IT Pro Tuesday

The Full List

Dear IT Pro,

I created IT Pro Tuesday for the same reason we created EveryCloud 10 years ago—to help IT Pros do their jobs better. The same logic shapes the way we serve the 9,000+ global organizations and 500+ partners who use EveryCloud Email Security and have voted it number 1 on Spiceworks with over 250 five-star reviews. Whether you're an End User or Potential Partner, I'd really appreciate it if you'd check us out by requesting a quote or starting a trial of our service. We won't let you down...

Please browse, bookmark and enjoy this ever-evolving list (6+ new items per week). If you have any comments or suggestions, the easiest way to share them with us is to subscribe to our subreddit r/ITProTuesday or visit our blog, where you can also get the weekly editions. If you want them in your inbox, just sign up to IT Pro Tuesday here.

Graham O'Reilly | CEO | EveryCloud

P.S. If you found this list helpful, then please share it. It helps us make IT Pro Tuesday better and better. (Share by Email | Twitter | Facebook | Linkedin)

Email & Advanced Threat Protection

Eliminate advanced email threats, stop spam and malware. Manage everything with flexible spam reports, while archiving emails and protecting your organization against downtime. Detect and prevent highly complex and sophisticated attacks - effectively and in real time. Our integrated platform includes Email Protection, ATP, Continuity, Archiving, Encryption, Advanced Signature & Disclaimer & More.

Learn More

 

Free Tools for IT Pros

Our free, round-trip, cloud mail flow monitor alerts you as soon as there is an issue with your email flow. Sign up in minutes to have the peace of mind that you'll know before email problems do real damage to your organization.

Learn More

 

 

New This Week (IT Pro Tuesday #76)

(Join Thousands of IT Pro's and Subscribe by Email | Redditupdated November 18, 2019

 

Free Tools

GlassWire is a network monitor & security tool with a built-in firewall. Visualizes all your network activity on an easy-to-use graph that shows what applications and hosts are accessing the network from your computer. Automatically resolves host names so it's easy to see who or what your computer is communicating with. Uses Windows built-in firewall, so no there's no need for third-party drivers. Thanks for this one go to hackeristi, who says, "It is a pretty nifty little tool that is on the network monitoring side of things."

Double Driver allows you to view all the drivers installed on your system and then back up, restore, save and print them simply and reliably. Lists the most-important driver details such as version, date, provider etc., and offers you the chance to update to the latest version. Recommended by staven11, who found it "Helpful for getting drivers from a non-standard or custom PC and injecting them into MDT."

Remote Desktop Manager is a centralized solution for securely managing passwords and access to remote connections. The free version can work for individual users who don't need to share remote connections and privileged passwords with other IT professionals. Recommended by tbone897 as "a cool app for remote control... has free and paid version. Handles RDP/ SSH etc. in tabs. So many awesome features."

Security Onion is a Linux distribution for intrusion detection, enterprise security monitoring and log management distribution. Includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner and more. Includes an intuitive Setup wizard to make setup fast and easy.

A Free Service

Action1 Endpoint Security Management quickly discovers all your endpoints, so you can manage your entire network by running live queries and executing commands. Detect which security patches are missing, initiate remote patch deployment or software installation and configure desktop settings. MauriceTorres appreciates it as a  "cloud-based product [that] can perform software inventory, software deployment and patch management on all computers simultaneously."

A Tip

A Powershell tip courtesy of dunck0: Resolve-DnsName is a handy Powershell cmdlet for retrieving DNS name when given an IP.

A Podcast

Hackable is a podcast where host Geoff Siskind and cybersecurity expert Bruce Snell discuss the vulnerabilities that hackers exploit and how we can avoid being victimized. Suggested by ninjatoothpick as "a fun podcast where Geoff finds interesting ways to get hacked by security professionals who demonstrate some crazy hacks like trapping him in a car wash, stealing a car, and hacking his systems through things like smart plugs."

 

 

 

The Full List

If you found this list helpful, then please share it. It helps us make IT Pro Tuesday better and better.

(Share by Email | Twitter | Facebook | Linkedin)

(Report Outdated Items)

 

IT Pro Cheatsheets

Ultimate List of Cheatsheets for a Sysadmin. ServersAustralia put together this list of cheat sheets containing everything from Apache to Drupal.

GeekFlares Cheatsheets List. Last weeks cheatsheets were extremely popular, so following the same theme we searched for an additional list and this is the best we could find.

OverAPI.com is a site collecting all the cheatsheets, all!Regular Expressions Cheat Sheet by DaveChild. Our Email Protection Service allows the use of regex to manage inbound and outbound mailflow. Our support team passed us this handy cheatsheet which includes symbols, ranges, grouping, assertions and some sample patterns to get you started.

Sans Digital Forensics and Incident Response Cheat Sheets provide a collection of assorted, handy incident response cheat sheets. It's a helpful reference for commands, process, tactics, tips, tools and techniques that was compiled by Sans DFIR, the experts in incident-response training.

Powershell (and more) Cheatsheet Compilation. Thanks for Prateeksingh1590 who put together this cheatsheet compilation, with over 14 specific Powershell Cheatsheets. A few examples include:

Information Security Policy Templates is a set of templates originally compiled to help the people attending SANS training programs that are now available to all. According to the recommendation by bfrd9k, this is "a good, reasonable, collection. I've only needed to make minor adjustments to their templates."

 

Free Tools

MailFlow Monitor is EveryCloud's free, cloud-based, round-trip tool that sends you an alert as soon as there is an issue with your email flow. Settings are adjustable to allow you to choose how much of a delay is acceptable and which types of bounce alerts you want to see. Helps you get to the bottom of a problem before users have even noticed it.

mRemoteNG is the next generation of mRemote, open source, tabbed, multi-protocol, remote connections manager. This was recommended to us by 'Oliviamcc’ who firmly believes "it is much better than Putty (SSH), Citrix, VNC, RDC, etc. "Make sure you figure out the credentials hierarchy, it works a treat and saves time every day".

TreeSize Free. Find and free up your or your user's free space. TreeSize Free tells you where precious disk space has gone. I've seen this recommended in too many places to mention. 

PDQ Inventory and Deploy. A software deployment tool used to keep Windows PCs up-to-date without bothering end users and a systems management tool for tracking and organizing hardware, software, and Windows configuration data.

Clean. I use this on my Mac to automatically move my desktop files into monthly folders each day. It saves a load of time because I just save all files to my desktop and they're then processed later that day. I appreciate a lot of people will want windows equivalent but I can't find anything, so please leave comments on the blog post or reply to this email and I'll include the best one next week.

trace32.exe | cmtrace.exe. "It's part of Microsofts SCCM suite from a few years ago, can open very large log files and display them as they update in real time. Has saved me an insane amount of time over the years. Also looks cool and is portable." Thank you for the recommendation local_admin_user.

ISPConfig 3.1 is the next generation of the ISPConfig hosting control panel with a completely renovated UI and a lot of new features.

BlueScreenView scans all your minidump files created during 'blue screen of death' crashes, and displays the information about all crashes in one table.

Windows System Control Center (WSCC) helps to view, organize and launch utilities. It acts as a repository for various utility suites. When installing WSCC for the first time, there is an option to download and install 270 troubleshooting tools.

Check out Spiceworks Free HelpDesk and Networking Monitoring software. We've been recommended these by countless IT Pros over the years.

Monitor Active Directory Group Membership Change. This PowerShell script will monitor the Active Directory groups and notify you by email if a change occurred since the last time it checked.

ADModify.NET is a tool primarily utilized by Exchange and Active Directory administrators to facilitate bulk user attribute modifications. 

There is no reason to RDP into a server once you have the RSAT tools installed. You can manage any aspect of your Windows infrastructure using these tools, and use RunAs if you need to log on as a different user.

Attack Surface Analyzer. Attack Surface Analyzer takes a snapshot of your system state before and after the installation of product(s) and displays the changes to a number of key elements of the Windows attack surface.

AWS Free. Many people aren't aware that AWS offer a free tier. Here you can create your own practice environment, replicate problems and generally learn a lot.

The Dell Warranty Checker. Thank you to Matt Fry, EveryCloud's Head of Support for this suggestion. The Dell Warranty Checker allows you to check the warranty on Dell systems. It allows you to enter the service tag to check the warranty or import them via a text file (Checks line by line). You can also export the warranty data to a CSV file to use in other applications.

NetCrunch Tools 2.0. 10+ Essential IP tools for administrators including DNS Audit, Ping Scanner, Port Scanner, Network Services Scanner. Thanks mrojek who explained  "Recently updated freeware from AdRem.12 useful network tools and scanners that runs on Windows".

SQL Fiddle. A tool for easy online testing and sharing of database problems and their solutions. Thanks for the recommendation rosslib who said "You can build schema and run queries. Good for running a quick test".

Regexr. After last weeks regex cheat sheet and number of people recommended RegExr which is an online tool to learn, build, & test Regular Expressions.

Switch Miner. Ever have trouble figuring out what's connected where? Switch Miner is a port-discovery tool that can help locate all the devices connected to any switch. This handy utility can also discover and scan neighboring switches via CDP. And best of all, it's free!

LetsMonitor.org is a free service that alerts you when your site certificates are misconfigured or nearing expiration. Notifications can be sent to multiple contacts.

RBLmon helps you proactively solve mail-delivery issues. This fully automated online service tracks your IP addresses against the most-popular real-time blacklists (RBLs). The moment any of your IP addresses are found in a monitored RBL, RBLmon will send an immediate email notification to alert you, so you can get busy solving the problem.

