restore them if necessary. Chucky2401 finds it preferable to Unlocker, "since I am on Windows 7. There are no new updates since July 2017, but the last beta was in June of this year."
aria2 is a lightweight multi-source command-line download utility that supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. It can be manipulated via built-in JSON-RPC and XML-RPC interfaces. Recommended by jftuga, who appreciates it as a "cross-platform command line downloader (similar to wget or curl), but with the -x option can run a segmented download of a single file to increase throughput."
Free Services
Temp-Mail allows you to receive email at a temporary address that self-destructs after a certain period of time. Outwit all the forums, Wi-Fi owners, websites and blogs that insist you register to use them. Petti-The-Yeti says, "I don't give any company my direct email anymore. If I want to trial something but they ask for an email signup, I just grab a temporary email from here, sign up with it, and wait for the trial link or license info to come through. Then, you just download the file and close the website."
Duck DNS will point a DNS (sub domains of duckdns.org) to an IP of your choice. DDNS is a handy way for you to refer to a serverouter with an easily rememberable name for situations when the server's ip address will likely change. Suggested by xgnarf, who finds it "so much better for the free tier of noip—no 30-day nag to keep your host up."
Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed reports. The Community Edition of Joe Sandbox Cloud allows you to run a maximum of 6 analyses per month, 3 per day on Windows, Linux and Android with limited analysis output. This one is from dangibbons94, who wanted to "share this cool service ... for malware analysis. I usually use Virus total for URL scanning, but this goes a lot more in depth. I just used basic analysis, which is free and enough for my needs."
Hybrid Analysis is a malware analysis service that detects and analyzes unknown threats for the community. This one was suggested by compupheonix, who adds that it "gets you super detailed reports... it's about the most fleshed out and detailed one I can find."
JustBeamIt is a file-transfer service that allows you to send files of any size via a peer-to-peer streaming model. Simply drag and drop your file and specify the recipient's email address. They will then receive a link that will trigger the download directly from your computer, so the file does not have to be uploaded to the service itself. The link is good for one download and expires after 10 minutes. Thanks to cooljacob204sfw for the recommendation!
ShieldsUP is a quick but powerful internet security checkup and information service. It was created by security researcher Steve Gibson to scan ports and let you know which ones have been opened through your firewalls or NAT routers.
Firefox Send is an encrypted file transfer service that allows you to share files up to 2.5GB from any browser or an Android app. Uses end-to-end encryption to keep data secure and offers security controls you can set. You can determine when your file link expires, the number of downloads, and whether to add a password. Your recipient receives a link to download the file, and they don’t need a Firefox account. This one comes from DePingus, who appreciates the focus on privacy. "They have E2E, expiring links, and a clear privacy policy."
Free DNS is a service where programmers share domain names with one another at no cost. Offers free hosting as well as dynamic DNS, static DNS, subdomain and domain hosting. They can host your domain's DNS as well as allowing you to register hostnames from domains they're hosting already. If you don't have a domain, you can sign up for a free account and create up to 5 subdomains off the domains others have contributed and point these hosts anywhere on the Internet. Thanks to 0x000000000000004C (yes, that's a username) for the suggestion!
ANY.RUN is an interactive malware analysis service for dynamic and static research of the majority of threats in any environment. It can provide a convenient in-depth analysis of new, unidentified malicious objects and help with the investigation of incidents. ImAshtonTurner appreciates it as "a great sandbox tool for viewing malware, etc."
Plik is a scalable, temporary file upload system similar to wetransfer that is written in golang. Thanks go to I_eat_Narwhals for this one!
Free My IP offers free, dynamic DNS. This service comes with no login, no ads, no newsletters, no links to click and no hassle. Kindly suggested by Jack of All Trades.
Mailinator provides free, temporary email inboxes on a receive-only, attachment-free system that requires no sign-up. All @mailinator.com addresses are public, readable and discoverable by anyone at any time—but are automatically deleted after a few hours. Can be a nice option for times when you to give out an address that won't be accessible longterm. Recommended by nachomountain, who's been using it "for years."