WizTree helps you quickly find the files and folders using the most disk space on your hard drive. Rather than searching the drive and checking each file to determine size, WizTree gets its information straight from the NTFS Master File Table—which means it happens almost instantaneously. While this approach makes WizTree faster than any other type of program in this category, it only works with NTFS filesystems.

JuiceSSH is a simple, intuitive Terminal client for Android with SSH, Local Shell, Mosh, and Telnet support. Features a full-color Terminal with adjustable font size, keyboard including special characters, plugins, and key import/export/generation.

Postman is a popular, free app to make API development faster and easier. It offers a powerful GUI, saved history of requests, flexible monitoring, automated testing with collection runner, mock servers, and unlimited collections, environments, tests, and sharing. It also provides detailed documentation.

Microsoft Sysinternals Suite is all their utilities in one convenient file. Contains the all the individual troubleshooting tools as well as help files, but not non-troubleshooting tools like the BSOD Screen Saver or NotMyFault. A shout out to azers for recommending this one.

RichCopy is a simple tool written by a Microsoft engineer named Derk Benisch. It provides a much-appreciated graphical interface for the very popular Robocopy command-line utility.

Windows Update MiniTool is an alternative to the standard (and sometimes overbearing) Windows Update. It allows you to control updates by giving you the power to search, install, and block Windows updates in any way you like.

MailFlow Monitor. Rejection / Delay Text Alerts, Group Policies, Alerts By SMTP Code, Trouble Shooting Tools including header analysis. MailFlow Monitor is EveryCloud’s free, cloud-based, round-trip tool that sends you an alert as soon as there is an issue with your email flow. Settings are adjustable to allow you to choose how much of a delay is acceptable and which types of bounce alerts you want to see. Helps you get to the bottom of a problem before users (or your boss) have even noticed it.

Space Monger gives you a graphical image of your whole disk, where large files and folders are easily identified. This handy tool can be run from a USB drive, so you don't even need to install it. Thanks for this one and Windows Update MiniTool go to mikedopp.

UNetbootin is a terrific, cross-platform utility for creating bootable live USB drives for Ubuntu and other Linux distributions without burning a CD. Thanks go to Gianks for this one.

CopyQ is a clipboard manager that adds some advanced editing and scripting capabilities. It monitors the system clipboard and saves text, HTML, images and more into customized tabs. From there, the saved content can be copied and pasted directly into any application. Clipboard history is easily searchable and can be filtered. Suggested by majkinetor.

Desktop Info provides a quick view of every kind of metric about your Windows system right on your desktop. The display looks like wallpaper but stays resident in memory and updates in real time. Gives you a quick way to monitor what any system is up to, while using very little memory and requiring almost nothing from the CPU. This one was recommended by mikedopp.

Healthstone is a lightweight, self-hosted, agent-based system-monitoring solution that runs lots of customizable health checks. The dashboard runs on a Windows or Linux server, and it has agents for the Windows and Linux hosts you want to monitor. You can customize the dashboard to send notifications via email, Pushbullet, or NodePoint tickets whenever a client stops checking in or any of the configured checks fail. Configuration is retrieved from the dashboard by all agents in the form of templates, which are stored in the templates folder and can be customized for your needs. Thanks to mikedopp for this one!

Rufus is another utility for formatting and creating bootable USB flash drives. This one works with MRB/GPT and BIOS/UEFI. Rufus is about twice as fast as UNetbootin, Universal USB Installer, or Windows 7 USB download tool when creating a Windows 7 USB installation drive from an ISO. It is also marginally faster for creating a Linux bootable USB from ISOs. We first heard of this one from Gianks, but there were quite a few others who shared the recommendation as well.

Axence netTools is a set of ten free tools for network scanning and monitoring. Includes: Netwatch (multiple host availability and response-time monitoring); Network port and service scanner; Wintools (view of launched processes/services, remote register editor and Windows event log view, HDD/RAM/CPU details, custom queries based on WMI protocol); TCP/IP workshop and SNMP browser; Traceroute; NetStat (list of inbound and outbound connections and open ports); Local info (tables with local configuration details, TCP/UDP stats); Lookup (DNS and WHOIS records); Bandwidth test; and NetCheck (LAN hardware and wiring quality check). This was recommended by DollarMindy as an "easy ping monitor with email alerts."

MediCat USB is a a bootable troubleshooting environment with Linux and Windows boot environments and troubleshooting tools. A complete Hiren's Boot Disk replacement for modern hardware that follows the Ubuntu release cycle with a new update released every 6 months. The DVD version was originally recommended to us by Spikerman "for when you need to helpdesk warrior."

MobaXterm is an enhanced terminal for remote computing. It brings all the key remote network tools (SSH, X11, RDP, VNC, FTP, MOSH) and Unix commands (bash, ls, cat, sed, grep, awk, rsync) to Windows desktop in a single, portable .exe file that works out of the box. The free version includes full X server and SSH support, remote desktop (RDP, VNC, Xdmcp), remote terminal (SSH, telnet, rlogin, Mosh), X11-Forwarding, automatic SFTP browser, plugins support, portable and installer versions but only 12 sessions, 2 SSH tunnels, 4 macros, and 360 seconds for Tftp/Nfs/Cron. Thanks go out to lazylion_ca for suggesting this one.

WinDirStat provides free, open-source graphical disk-usage analysis for MS Windows. You'll get a sub-tree view with disk-use percent and a list of file extensions ordered by usage. This tool was recommended by ohyeahwell, who likes to use it "for freespace as it can be deployed via ninite pro." 

IIS Crypto allows administrators to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2008, 2012 and 2016. You can also reorder SSL/TLS cipher suites from IIS, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions. EOTFOFFTW tells us, “This tool has been very helpful in configuring SSL settings for Windows IIS servers.”

Ditto saves all your clipboard items so you can access them later. It works with anything that can be put on the clipboard—images, text, html and custom formats. The simple interface includes search and sync functions for ease of finding what you need. Thanks go to Arkiteck for suggesting this one!

Malwarebytes Anti-Malware should be your first stop if you suspect a malware infection. It is the most-effective malware remover—featuring deep scans and daily updates—and blocks malware, hacker, viruses, ransomware and malicious websites that slip through your traditional antivirus. Also available as a full AV program that you can buy if you wish to do so.

Termius is a complete command-line solution providing portable server management for UNIX and Linux systems—whether a local machine, a remote service, Docker Container, VM, Raspberry Pi, or AWS instance (similar to Putty for Android). This cross-platform Telnet, Mosh-compatible and SSH client. Securely access Linux or IoT devices to quickly fix issues from your laptop or phone. Thanks for this one go to blendelabor.

WSUS Offline Update lets you safely patch any computer running Microsoft Windows and Office—even when there's no connection to the Internet or a network of any sort. More specifically, you first run WSUS Offline Update on a machine that has Internet connectivity to download the updates you need and copy the resulting update media to a USB drive. You then use the USB drive to run the update on the target computers. Recommended by mikedopp.

SystemRescueCd is a Linux system rescue disk that allows you to administer or repair your system and data after a crash. It can be booted via CD/DVD, USB or installed directly on the hard disk. Many system utilities like GParted, fsarchiver, filesystem tools and basic tools (editors, midnight commander, network tools) are included, and it works on Linux and Windows computers, desktops and servers. Supports ext3/ext4, xfs, btrfs, reiserfs, jfs, vfat, ntfs—as well as network filesystems such as Samba and NFS.

KiTTY is a fork of PuTTY, the popular Telnet and SSH client. It runs on Windows and can perform all the tasks of PuTTY plus many more. Features include portability, predefined command shortcuts, sessions filter, session launcher, automatic log-on script, URL hyperlinks, automatic command and password, running locally saved scripts in remote sessions, ZModem integration, icons for each session, transparency, unfortunate keyboard input protection, roll-up, quick start of duplicate sessions, configuration box, automatic saving, Internet Explorer integration for SSH Handler, binary compression, clipboard printing, PuTTYCyg patch, background images/transparency and organizing sessions you save in a folder hierarchy.

WinMTR is a free, open-source Windows application that integrates the functions of the traceroute and ping utilities into a single, convenient network diagnostic tool (helpful how-to on MTR here). Many thanks to generalmx for suggesting both this and SystemRescueCd!

Clonezilla is free, open-source software for disk cloning, disk imaging, data recovery, and deployment—helping with system deployment, bare metal backup, and recovery. Cloning efficiency is optimized by the program's approach of saving/restoring only used blocks in the hard disk.

SPF Record Testing Tools is a query tool designed to help you deploy SPF records for your domain. It validates if an SPF record exists and whether it is formatted correctly and entered into your DNS as a proper TXT record.

PS Remote Registry module contains functions to create, modify, or delete registry subkeys and values on local or remote computers. This one was recommended to us by IhaveGin.

PowerCopy GUI was recommended by Elementix, who described it as "similar to RichCopy, but it uses .Net, PowerShell, and Robocopy. A good (non-install) alternative." The tool allows you to set up predefined options, one-click access to help and log file, and instant error analysis.

Gitbash is a package containing bash and a collection of other, separate *nix utilities like ssh, scp, cat, find and others—compiled for Windows—and a new command-line interface terminal window called mintty. Recommended by sysacc who tells us he's been "dealing with log files lately and I've been using...Gitbash a LOT... It's part of the Git tools, I love having access to Linux commands on Windows."

Easy2Boot is a collection of grub4dos scripts to be copied onto a grub4dos-bootable USB drive. Each time you boot, the E2B scripts automatically find all the payload files (.ISO, .IMA, .BIN, .IMG, etc.) on the USB drive and dynamically generate the menus. Thanks to Phx86 who says it "creates a very versatile USB drive. It checks a lot of marks other various tools did not. Formats NTFS, your ISO boot disks doubles as standard NTFS storage. Drag and drop .ISO files to the correct folder, then boot directly to them. Boot menu reads the .ISO files and builds a menu based on what is loaded on the drive. No fiddling around with custom boot menus when you add a new .ISO."

CCleaner is the fastest way to eliminate temporary files and Windows Registry problems. Our own Matt Frye says, "When a machine is having problems, this is almost always the tool I use first. It also helps to ensure privacy by getting rid of traces left behind (such as cookies) by web browsers."

Netwrix Auditor Free Community Edition is a great auditing/monitoring tool for the Windows sysadmin. It lets you see changes and access events in your hybrid cloud IT environment, so you can stop worrying you'll miss critical changes to AD objects, file server permissions, Windows Server configuration or other security incidents.

WinSCP is an SFTP client and FTP client for Windows with a GUI, integrated text editor, scripting and task automation. It allows you to copy files between a local computer and remote servers via FTP, FTPS, SCP, SFTP, WebDAV or S3 file transfer protocols.

PortableApps.com is an open-source platform that lets you take your favorite software with you. It works from any synced cloud folder (DropBox, Google Drive, Box, etc.), your local PC on an internal or external drive, or any portable storage device (USB flash drive, memory card, portable hard drive, etc.) moved between PCs. The platform offers a full collection of open source and freeware software as well as compatible commercial software

Netcat is a Linux networking utility for reading/writing across network connections, via TCP or UDP, that can help with monitoring, testing, and sending data. This feature-rich network debugging and exploration tool can create virtually any type of connection and is designed to be a dependable back-end for direct use or easily driven by other programs and scripts. Features include port scanning, file transfer, port listening, and use as a backdoor. Suggested by Necrowerx

Virustotal allows you to analyze suspicious files and URLs to detect types of malware and automatically share them with the security community. This great tool was suggested by dmen91, who likes it because "you can upload suspicious files and they are checked by just around 60 virus scanners.

Sharex is a screen capture, file sharing and productivity tool. According to the recommendation of stesha83, there is no question of the value of this productivity booster: "Sharex sharex sharex sharex sharex. Sharex. Also sharex. Capture desktop or region to any image or video format and process through any workflow before uploading it or saving anywhere you like. Lifechanging.

Keypirinha is a fast launcher for Windows that is described as an alternative to Launchy and a cousin of Alfred. Recommended by DrnXz, who considers it "basically Spotlight for Windows but really nicely customisable.

Greenshot is a free, open-source screenshot software tool for Windows that is easy to understand and quite configurable. This lightweight tool allows you to quickly create screenshots of a selected region, window or fullscreen; capture complete (scrolling) web pages from Internet Explorer; annotate, highlight or obfuscate parts of the screenshot; export; and more

Cuckoo Sandbox is an advanced, modular, automated malware analysis system. This open-source solution can: analyze malicious files (executables, office documents, pdf files, emails etc.) and websites under Windows, Linux, Mac OS X, and Android virtualized environments; trace API calls and general behavior of a file and distill it into high-level information and signatures that are easily understood; dump and analyze network traffic, even when encrypted with SSL/TLS—with native network routing support; and perform advanced memory analysis of the infected virtualized system. Because of its modular design, any aspect of the analysis environment can be customized. Thanks for this one go to NerdBlender, who likes it as a "sandbox for malware analysis.

Censys allows you to find and monitor any server on the Internet. It shows what servers and devices are exposed on your network, so you can find vulnerabilities. Suggested by videoflyguy because the site "constantly updates their results, basically just keeps port scanning the internet and reports the results. You get 10 free searches per day, and it has helped me find several weak points in the network.

UltraSearch is tool for incredibly fast file searching that works directly on the Master File Table of the NTFS partitions instead of keeping an index on your hard disk. UltraSearch even identifies NTFS hardlinks. It supports regular expressions, can search file content, and enables you to exclude folders, files or file types from searches. Results can be sorted, printed or exported as text, RTF, HTML, CSV and Excel file. Recommended by poshftw who finds it "especially useful when builtin OS search is broken at birth.

This tool from The Lazy Administrator automates the new user creation process for AD and Office 365 to make it quicker and easier. The tool can easily be used across multiple clients, is incredibly easy to use and offers the option of creating just an Active Directory user, just an Office 365 user—or both. The blog post explains how it works and provides download links

Netwrix Account Lockout Examiner provides notifications of Active Directory account lockouts and help in identifying the root cause when an account keeps locking out. User accounts can be unlocked from the tool’s console or a mobile device. Recommended by tGasMaskt "as a free tool for monitoring accounts that frequently lockout.

CyberChef is web app for encryption, encoding, compression and data analysis to convert, parse or carry out over 100 different operations. Everything is provided as a plain HTML page that can be accessed online or downloaded for use without an internet connection. This one was recommended by glockfreak, who likes it because "you can download and audit it yourself since it is made by GCHQ, but incredibly useful."

Security Onion is an open-source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes an easy-to-use setup wizard that helps you easily build a set of distributed sensors for your enterprise. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. Thanks to NameThatIMadeUp for the suggestion!

PuTTY is an open-source SSH and telnet client. While it was originally developed for the Windows platform, the software is available with source code and is developed and supported by a group of volunteers.

YUMI (Your Universal Multiboot Installer) is a tool for creating a Multiboot Bootable USB Flash Drive containing multiple operating systems, antivirus utilities, disc cloning, diagnostic tools, and more. Unlike MultiBootISOs that use grub to boot ISO files directly from USB, YUMI uses syslinux to boot extracted distributions stored on the USB device, and reverts to using grub to Boot Multiple ISO files from USB, if necessary. This recommendation was compliments of videoflyguy, who tells us he likes it because "it can install multiple ISOs to one drive and even remove specific ISOs if you want to update them."

Snappy Driver Installer Origin makes it quick and easy to install and update Windows device drivers for XP, Vista, 7, 8, 8.1 and 10. Snappy features a state-of-the-art driver matching algorithm, built-in application and driver pack updates, full portability to run from a USB flash drive, and it can be fully automated using the built-in scripting engine. Best of all, Snappy is free and open-source.

DKIM Core lets you attach a token to an email telling the recipient who is responsible for the message in order to improve delivery rates. The token helps spam filters recognize that a message isn't spam based on a history of the token's acceptance by recipients or whitelists. It allows senders to keep the same token even when they change their “From” address, the IP address of their mailserver or their email service provider. It can also be used as a basis for feedback loops with a consumer's ISP that enable the sender to stop sending email to recipients who do not want it. This one was recommended by egxi, who like it "for DKIM ... [because it] feels very closely implemented to the RFC."

NirSoft offers a massive assortment of small, portable utilities for Windows. The collection was created by developer Nir Sofer, mostly using C++. Includes tools for password recovery, network monitoring, web browsers, internet, MS Outlook, command line, desktop and system. Everything is free with no registration required. Thanks to mintlou for the recommendation!

Lansweeper is an easy-to-use agentless IT asset management and network inventory tool that answers the question: 'Who is using what?' Features include a built-in helpdesk ticketing system, an inventory system, remote connection management, and in-depth information on each device. The company offers a free 20-day trial period so you can try it out before investing anything. Recommended by Chess_Not_Checkers as one of the "two things that I couldn't live without."

Listary is an incredibly fast Windows search utility for finding/moving files and launching applications. Its lightweight interface doesn’t strain system resources, and it integrates with Total Commander, Directory Opus, XYplorer, Xplorer2, WinRAR, FileZilla and other tools. Thanks go to jelloeater85 for the suggestion.

Shutter is a free screenshot program for Linux-based operating systems. From the main window, you can take a screenshot of a specific area, window, the whole screen or website and apply effects, draw on it, and upload to an image hosting site. Thanks to tracehunt for the suggestion!

Cockpit is Red Hat's easy-to-use, integrated, open web-based interface that helps you understand the health of your server at a glance. The GUI simplifies tasks like storage administration, journal inspection, starting/stopping services and monitoring multiple servers. Cockpit runs on Fedora Server, Arch Linux, CentOS Atomic, Fedora Atomic and Red Hat Enterprise Linux.

WinSSHTerm lets you use keyboard shortcuts and intelligent navigation tools to quickly switch between or start new SSH sessions—even if you have to manage multiple systems. It has built-in support for copying files and running X applications and is ready for production use. The software works with the original PuTTY/KiTTY executable and includes multiple tabs and windows, master password, shareable connections and template variables. Supports file transfer (WinSCP), X (VcXsrv), SSH jump servers/bastion hosts and has a portable version available. Easy migration can be made from PuTTY, PuTTY Session Manager, MobaXterm, SuperPuTTY, mRemoteNG and MTPuTTY. Suggested by Specific_West as a "way better terminal than mobaxterm if all you do is command-line Linux stuff."

GifCam lets you easily create animated gifs. It works like a camera that stays atop all your windows, so you can move and resize it to record whatever area you like. When you’re ready, just click record to start filming or click “Frame” to grab a single shot. To keep file sizes small, GifCam automatically compares frames to record only the changed pixels and replaces unchanged frames with delays. Includes frame editing features that allow you to delete frames and add/remove delays. Credit goes to mikedopp for this one.