Magic Wormhole is a service for sending files directly with no intermediate upload, no web interface and no login. When both parties are online you with the minimal software installed, the wormhole is invoked via command line identifying the file you want to send. The server then provides a speakable, one-time-use password that you give the recipient. When they enter that password in their wormhole console, key exchange occurs and the download begins directly between your computers. rjohnson99 explains, "Magic Wormhole is sort of like JustBeamIt but is open-source and is built on Python. I use it a lot on Linux servers."
EveryCloud's Free Phish is our own, new Phishing Simulator. Once you've filled in the form and logged in, you can choose from lots of email templates (many of which we've coped from what we see in our Email Security business) and landing pages. Run a one-off free phish, then see who clicked or submitted data so you can understand where your organization is vulnerable and act accordingly.
Hardening Guides
CIS Hardening Guides contain the system security benchmarks developed by a global community of cybersecurity experts. Over 140 configuration guidelines are provided to help safeguard systems against threats. Recommended by cyanghost109 "to get a start on looking at hardening your own systems."
Podcasts
Daily Tech News is Tom Merrit's show covering the latest tech issues with some of the top experts in the field. With the focus on daily tech news and analysis, it's a great way to stay current. Thanks to EmoPolarbear for drawing it to our attention.
This Week in Enterprise Tech is a podcast that features IT experts explaining the complicated details of cutting-edge enterprise technology. Join host Lou Maresca on this informative exploration of enterprise solutions, with new episodes recorded every Friday afternoon.
Security Weekly is a podcast where a "bunch of security nerds" get together and talk shop. Topics are greatly varied, and the atmosphere is relaxed and conversational. The show typically tops out at 2 hours, which is perfect for those with a long commute. If you’re fascinated by discussion of deep technical and security-related topics, this may be a nice addition to your podcast repertoire.
Grumpy Old Geeks—What Went Wrong on the Internet and Who's To Blame is a podcast about the internet, technology and geek culture—among other things. The hosts bring their grumpy brand of humor to the "state of the world as they see it" in these roughly hour-long weekly episodes. Recommended by mkaxsnyder, who enjoys it because, "They are a good team that talk about recent and relevant topics from an IT perspective."
The Social-Engineer Podcast is a monthly discussion among the hosts—a group of security experts from SEORG—and a diverse assortment of guests. Topics focus around human behavior and how it affects information security, with new episodes released on the second Monday of every month. Thanks to MrAshRhodes for the suggestion.
The CyberWire podcasts discuss what's happening in cyberspace, providing news and commentary from industry experts. This cyber security-focused news service delivers concise, accessible, and relevant content without the gossip, sensationalism, and the marketing buzz that often distract from the stories that really matter. Appreciation to supermicromainboard for the suggestion.
Malicious Life is a podcast that tells the fascinating—and often unknown—stories of the wildest hacks you can ever imagine. Host Ran Levi, a cybersecurity expert and author, talks with the people who were actually involved to reveal the history of each event in depth. Our appreciation goes to peraphon for the recommendation.
The Broadcast Storm is a podcast for Cisco networking professionals. BluePieceOfPaper suggests it "for people studying for their CCNA/NP. Kevin Wallace is a CCIE Collaboration so he knows his *ishk. Good format for learning too. Most podcasts are about 8-15 mins long and its 'usually' an exam topic. It will be something like "HSPR" but instead of just explaining it super boring like Ben Stein reading a powerpoint, he usually goes into a story about how (insert time in his career) HSPR would have been super useful..."
Software Engineering Radio is a podcast for developers who are looking for an educational resource with original content that isn't recycled from other venues. Consists of conversations on relevant topics with experts from the software engineering world, with new episodes released three to four times per month. a9JDvXLWHumjaC tells us this is "a solid podcast for devs."
Books
System Center 2012 Configuration Manager is a comprehensive technical guide designed to help you optimize Microsoft's Configuration Manager 2012 according to your requirements and then to deploy and use it successfully. This methodical, step-by-step reference covers: the intentions behind the product and its role in the broader System Center product suite; planning, design, and implementation; and details on each of the most-important feature sets. Learn how to leverage the user-centric capabilities to provide anytime/anywhere services & software, while strengthening control and improving compliance.
Network Warrior: Everything You Need to Know That Wasn’t on the CCNA Exam is a practical guide to network infrastructure. Provides an in-depth view of routers and routing, switching (with Cisco Catalyst and Nexus switches as examples), SOHO VoIP and SOHO wireless access point design and configuration, introduction to IPv6 with configuration examples, telecom technologies in the data-networking world (including T1, DS3, frame relay, and MPLS), security, firewall theory and configuration, ACL and authentication, Quality of Service (QoS), with an emphasis on low-latency queuing (LLQ), IP address allocation, Network Time Protocol (NTP) and device failures.
Beginning the Linux Command Line is your ally in mastering Linux from the keyboard. It is intended for system administrators, software developers, and enthusiastic users who want a guide that will be useful for most distributions—i.e., all items have been checked against Ubuntu, Red Hat and SUSE. Addresses administering users and security and deploying firewalls. Updated to the latest versions of Linux to cover files and directories, including the Btrfs file system and its management and systemd boot procedure and firewall management with firewalld.
Modern Operating Systems, 4th Ed. is written for students taking intro courses on Operating Systems and for those who want an OS reference guide for work. The author, an OS researcher, includes both the latest materials on relevant operating systems as well as current research. The previous edition of Modern Operating Systems received the 2010 McGuffey Longevity Award that recognizes textbooks for excellence over time.
Time Management for System Administrators is a guide for organizing your approach to this challenging role in a way that improves your results. Bestselling author Thomas Limoncelli offers a collection of tips and techniques for navigating the competing goals and concurrent responsibilities that go along with working on large projects while also taking care of individual user's needs. The book focuses on strategies to help with daily tasks that will also allow you to handle the critical situations that inevitably require your attention. You'll learn how to manage interruptions, eliminate time wasters, keep an effective calendar, develop routines and prioritize, stay focused on the task at hand and document/automate to speed processes.
The Practice of System and Network Administration, 3rd Edition introduces beginners to advanced frameworks while serving as a guide to best practices in system administration that is helpful for even the most advanced experts. Organized into four major sections that build from the foundational elements of system administration through improved techniques for upgrades and change management to exploring assorted management topics. Covers the basics and then moves onto the advanced things that can be built on top of those basics to wield real power and execute difficult projects.
Learn Windows PowerShell in a Month of Lunches, Third Edition is designed to teach you PowerShell in a month's worth of 1-hour lessons. This updated edition covers PowerShell features that run on Windows 7, Windows Server 2008 R2 and later, PowerShell v3 and later, and it includes v5 features like PowerShellGet. For PowerShell v3 and up, Windows 7 and Windows Server 2008 R2 and later.
Troubleshooting with the Windows Sysinternals Tools is a guide to the powerful Sysinternals tools for diagnosing and troubleshooting issues. Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis provide a deep understanding of Windows core concepts that aren’t well-documented elsewhere along with details on how to use Sysinternals tools to optimize any Windows system’s reliability, efficiency, performance and security. Includes an explanation of Sysinternals capabilities, details on each major tool, and examples of how the tools can be used to solve real-world cases involving error messages, hangs, sluggishness, malware infections and more.
DNS and BIND, 5th Ed. explains how to work with the Internet's distributed host information database—which is responsible for translating names into addresses, routing mail to its proper destination, and listing phone numbers according to the ENUM standard. Covers BIND 9.3.2 & 8.4.7, the what/how/why of DNS, name servers, MX records, subdividing domains (parenting), DNSSEC, TSIG, troubleshooting and more. PEPCK tells us this is "generally considered the DNS reference book (aside from the RFCs of course!)"