SuperPuTTY is a GUI for PuTTY that supports SSH, SSH2, Telnet, Rlogin, Raw, Serial, Cygerm, Mintty and SCP along with numerous configuration settings. It allows you to launch PuTTY in multiple tabs and helps you easily manage multiple sessions of PuTTY with a single, comprehensive GUI. Recommended by karlvonheinz who appreciates its "Session manager in sidebar, tabs [and] command multiplexer."

sysadmin-util is a collection of scripts for Linux/Unix sysadmins. Examples include:

  • ago—Show how long ago a file/directory was modified in a human-readable fashion.
  • chronic—Run a command, hiding STDOUT and STDERR if it completes successfully (for cron-jobs, where output is generally ignored in the case of success)
  • mk-passwd-hash—This spits out a hash that can be used with `usermod -p` on Linux (or similar tools on openbsd, solaris) to set a password.

Thanks to steve_in_finland for sharing these tools!

Agent Ransack is a professional, efficient file-search utility. Features include the ability to search using regular expressions that allow complex, rule-based searches; immediate contents results view without having to open files; and wizards that facilitate the search process. Suggested by nickcardwell for its speed and portability.

AD Tidy is a tool for cleaning up orphaned user and computer accounts in your Active Directory domain. You first configure your search parameters, then select accounts from the results to disable, delete, move, remove from all groups, set a password and more. Thanks to nachomountain for the recommendation.

AD FastReporter is a fast, easy way to generate, store, schedule and share AD reports. Intuitive enough for those who aren't scripting or LDAP experts. Offers a range of built-in forms to generate reports. Thanks to sysit92 for the recommendation.

PingCastle is a free AD audit tool for detecting critical security issues—offering an overview and guidance on how to address those issues. Recommended by SysAdmineral "for getting a grip on how well the environment is hardened and what other, less visible, things may be lurking around. Also has some analysis of nested groups."

Advanced IP Scanner is an easy-to-use, portable network scanner. It shows all devices on your LAN, providing access to shared folders and remote control of computers (via RDP and Radmin). Recommended by dRaidon as really "useful [because] you don't always have access to nmap."

AD Fast Reporter is a fast, easy way to generate, store, schedule and share AD reports. Intuitive enough for those who aren't scripting or LDAP experts. Offers a range of built-in forms to generate reports. Thanks to sysit92 for the recommendation.

T-Pot is a multi-honeypot platform based on well-established honeypot daemons, IDS and tools for attack submission (specifically glastopf, kippo, honeytrap and dionaea, the network IDS/IPS suricata, elasticsearch-logstash-kibana, ewsposter and docker). It is intended to make some of the best honeypot technologies that are available both easy to deploy and simple to use. Thanks to itsbentheboy for the suggestion!

16 Powershell Modules shares some of the great tools created by System Architect Przemyslaw Klys in 2018. Example modules include: 

  • PSWriteWord – creates Microsoft Word documents without Word being installed.
  • PSWinReporting – scans Domain Controller Security Events providing reports about who, when and what changed in Active Directory.  
  • PSWinDocumentation – automates creating infrastructure documentation straight to Word, Excel and MS SQL. Currently supports generating documentation for AD and in smaller portions for AWS and Office 365.

Wifi Analyzer lets you use your android phone to see all the wifi channels around you. It can help you locate a less-crowded channel for your router, and thenewimprovedhankp tells us it's useful to show "dead spots, conflicting wifi networks, and [because it] works for 2.4 and 5 Ghz signals."

FreshPing is an uptime monitoring suite through which you can monitor up to 50 URLs with 1-minute intervals. They offer 10 locations around the world and public status pages. Thanks to CeralEnt for the suggestion!

wiseTools Authentication Tool is an online tool for working with email authentication, put together by Steve Atkins of Word to the Wise. While there are other good options available for checking your authentication setup, egxi tells us this one is becoming a real favorite over time.

Jarun Terminal Utilities is a repository of useful open-source Terminal utilities that blend Terminal functions with a GUI world. The collection is the handiwork of developer Arun Prakash Jana, who wanted to help sysadmins working on remote Terminals to accomplish tasks more easily. Tools include: 

  • nnn—a tiny file manager for navigation, file movement, (un)archiving, remote transfers, editing text files & more
  • googler/ddgr—performs google search from the Terminal.
  • buku—Terminal bookmark manager (with a web interface if required)
  • bcal—helps with storage-specific calculations (does regular calculations by invoking bc)

Our thanks to sablal, the developer, for sharing these great tools!

Speccy is a fast, lightweight, advanced system info tool that tells you what’s inside a PC. It can offer a quick summary or detailed information on every piece of hardware in the computer. Scan results can be saved as a snapshot, XML or text file for easy sharing. Suggested by NoelSlevin as a convenient tool to keep handy for occasional use.

GNU Midnight Commander is a feature-rich visual file manager. This full-screen, text-mode application allows you to copy, move and delete files and whole directory trees; search for files and run commands in the subshell. An internal viewer and editor are included. BorgClown likes it because "it’s much faster navigating a complex directory structure than typing directory names, even with tab completion. You can customize the F2 menu, which passes the selected item to your chosen command. Arrows, Enter and Functions accomplish a lot of work by themselves."

ttyplot is a simple, realtime plotting utility for Terminal with data input from STDIN. It takes data from standard input, usually unix pipeline, and plots in text mode on a Terminal or Console. Supports rate calculation for counters and up to two graphs on a single display using reverse video for second line. phils_lab finds it useful to "pipe in any numeric STDOUT ... to make it into a ascii graph. [And because it] also supports two seperated metrics."

Netwrix Lockout Examiner is a free tool that alerts you to account lockouts in real time and helps to quickly troubleshoot and resolve them. bUSHwACKEr85 says "I found this tool to be really valuable. I have it running on a DC so that it can send an email alert to me and a colleague, I also have it on my desktop where I can unlock the account. You can also interrogate the machine where the lockout occurs for its cause."

Rainmeter is an open-source desktop customization tool that allows you to display customizable skins on your desktop—from hardware usage meters to fully functional audio visualizers. It comes with a few simple starter skins, and a thriving community shares their creations and support.

Pageant is an SSH authentication agent that makes it easier to connect to Unix or Linux machines via PuTTY. Appreciated by plazman30 who says, "It took me WAY TOO LONG to discover this one. Pageant is a component of Putty. It sits in your system tray and will let you load SSH keys into it and pass them through to putty, WinSCP, and number of other apps that support it."

NCurses Disk Usage is a disk usage analyzer with an ncurses interface. It is fast, simple and easy and should run in any minimal POSIX-like environment with ncurses installed. Recommended by durgadas as "something I install on all my Linuxes... Makes finding out sizes semi-graphical, [with] super easy nav. Good for places without monitoring—lightweight and fast; works on nearly all flavors of Unix I've needed."

BookStack is a simple, self-hosted wiki tool that can be a great way to organize your tech information. All content is fully searchable, with cross-book sorting, page revisions and image management. Includes a full role and permission system to lock down content and actions as needed. Thanks to codywarmbo for the suggestion.

AutoHotkey is an open-source scripting language for Windows that helps you easily create small to complex scripts for all sorts of tasks (form fillers, auto-clicking, macros, etc.) Automate any desktop task with this small, fast tool that runs out-of-the-box. Recommended by plazman30 as a "pretty robust Windows scripting language. I use it mostly for on-the-fly pattern substitution. It's nice to be able to type 'bl1' and have it auto-replace it my bridge line phone number."

PingInfoView lets you easily ping multiple host names and IP addresses, with the results compiled in a single table. Automatically pings all hosts at the interval you specify, and displays the number of successful and failed pings, as well as average ping time. Results can be saved as a text/html/xml file or copied to the clipboard. Thanks go to sliced_BR3AD for this one.

Microsoft Safety Scanner helps you find and remove malware from computers running Windows 10, Windows 10 Tech Preview, Windows 8.1, Windows 8, Windows 7, Windows Server 2016, Windows Server Tech Preview, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, or Windows Server 2008. Only scans when manually triggered, and it is recommended you download a new version prior to each scan to make sure it is updated for the latest threats. 

Spiceworks Network Monitor and Helpdesk allows you to launch a fully-loaded help desk in minutes. This all-in-one solution includes inventory, network monitor and helpdesk. 

DriveDroid simulates a USB thumbdrive or CD-drive via the mass storage capabilities in the Android/Linux kernel. Any ISO/IMG files on the phone can be exposed to a PC, as well as any other USB thumbdrive capabilities, including booting from the drive. Can be a quick and easy option for OS installations, rescues or occasions when it helps to have a portable OS handy. Suggested by codywarmbo, who likes it because of the ability to "Boot a PC using ISO files stored on your Android phone... Having a 256GB SD full of any OS you want is super handy!"

FreeIPA is an integrated identity and authentication solution for Linux/UNIX networked environments. It combines Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS and Dogtag (Certificate System). Provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security of a network. Thanks to skarsol, who recommends it as an open-source solution for cross-system, cross-platform, multi-user authentication.

Desktop Info displays system information on your desktop, like wallpaper, but stays in memory and updates in real time. Can be great for walk-by monitoring. Recommended by w1llynilly, who says, "It has 2 pages by default for metrics about the OS and the network/hardware. It is very lightweight and was recommended to me when I was looking for BGInfo alternatives."

CLCL is a free, clipboard caching utility that supports all clipboard formats. Features a customizable menu. According to JediMasterSeamus, this clipboard manager "saves so much time. And you can save templates for quick responses or frequently typed stuff."

PCmover Profile Migrator migrates applications, files and settings between any two user profiles on the same computer to help set up PCs with O365 Business. User profile apps, data and settings are quickly and easily transferred from the old local AD users to new Azure AD users. Can be good for migrating data from a user profile associated with a former domain to a new profile on a new domain. Suggested by a_pojke, who found it useful "to help migrate profiles to 0365/AAD, it's been a life saver with some recent onboards." 

GNU Guix is a Linux package manager that is based on the Nix package manager, with Guile Scheme APIs. It is an advanced distribution of the GNU OS that specializes in providing exclusively free software. Supports transactional upgrades and roll-backs, unprivileged package management and more. When used as a standalone distribution, Guix supports declarative system configuration for transparent and reproducible operating systems. Comes with thousands of packages, which include applications, system tools, documentation, fonts and more. Recommended by necrophcodr.

Parted Magic is a hard disk management solution that includes tools for disk partitioning and cloning, data rescue, disk erasing and benchmarking with Bonnie++, IOzone, Hard Info, System Stability Tester, mprime and stress. This standalone Linux operating system runs from a CD or USB drive, so nothing need be installed on the target machine. While not actually free, it is quite low cost. Recommended by Aggietallboy.

TruePing is exactly the same as the standard ping program of Windows 9x, NT and 2000—except that it does a better job calculating the timing. It uses a random buffer (that changes at every ping) to improve performance. Thanks to bcahill for this one, who says, it "... can send pings very fast (hundreds per second). This is very helpful when trying to diagnose packet loss. It very quickly shows if packet loss is occurring, so I can make changes and quickly see the effect."

Attack Surface Analyzer 2.0 is the latest version of the MS tool for taking a snapshot of your system state before and after installation of software. It displays changes to key elements of the system attack surface so you can view changes resulting from the introduction of the new code. This updated version is a rewrite of the classic 1.0 version from 2012, which covered older versions of Windows. It is available for download or as source code on Github. Credit for alerting us to this one goes to Kent Chen.

Process Hacker is an open-source process viewer that can help with debugging, malware detection, analyzing software and system monitoring. Features include: a clear overview of running processes and resource usage, detailed system information and graphs, viewing and editing services and more. Recommended by k3nnyfr, who likes it as a "ProcessExplorer alternative, good for debugging SRP and AppLocker issues."

TeraCopy is a tool for copying files faster and more securely while preserving data integrity. Gives you the ability to pause/resume file transfers, verify files after copy, preserve date timestamps, copy locked files, run a shell script on completion, generate and verify checksum files and delete files securely. Integrates with Windows Explorer. Suggested by DarkAlman to "replace the integrated Windows file copy utility. Much more stable, quicker transfers, crash tolerant and adds features like 'No-to-all' and 'yes-to-all' for comparing folders."

mbuffer is a tool for buffering data streams that offers direct support for TCP-based network targets (IPv4 and IPv6), the ability to send to multiple targets in parallel and support for multiple volumes. It features I/O rate limitation, high-/low-watermark-based restart criteria, configurable buffer size and on-the-fly MD5 hash calculation in an efficient, multi-threaded implementation. Can help extend drive motor life by avoiding buffer underruns when writing to fast tape drives or libraries (those drives tend to stop and rewind in such cases). Thanks to zorinlynx, who adds, "If you move large streams from place to place, for example with "tar" or "zfs send" or use tape, mbuffer is awesome. You can send a stream over the network with a large memory buffer at each end so that momentary stalls on either end of the transfer don't reduce performance. This especially helps out when writing to tapes, as the tape drive can change directions without stopping the flow of data."

Q-Dir (the Quad Explorer) provides quick, simple access to hard disks, network folders, USB-sticks, floppy disks and other storage devices. Includes both 32-bit and 64-bit versions, and the correct one is used automatically. This tool has found a fan in user_none, who raves, "Q-Dir is awesome! I searched high and low for a good, multi-pane Explorer replacement that didn't have a whole bunch of junk, and Q-Dir is it. Fantastic bit of software."

iftop is a command-line system monitor tool that lets you display bandwidth usage on an interface. It produces a frequently updated list of network connections, ordered according to bandwidth usage—which can help in identifying the cause of some network slowdowns. Appreciated by zorinlynx, who likes that it "[l]ets you watch a network interface and see the largest flows. Good way to find out what's using up all your bandwidth."

Delprof2 is a command-line-based application for deleting user profiles in a local or remote Windows computer according to the criteria you set. Designed to be easy to use with even very basic command-line skills. This one is thanks to Evelen1, who says, "I use this when computers have problems due to profiles taking up all the hard drive space."

MultiDesk & MultiDeskEnforcer are a combination of a tabbed remote desktop client (terminal services client) and a service that limits connections to only those that provide the correct shared secret (keeps hackers from accessing your server via RDP even if they have the correct password). Suggested by plazman30 as being "[s]imilar to Microsoft's RDP Manager, [b]ut doesn't need to be installed and has tabs across the top, instead of the side."

MSYS2 is a Windows software distribution and building platform. This independent rewrite of MSYS, based on modern Cygwin (POSIX compatibility layer) and MinGW-w64, aims for better interoperability with native Windows software. It includes a bash shell, Autotools, revision control systems and more for building native Windows applications using MinGW-w64 toolchains. A package management system provides easy installation. Thanks for this one go to Anonymouspock, who says, "It's a mingw environment with the Arch Linux pacman package manager. I use it for ssh'ing into things, which it does very well since it has a proper VT220 compatible terminal with an excellent developer."

FastCopy is the fastest copy/backup software for Windows. Supports UNICODE and over MAX_PATH (260 characters) file pathnames. Uses multi-threads to bring out the best speed of devices and doesn't hog resources, because MFC is not used. Recommended by DoTheEvolution as the "fastest, comfiest copy I ever used. [I]t behaves just like I want, won't shit itself on trying to read damaged hdd, long paths are no problem, logs stuff, can shutdown after done, got it integrated into portable totalcommander."

Baby Web Server is an alternative for Microsoft's IIS. This simple web server offers support for ASP, with extremely simple setup. The server is multi threaded, features a real-time server log and allows you to configure a directory for webpages and default HTML page. Offers support for GET, POST and HEAD methods (form processing); sends directory listing if default HTML is not found in directory; native ASP, cookie and SSI support; and statistics on total connections, successful and failed requests and more. Limited to 5 simultaneous connections. FatherPrax tells us it's "[g]reat for when you're having to update esoteric firmware at client sites."

Mosh is a remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes. It can be a more robust and responsive replacement for interactive SSH terminals. Available for GNU/Linux, BSD, macOS, Solaris, Android, Chrome and iOS. Suggested by kshade_hyaena, who likes it "for sshing while your connection is awful."

The PsTools suite includes command-line utilities for listing the processes running on local or remote computers, running processes remotely, rebooting computers, dumping event logs, and more. FYI: Some anti-virus scanners report that one or more of the tools are infected with a "remote admin" virus. None of the PsTools contain viruses, but they have been used by viruses, which is why they trigger virus notifications.

Bping is a Windows ping alternative that beeps whenever a reply comes in. Can allow you to keep track of your pings without having to watch the monitor. According to the recommendation from bcahill, "you can set it to beep on ping reply or on ping failure (default). I love it because if I'm wanting to monitor when a server goes up or down, I can leave it running in the background and I'll know the instant the status changes."

LDAPExplorerTool is a multi-platform graphical LDAP browser and tool for browsing, modifying and managing LDAP servers. Tested for Windows and Linux (Debian, Red Hat, Mandriva). Features SSL/TLS & full UNICODE support, the ability to create/edit/remove LDAP objects and multivalue support (including edition). Endorsed by TotallyNotIT... "Holy hell, that thing is useful."

MxToolbox is a tool that lists the MX records for a domain in priority order. Changes to MX Records show up instantly because the MX lookup is done directly against the domain's authoritative name server. Diagnostics connects to the mail server, verifies reverse DNS records, performs a simple Open Relay check and measures response time performance. Also lets you check each MX record (IP Address) against 105 blacklists. Razorray21 tells us it's an "excellent site for troubleshooting public DNS issues."

Proxmox Virtual Environment is a Debian-based Linux distribution with a modified Ubuntu LTS kernel that allows deployment and management of virtual machines and containers. Suggested by -quakeguy-, who says, "Proxmox is totally killer, particularly if you don't want to spend a ton of money and like ZFS."

Prometheus is an open-source toolkit for application monitoring that's based on metrics collection for visualization and alerting. It's nice for recording any purely numeric time series and for monitoring of both machine-centric as well as highly dynamic service-oriented architectures. Offers support for multi-dimensional data collection and querying. Designed for reliability, and each Prometheus server is standalone, independent of network storage or other remote services.

HTTPie is a command-line HTTP client designed for easy debugging and interaction with HTTP servers, RESTful APIs and web services. Offers an intuitive interface, JSON support, syntax highlighting, wget-like downloads, plugins, and more—Linux, macOS, and Windows support. Suggested by phils_lab as "like curl, but for humans."