Windows PowerShell in Action, 3rd Ed. is a comprehensive guide to PowerShell. Written by language designer Bruce Payette and MVP Richard Siddaway, this volume gives a great introduction to Powershell, including everyday use cases and detailed examples for more-advanced topics like performance and module architecture. Covers workflows and classes, writing modules and scripts, desired state configuration and programming APIs/pipelines.This edition has been updated for PowerShell v6.
Zero Trust Networks: Building Secure Systems in Untrusted Networks explains the principles behind zero trust architecture, along with what's needed to implement it. Covers the evolution of perimeter-based defenses and how they evolved into the current broken model, case studies of zero trust in production networks on both the client and server side, example configurations for open-source tools that are useful for building a zero trust network and how to migrate from a perimeter-based network to a zero trust network in production. Kindly recommended by jaginfosec.
Tips
Here are a couple handy Windows shortcuts:

• Win + Shift + S: Captures a user-selectable area of the screen to the clipboard (on Windows 10 Ver 1703+)
• WIN + CTRL + F4: Close a virtual desktop

Here's a shortcut for a 4-pane explorer in Windows without installing 3rd-party software:

• Win + E, win + left, up
• Win + E, win + right, up
• Win + E, win + left, down
• Win + E, win + right, down

(Keep the win key down for the arrows, and no pauses.) Appreciation goes to ZAFJB for this one.
Our recent tip for a shortcut to get a 4-pane explorer in Windows, triggered this suggestion from SevaraB: "You can do that for an even larger grid of Windows by right-clicking the clock in the taskbar, and clicking 'Show windows side by side' to arrange them neatly. Did this for 4 rows of 6 windows when I had to have a quick 'n' dirty "video wall" of windows monitoring servers at our branches." ZAFJB adds that it actually works when you right-click "anywhere on the taskbar, except application icons or start button."
This tip comes courtesy of shipsass: "When I need to use Windows Explorer but I don't want to take my hands off the keyboard, I press Windows-E to launch Explorer and then Ctrl-L to jump to the address line and type my path. The Ctrl-L trick also works with any web browser, and it's an efficient way of talking less-technical people through instructions when 'browse to [location]' stumps them."
Clear browser history/cookies by pressing CTRL-SHIFT-DELETE on most major browsers. Thanks go to synapticpanda, who adds that this "saves me so much time when troubleshooting web apps where I am playing with the cache and such."
To rename a file with F2, while still editing the name of that file: Hit TAB to tab into the renaming of the next file. Thanks to abeeftaco for this one!
Alt-D is a reliable alternative to Ctrl-L for jumping to the address line in a browser. Thanks for this one go to fencepost_ajm, who explains: "Ctrl-L comes from the browser side as a shortcut for Location, Alt-D from the Windows Explorer side for Directory."
Browser shortcut: When typing a URL that ends with dot com, Ctrl + Enter will place the ".com" and take you to the page. Thanks to wpierre for this one!
This tip comes from anynonus, as something that daily that saves a few clicks: "Running a program with ctrl + shift + enter from start menu will start it as administrator (alt + y will select YES to run as admin) ... my user account is local admin [so] I don't feel like that is unsafe"
Building on our PowerShell resources, we received the following suggestion from halbaradkenafin: aka.ms/pskoans is "a way to learn PowerShell using PowerShell (and Pester). It's really cool and a bunch of folks have high praise for it (including a few teams within MSFT)."
Keyboard shortcut: If you already have an application open, hold ctrl + shift and middle click on the application in your task bar to open another instance as admin. Thanks go to Polymira for this one.
Remote Server Tip: "Critical advice. When testing out network configuration changes, prior to restarting the networking service or rebooting, always create a cron job that will restore your original network configuration and then reboot/restart networking on the machine after 5 minutes. If your config worked, you have enough time to remove it. If it didn't, it will fix itself. This is a beautifully simple solution that I learned from my old mentor at my very first job. I've held on to it for a long time." Thanks go to FrigidNox for the tip!