Multi Commander is a multi-tabbed file manager that is an alternative to Windows Explorer. It has all the standard features of a file manager plus more-advanced features, like auto-unpacking; auto-sorting; editing the Windows Registry and accessing FTP; searching for and viewing files and pictures. Includes built-in scripting support. Reverent tells us "What I love about Multicommander is that it basically acts as a launcher for all my tools. Documents automatically open up in my preferred editor (vscode), compressed files automatically open up in 7-zip, I have a ton of custom shortcuts bound to hotkeys, and it has a bunch of built-in tools. I can even do cool things like open up consolez in the focused directory and choose to open CMD, Powershell, or Powershell 6 (portable) and whether it runs as admin or not. Oh yeah, and it's all portable. It and all the tool dependencies run off the USB."

Apache Guacamole is a remote desktop gateway that supports standard protocols like VNC, RDP and SSH. The client is an HTML5 web app that requires no plugins or client software. Once installed on a server, desktops are accessible from anywhere via web browser. Both the Guacamole server and a desktop OS can be hosted in the cloud, so desktops can be virtual. Built on its own stack of core APIs, Guacamole can be tightly integrated into other applications. "Fir3start3r likes it because it "will allow you to RDP/VNC/TELNET/SSH to any device that it can reach via a web browser....you can set up folders/subfolders for groups of devices to keep things organized - love it!!"

ShowKeyPlus is a simple Windows product key finder and validation checker for Windows 7, 8 and 10. Displays the key and its associated edition of Windows. Thanks to k3nnyfr for the recommendation.

Tftpd64 is an open-source, IPv6-ready application that includes DHCP, TFTP, DNS, SNTP and Syslog servers and a TFTP client. Both client and server are fully compatible with TFTP option support (tsize, blocksize, timeout) to allow maximum performance when transferring data. Features include directory facility, security tuning and interface filtering. The included DHCP server offers unlimited IP address assignment. Suggested by Arkiteck: "Instead of Solarwinds TFTP Server, give Tftpd64 a try (it's FOSS)."

LibreNMS is a full-featured network monitoring system. Supports a range of operating systems including Linux, FreeBSD, as well as network devices including Cisco, Juniper, Brocade, Foundry, HP and others. Provides automatic discovery of your entire network using CDP, FDP, LLDP, OSPF, BGP, SNMP and ARP; a flexible alerting system; a full API to manage, graph and retrieve data from your install and more. TheDraimen recommends it "if you cant afford a monitoring suite."

Netdisco is a web-based network management tool that collects IP and MAC address data in a PostgreSQL database using SNMP, CLI or device APIs. It is easy to install and works on any Linux or Unix system (docker images also available). Includes a lightweight web server interface, a backend daemon to gather network data and a command-line interface for troubleshooting. Lets you turn off a switch port or change the VLAN or PoE status of a port and inventory your network by model, vendor, and software. Suggested by TheDraimen, who loves "being able to punch in a MAC and find what port it is plugged into or run an inventory on a range of IPs to find unused in static range..."

NetBox is an open-source web application that helps manage and document networks. Addresses IP address management (IPAM); organizing equipment racks by group and site; tracking types of devices and where they are installed; network, console, and power connections among devices; virtual machines and clusters; long-haul communications circuits and providers; and encrypted storage of sensitive credentials. Thanks to ollybee for the suggestion.

AutoIt v3 is a BASIC-like scripting language for automating the Windows GUI and general scripting. It automates tasks through a combination of simulated keystrokes, mouse movement and window/control manipulation. Appreciated by gj80, who says, "I've built up 4700 lines of code with various functions revolving around global hotkeys to automate countless things for me, including a lot of custom GUI stuff. It dramatically improves my quality of life in IT."

Tree Style Tab is a Firefox add-on that allows you to open tabs in a tree-style hierarchy. New tabs open automatically as "children" of the tab from which they originated. Child branches can be collapsed to reduce the number of visible tabs. Recommended by Erasus, who says, "being a tab hoarder, having tabs on the left side of my screen is amazing + can group tabs."

Elasticsearch Security. The core security features of the Elastic Stack are now available for free, including encrypting network traffic, creating and managing users, defining roles that protect index and cluster level access, and fully secure Kibana with Spaces (see the linked blog post for more info). Thanks to almathden for bringing this great news to our attention.

BornToBeRoot NETworkManager is a tool for managing and troubleshooting networks. Features include a dashboard, network interface, IP scanner, port scanner, ping, traceroute, DNS lookup, remote desktop, PowerShell (requires Windows 10), PuTTY (requires PuTTY), TigerVNC (requires TigerVNC), SNMP - Get, Walk, Set (v1, v2c, v3), wake on LAN, HTTP headers, whois, subnet calculator, OUI/port lookup, connections, listeners and ARP table. Suggested by TheZNerd, who finds it "nice [for] when I calculate subnet up ranges for building SCCM implementations for my clients."

Awesome Selfhosted is a list of free software network services and web applications that can be self hosted—instead of renting from SaaS providers. Example list categories include: Analytics, Archiving and Digital Preservation, Automation, Blogging Platforms ...and that's just the tip of the iceberg!

ElastiFlow is a network flow data collection and visualization tool that uses the Elastic Stack (Elasticsearch, Logstash and Kibana). Offers support for Netflow v5/v9, sFlow and IPFIX flow types (1.x versions support only Netflow v5/v9). Kindly recommended by slacker87.

MTPuTTY (Multi-Tabbed PuTTY) is a small utility that lets you wrap an unlimited number of PuTTY applications in a single, tabbed interface. Lets you continue using your favorite SSH client—but without the trouble of having separate windows open for each instance. XeroPoints recommends it "if you have a lot of ssh sessions."

Rclone is a command-line program for syncing files and directories to/from many platforms. Features include MD5/SHA1 hash checking for file integrity; file timestamp preservation; partial-sync support on a whole-file basis; ability to copy only new/changed files; one-way sync; check mode; network sync; backend encryption, cache, and union; and optional FUSE mount. Recommended by wombat-twist because it supports "many cloud/traditional storage platforms."

Graylog provides an open-source Linux tool for log management. Seamlessly collects, enhances, stores, and analyzes log data in a central dashboard. Features multi-threaded search and built-in fault tolerance that ensures distributed, load-balanced operation. Enterprise version is free for under 5GB per day. Graylog has announced a new version, and thanks to an alert from Arkiteck, we're passing along the news. "This release brings a whole new alerting and event system that provides more flexible alert conditions and event correlation based on the new search APIs that also power the views. In addition, some extended search capabilities introduced in Graylog Enterprise v3.0 are now available in the open source edition in preparation for unifying the various search features. Support for building search workflows with parameters remains a Graylog Enterprise function and will be enhanced in future releases once the search unification work is completed."

SpaceSniffer is a portable tool for understanding how folders and files are structured on your disks. It uses a Treemap visualization layout to show where large folders and files are stored. It doesn't display everything at once, so data can be easier to interpret, and you can drill down and perform folder actions. Reveals things normally hidden by the OS and won't lock up when scanning a network share.
 

Freeware Utilities for Windows can be found in this rather long list. Tools are organized by category: password recovery, network monitoring, web browser, video/audio related, internet related, desktop, Outlook/Office, programmer, disk, system and other. Appreciation to Adolfrian for the recommendation.

Checkmk is a comprehensive solution for monitoring of applications, servers, and networks that leverages more than 1700 integrated plug-ins. Features include hardware & software inventory; an event console; analysis of SysLog, SNMP traps and log files; business intelligence; and a simple, graphical visualization of time-series metrics data. Comes in both a 100% open-source edition and an Enterprise Edition with a high-performance core and additional features and support. Kindly suggested by Kryp2nitE.

MFCMAPI is designed for expert users and developers to access MAPI stores, which is helpful for investigation of Exchange and Outlook issues and providing developers with a sample for MAPI development. Appreciated by icemerc because it can "display all the folders and the subfolders that are in any message store. It can also display any address book that is loaded in a profile."

Ultimate Boot CD boots from any Intel-compatible machine, regardless of whether any OS is installed on the machine. Allows you to run floppy-based diagnostic tools on machines without floppy drives by using a CDROM or USB memory stick. Saves time and enables you to consolidate many tools in one location. Thanks to stick-down for the suggestion.

restic is a backup program focused on simplicity—so it's more likely those planned backups actually happen. Easy to both configure and use, fast and verifiable. Uses cryptography to guarantee confidentiality and integrity of the data. Assumes backup data is stored in an untrusted environment, so it encrypts your data with AES-256 in counter mode and authenticates using Poly1305-AES. Additional snapshots only take the storage of the actual increment and duplicate data is de-duplicated before it is written to the storage backend to save space. Recommended by shiitakeshitblaster who says, "I'm loving it! Wonderful cli interface and easy to configure and script."

TLDR (too long; didn’t read) pages is a community-driven repository for simplifying man pages with practical examples. This growing collection includes examples for all the most-common commands in UNIX, Linux, macOS, SunOS and Windows. Our appreciation goes to thblckjkr for the suggestion.

DPC Latency Checker is a Windows tool for analyzing a computer system's ability to correctly handle real-time data streams. It can help identify the cause of drop-outs—the interruptions in real-time audio and video streams. Supports Windows 7, Windows 7 x64, Windows Vista, Windows Vista x64, Windows Server 2003, Windows Server 2003 x64, Windows XP, Windows XP x64, Windows 2000. DoTheEvolution recommends it as a preferable way to check system latency, because otherwise you usually "just start to disconnect shit while checking it."

MediCat is bootable troubleshooting environment that continues where Hiren's Boot CD/DVD left off. It provides a simplified menu system full of useful PC tools that is easy to navigate. It comes in four versions: 

  • MediCat DVD—PortableApps Suite, Linux boot environments and a full mini Windows 10 WinPE Boot Environment
  • MediaCat DVD Naked—Linux boot environments and a full mini Windows 10 WinPE Boot Environment
  • Mini Windows 10 x64—Windows 10 WinPE Boot Environment and PortableApps Suite
  • Mini Windows 10 x64 Naked—Windows 10 WinPE Boot Environment

Recommended by reloadz400, who adds that it has a "large footprint (18GB), but who doesn't have 32GB and larger USB sticks laying everywhere?"

Network Analyzer Pro helps diagnose problems in your wifi network setup or internet connection and detects issues on remote servers. Its high-performance wifi device discovery tool provides all LAN device addresses, manufacturers and names along with the Bonjour/DLNA services they provide. Shows neighboring wi-fi networks and signal strength, encryption and router manufacturer that can help with finding the best channel for a wireless router. Everything works with IPv4 and IPv6. Caleo recommends it because it "does everything Advanced IP scanner does and more—including detailed network information, speed testing, upnp/bonjour service scans, port scans, whois, dns record lookup, tracert, etc."

Launchy is a cross-platform utility that indexes the programs in your start menu so you can launch documents, project files, folders and bookmarks with just a few keystrokes. Suggested by Patrick Langendoen, who tells us, "Launchy saves me clicks in the Win10 start menu. Once you get used to it, you begin wondering why this is not included by default."

PRTG monitors all the systems, devices, traffic and applications in your IT infrastructure—traffic, packets, applications, bandwidth, cloud services, databases, virtual environments, uptime, ports, IPs, hardware, security, web services, disk usage, physical environments and IoT devices. Supports SNMP (all versions), Flow technologies (NetFlow, jFlow, sFlow), SSH, WMI, Ping, and SQL. Powerful API (Python, EXE, DLL, PowerShell, VB, Batch Scripting, REST) to integrate everything else. While the unlimited version is free for 30 days, stillchangingtapes tells us it remains "free for up to 100 sensors."

SmokePing is an open-source tool for monitoring network latency. Features best-of-breed latency visualization, an interactive graph explorer, a wide range of latency measurement plugins, a master/slave system for distributed measurement, a highly configurable alerting system and live latency charts. Kindly suggested by freealans.

Terminals is a secure, multi-tab terminal services/remote desktop client that's a complete replacement for the mstsc.exe (Terminal Services) client. Uses Terminal Services ActiveX Client (mstscax.dll). Recommended by vermyx, who likes it because "the saved connections can use saved credential profiles, so you only have to have your credentials in one place."

EveryCloud's Free Phish is our own, new Phishing Simulator. Once you've filled in the form and logged in, you can choose from lots of email templates (many of which we've coped from what we see in our Email Security business) and landing pages. Run a one-off free phish, then see who clicked or submitted data so you can understand where your organization is vulnerable and act accordingly.

Prometheus is an open source tool for event monitoring and alerting. It features a multi-dimensional data model with time series data identified by metric name and key/value pairs, a flexible query language, no reliance on distributed storage (single server nodes are autonomous), time series collection via a pull model over HTTP, pushing time series supported via an intermediary gateway, targets discovered via service discovery or static configuration, and multiple modes of graphing and dashboarding support. Recommended by therealskoopy as a "more advanced open source monitoring system" than Zabbix.

NetworkMiner is a popular open-source network forensic analysis tool with an intuitive user interface. It can be used as a passive network sniffer/packet capturing tool for detecting operating systems, sessions, hostnames, open ports and the like without putting traffic on the network. It can also parse PCAP files for off-line analysis and to regenerate/reassemble transmitted files and certificates from PCAP files. Credit for this one goes to Quazmoz.

Unlocker is a tool to help delete those irritating locked files that give you an error message like "cannot delete file" or "access is denied." It helps with killing processes, unloading DLLs, deleting index.dat files, as well as unlocking, deleting, renaming, and moving locked files—typically without requiring a reboot.

Captura is a flexible tool for capturing your screen, audio, cursor, mouse clicks and keystrokes. Features include mixing audio recorded from microphone and speaker output, command-line interface, and configurable hotkeys. Thanks to jantari for the recommedation.

RocketDock is an application launcher with a clean interface that lets you drag/drop shortcuts for easy access and minimize windows to the dock. Features running application indicators, multi-monitor support, alpha-blended PNG and ICO icons, auto-hide and popup on mouse over, positioning and layering options. Fully customizable, portable, and compatible with MobyDock, ObjectDock, RK Launcher and Y'z Dock skins. Works even on slower computers and is Unicode compliant. Suggested by lieutenantcigarette: "If you like the dock on MacOS but prefer to use Windows, RocketDock has you covered. A superb and highly customisable dock that you can add your favourites to for easy and elegant access."

IIS Crypto's newest version adds advanced settings; registry backup; new, simpler templates; support for Windows Server 2019 and more. This tool lets you enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows and reorder SSL/TLS cipher suites from IIS, change advanced settings, implement best practices with a single click, create custom templates and test your website. Available in both command line and GUI versions.

PingCastle is a Windows tool for auditing the risk level of your AD infrastructure and identifying vulnerable practices. The free version provides the following reports: Health Check, Map, Overview and Management. Recommended by L3T, who cheerfully adds, "Be prepared for the best free tool ever."

Jenkins is an open-source automation server, with hundreds of plugins to support project building, deployment and automation. This extensible automation server can be used as a simple CI server or turned into a continuous delivery hub. Can distribute work across multiple machines, with easy setup and configuration via web interface. Integrates with virtually any tool in the continuous integration/delivery toolchain. It is self-contained, Java-based and ready to run out-of-the-box. Includes packages for Windows, Mac OS X and other Unix-like operating systems. A shout out to wtfpwndd for the recommendation.

Strace is a Linux diagnostic, debugging and instructional userspace tool with a traditional command-line interface. Uses the ptrace kernel feature to monitor and tamper with interactions between processes and the kernel, including system calls, signal deliveries and changes of process state.

Baby FTP Server offers only the basics, but with the power to serve as a foundation for a more-complex server. Features include multi-threading, a real-time server log, support for PASV and non-PASV mode, ability to set permissions for download/upload/rename/delete/create directory. Only allows anonymous connections. Our thanks to FatherPrax for suggesting this one.

iPerf3 provides active measurements of the maximum achievable bandwidth on IP networks. Reports the bandwidth, loss and other parameters. Lets you tune various parameters related to timing, buffers and protocols (TCP, UDP, SCTP with IPv4 and IPv6). Be aware this newer implementation shares no code with the original iPerf and is not backwards compatible. Credit for this one goes to Moubai.

LatencyMon analyzes the possible causes of buffer underruns by measuring kernel timer latencies and reporting DPC/ISR excecution times and hard pagefaults. It provides a comprehensible report and identifies the kernel modules and processes behind audio latencies that result in drop outs. It also provides the functionality of an ISR monitor, DPC monitor and a hard pagefault monitor. Requires Windows Vista or later. Appreciation to aberugg who tells us, "LatencyMon will check all sorts of info down to what driver/process might be the culprit. It will help you narrow it down even more. This tool helped me realize that Windows 10's kernel is terrible in terms of device latency when compared to previous versions."

GNU parallel is a shell tool for executing jobs—like a single command or a small script that has to be run for each of the lines in the input—in parallel on one or more computers. Typical input is a list of files, hosts, users, URLs or tables. A job can also be a command that reads from a pipe, which can then be split and piped into commands in parallel. Velenux finds it "handy to split jobs when you have many cores to use."

rsync is a faster file transfer program for Unix to bring remote files into sync. It sends just the differences in the files across the link, without requiring both sets of files to be present at one of the ends. Suggested by zorinlynx, who adds that "rsync is GODLY for moving data around efficiently. And if an rsync is interrupted, just run it again."

exa is a small, fast replacement for ls with more features and better defaults. It uses colors to distinguish file types and metadata, and it recognizes symlinks, extended attributes and Git. All in one single binary. phils_lab
describes it as "'ls' on steroids, written in Rust."

Kanboard is open-source project management software that features a simple, intuitive user interface, a clear overview of your tasks—with search and filtering, drag and drop, automatic actions and subtasks, attachments and comments. Thanks go to sgcdialler for this one!

Monosnap is a cross-platform screenshot utility with some nice features. Suggested by durgadas, who likes it because it "has a built-in editor for arrows and blurring and text and can save to custom locations—like Dropbox or multiple cloud services, including it's own service, Amazon S3, FTP, SFTP, Box, Dropbox, Google Drive, Yandex, Evernote... Video and gaming screen capture also, shrink Retina screenshot preference, etc, etc... Every feature I've ever wanted in a screenshot utility is there."

Advanced Port Scanner is a network scanner with a user-friendly interface and some nice features. Helps you quickly find open ports on network computers and retrieve versions of programs running on those ports. Recommended by DarkAlman, who sees it as the "same as [Advanced IP Scanner], but for active ports."

Matter Wiki is a simple WYSIWYG wiki that can help teams store and collaborate. Every article gets filed under a topic, transparently, so you can tell who made what changes to which document and when. Thanks to bciar-iwdc for the recommendation.

LockHunter is a file unlocking tool that enables you to delete files that are being blocked for unknown reasons. Can be useful for fighting malware and other programs that are causing trouble. Deletes files into the recycle bin so you can restore them if necessary. Chucky2401 finds it preferable to Unlocker, "since I am on Windows 7. There are no new updates since July 2017, but the last beta was in June of this year."