Websites
Deployment Research is the website of Johan Arwidmark, MS MVP in System Center Cloud and Datacenter Management. It is dedicated to sharing information and guidance around System Center, OS deployment, migration and more. The author shares tips and tricks to help improve the quality of IT Pros’ daily work.
Next of Windows is a website on (mostly) Microsoft-related technology. It's the place where Kent Chen—a computer veteran with many years of field experience—and Jonathan Hu—a web/mobile app developer and self-described "cool geek"—share what they know, what they learn and what they find in the hope of helping others learn and benefit.
High Scalability brings together all the relevant information about building scalable websites in one place. Because building a website with confidence requires a body of knowledge that can be slow to develop, the site focuses on moving visitors along the learning curve at a faster pace.
Information Technology Research Library is a great resource for IT-related research, white papers, reports, case studies, magazines, and eBooks. This library is provided at no charge by TradePub.com. GullibleDetective tells us it offers "free PDF files from a WIIIIIIDE variety of topics, not even just IT. Only caveat: as its a vendor-supported publishing company, you will have to give them a bit of information such as name, email address and possibly a company name. You undoubtedly have the ability to create fake information on this, mind you. The articles range from Excel templates, learning python, powershell, nosql etc. to converged architecture."
SS64 is a web-based reference guide for syntax and examples of the most-common database and OS computing commands. Recommended by Petti-The-Yeti, who adds, "I use this site all the time to look up commands and find examples while I'm building CMD and PS1 scripts."
Phishing and Malware Reporting. This website helps you put a stop to scams by getting fraudulent pages blocked. Easily report phishing webpages so they can be added to blacklists in as little as 15 minutes of your report. "Player024 tells us, "I highly recommend anyone in the industry to bookmark this page...With an average of about 10 minutes of work, I'm usually able to take down the phishing pages we receive thanks to the links posted on that website."
A Slack Channel
Windows Admin Slack is a great drive-by resource for the Windows sysadmin. This team has 33 public channels in total that cover different areas of helpful content on Windows administration.
Blogs
KC's Blog is the place where Microsoft MVP and web developer Kent Chen shares his IT insights and discoveries. The rather large library of posts offer helpful hints, how-tos, resources and news of interest to those in the Windows world.
The Windows Server Daily is the ever-current blog of technologist Katherine Moss, VP of open source & community engagement for StormlightTech. Offers brief daily posts on topics related to Windows server, Windows 10 and Administration.
An Infosec Slideshow
This security training slideshow was created for use during a quarterly infosec class. The content is offered generously by shalafi71, who adds, "Take this as a skeleton and flesh it out on your own. Take an hour or two and research the things I talk about. Tailor this to your own environment and users. Make it relevant to your people. Include corporate stories, include your audience, exclude yourself. This ain't about how smart you are at infosec, and I can't stress this enough, talk about how people can defend themselves. Give them things to look for and action they can take. No one gives a shit about your firewall rules."
Tech Tutorials
Tutorialspoint Library. This large collection of tech tutorials is a great resource for online learning. You'll find nearly 150 high-quality tutorials covering a wide array of languages and topics—from fundamentals to cutting-edge technologies. For example, this Powershell tutorial is designed for those with practical experience handling Windows-based Servers who want to learn how to install and use Windows Server 2012.
The Python Tutorial is a nice introduction to many of Python’s best features, enabling you to read and write Python modules and programs. It offers an understanding of the language's style and prepares you to learn more about the various Python library modules described in 'The Python Standard Library.' Kindly suggested by sharjeelsayed.
SysAdmin Humor
Day in the Life of a SysAdmin Episode 5: Lunch Break is an amusing look at a SysAdmin's attempt to take a brief lunch break. We imagine many of you can relate!
Have a fantastic week and as usual, let me know any comments.
Graham | CEO | EveryCloud
Fyi - I've set up a subreddit /itprotuesday, where we feature / encourage posts of some additional tools, tips etc. throughout the week. Pop over and subscribe if you’re interested.