RD Tabs is a multi-tabbed remote desktop client that improves on the basic utility built into Windows' Remote Desktop Connection. Designed for those who regularly access multiple remote machines, RD Tabs uses a tabbed interface to manage open remote connections in a way that seems familiar because it's similar to current browsers. Includes features like password encryption, remote terminal server management, connection thumbnails and command line scripting. Recommended by TinderSubThrowAway.

Cacti is a network graphing solution leveraging RRDTool's data storage and graphing functionality. It offers a fast poller, advanced graph templating, multiple data acquisition methods and user management features with an intuitive, easy to use interface. Works from smaller LAN installations up to complex networks with thousands of devices. Hats off to OffandOnAgainio for this one.

changelog is designed to tell you what's changed in the last hour on a distributed system, which can be useful during troubleshooting. Has a simple REST API where events post and a web interface that allows you to easily see and filter events. You arrange to send any event that could possibly create trouble, and then when something goes wrong, you can quickly know what's changed recently that might be at fault. Our thanks to parasiticBanjo for the recommendation.

Google Apps Manager is a command line tool that helps Google G Suite admins easily manage domain and user settings. ninjatoothpick uses it almost daily because it "can be used to do almost anything in Google Apps, like creating/deleting users and groups, managing permissions and roles, and so much more. You can use it to find specific files in gdrive and look at ownership and access too. I've made a whole bunch of scripts that use the options that are available, so I can create a user in a specific domain with specific permissions and a password in specific groups by just calling one script."

Splice Admin is a remote Windows administration tool for retrieving information from and interacting with remote machines on your network. Appreciation goes to KlrFly for this recommendation.

Univention Corporate Server provides you with a central console for managing your entire IT setup simply. Lets you give your domain's users easy access to services and resources while keeping the digital identities under your control. bprfh tells us, "I like univention. You can basically drop in univention AD as a replacement for a windows AD server. Nice webgui and mail server too."

Browsh is a text-based browser that can render HTML5, CSS3, JS, video and WebGL. It can be run on a remote server and accessed via SSH/Mosh or the in-browser HTML service to significantly reduce bandwidth for faster browsing. Described by jrddunbr as "based on Firefox (somewhat literally) and displays colored webpages in a ssh session pretty well. I was surprised with it's abilities to display imagery and other content like videos. Not the best, but cool."

MemTest is a RAM reliability tester for Windows that checks how accurately your computer can store and retrieve data. This can give you an idea if your hardware is too old, poorly configured or damaged—which causes stability problems that lead to crashes. This early notice can save you from trouble down the road, as adding corrupted data to your hard disk will create growing instability. Thanks to shadenoah for the tip!

UPC provides Remote User Profile management over local area networks. CalebDK likes it better than PCMover because UPC "will keep profile settings. User has 3 network shares pinned in quick access? UPC will keep those... [it] will re-pin taskbar, keep desktop icon layouts, pinned shortcuts, default applications, etc. PCMover doesn't do any of this."

drive lets you pull or push Google Drive files. After the original version was abandoned by developer Burcu Dogan (who was on the Google Drive team at the time), this handy tool was adopted by another developer in 2015 and is still maintained. Recommended by jwilson8767 because it "makes it much easier to manage items in drive in bulk."

Orca MSI Editor enables you to edit the properties of any MSI file. It used to be a part of Microsoft Developer Tools but is now retired. Since finding it within the MS Developer Tools is such a chore, a kind soul has made it available for download as a standalone tool. orwiad10 tells us, "Orca is a great tool for investigating .msi installers. Especially useful for getting undocumented command line install flags for automations." NotHighEnuf finds it "incredibly useful for grabbing product codes for SCCM."

RTV is a python-based interface for viewing and interacting with reddit. Suggested by cawfee, who tells us it "works great on a small screen and even on a phone in termux!"

Zabbix is the ultimate open-source enterprise-level software for real-time monitoring of servers, virtual machines and network devices. Recommended by therealskoopy because it's "actually pretty easy to set up and has a lot of great out of the box features like low level network discovery with lldp/ping/nmap and auto-registrations."

IdleLogoff provides a Windows option that can be managed by GPO to force a logoff or reboot after X minutes of inactivity. VulturE tells us, "It comes with an admx file to import for management via GPO as long as the app is installed on the system. I've used it on a boss's second pc where he wants it to logoff if he didn't remember to lock it after 15 mins of inactivity. Or at a very small medical provider where they have a dedicated scan station and the software doesn't play nice with fast user switching. It's an MIT License so it's good to go for a business environment as well."

Windows Sandbox is a lightweight desktop environment where you can run untrusted software safely. The software installed remains isolated in the sandbox so it cannot affect your host. Once it is closed, the software and associated files/state are permanently deleted. BlackEarl thought it was worth a mention because it was "included in 1903 update... [but] haven't seen much mentioned about it."

Atom is an open-source text and source code editor for Mac, Linux and Windows. This desktop application was built using web technologies, and it offers support for plug-ins written in Node.js with embedded Git control. Thanks to PatientTwo9 for the recommendation.

InstEd is an msi editor that's designed for professionals. Features include building cabs from the media table, multi-file editing using tabs, efficiently handles multiple files, easy navigation, accurate editing, change highlighting, easy validation and transform chaining. Sekers prefers this tool for dealing with MSIs.

Universal Database Tool is a multi-platform database tool for developers, SQL programmers, database administrators and analysts. Supports all popular databases: MySQL, PostgreSQL, MariaDB, SQLite, Oracle, DB2, SQL Server, Sybase, MS Access, Teradata, Firebird, Derby, etc. Appreciation to majkinetor for the suggestion.

NTFS Permissions Auditor allows you to quickly analyze, verify and review any NTFS folder permissions. The free version offers deep, detailed audit results. Also available in a Pro version that adds customizable filtering, exporting to various formats and more. Suggested by sysit92.

Mouse without Borders allows you to control up to four computers from a single mouse and keyboard. This means you can copy text or drag and drop files across computers. AudibleNod tells us, "It's different from dameware, VNC and the like. If you're operating several laptops at one workstation this is the tool for you."

glogg is a multi-platform GUI app to help programmers and sysadmins more easily browse/searche through long or complex log files. It is essentially a graphical, interactive combination of grep and less. Grintor suggests it as "the very best log viewer for extremely large logs. Need to read a 500GB log file on a computer with 4GB of ram? Glogg's got you fam."

PS2EXE-GUI is an improved version of the much-loved script of Ingo Karstein with GUI support. The GUI output/input is activated with a switch, and real windows executables are generated. Includes Powershell 5.x support and graphical front end. cpierr03 tells us this is "real good stuff. I use it to create a lot of internal GUI tools."

Spectacle is an open-source app for Mac that allows you to easily move and resize windows using simple, customizable keyboard shortcuts. Recommended by sysinitz because it "gives a Mac the same possibility as Windows regarding moving Windows around."

htop is an alternative to top, the Unix program system-monitor/process-viewer and process-manager. This text-mode application (for console of X terminals) shows a frequently updated list of the processes running on a computer, organized by CPU usage. Requires ncurses. Suggested by organman91. 

ADRecon extracts and combines artifacts from an AD environment and generates an Excel report with summary views and metrics of the current state of that environment. Can be run from any workstation connected to the environment—even hosts that are not domain members—and can be executed in the context of a non-privileged (standard domain user) account. Useful for security professionals like auditors, DFIR, students and admins; and can be an invaluable post-exploit tool for a penetration tester. Recommended by bradgillap, who finds it "a good alternative to ping castle."

Remmina is a remote desktop client for POSIX-based computer operating systems. Intended for sysadmins and travellers who have to work on remote computers with either large monitors or tiny netbooks. Feature-rich with loads of available plug-ins. Written in GTK+, it supports multiple network protocols in an integrated and consistent user interface. Currently RDP, VNC, SPICE, NX, XDMCP, SSH and EXEC are supported. Suggested by HughJohns0n.

User Profile Wizard migrates current user profiles to new user accounts, preserving existing data and settings. Useful for easy large-scale migrations to new domains from any existing Windows network or from a Novell NDS network.Can join standalone computers to a domain for the first time, or migrate workstations from a domain back to a workgroup. Doesn't move, copy or delete any data. Instead it configures the profile “in place” making the process extremely fast and safe. While not free, it is definitely worth a mention. Appreciation goes to meatwad75892 for this one.

KDE Connect is a multi-platform app for wireless communication among your devices. Allows you to share a clipboard between your phone and computer (or any other device) so you can read and reply to Android notifications from the desktop, share files and URLs instantly from one device to another, use your phone as a presentation remote and use your phone screen as your computer's touchpad and keyboard. Uses TLS encryption. Recommended by HC_Tech.

FTK Imager Lite is a data preview and imaging tool that captures forensic data on a compromised system to gather evidence after a hack. Creates copies of data without making changes to the original evidence. Allows you to create forensic images of local drives and devices, preview the contents of the images, mount images for read-only viewing, export files and folders, see and recover files that were deleted but not yet overwritten on the drive, create hashes of files to check the integrity of the data and generate hash reports for regular files and disk images.

osTicket is an open-source support ticket system that seamlessly integrates inquiries from email, phone and web-based forms in a simple, multi-user web interface. Lets you manage, organize and archive all support requests and responses in a single location to make customer support more efficient. Suggested by handerrood.

DokuWiki is an easy, versatile open-source wiki software that doesn't require a database. Its built-in access controls and authentication connectors make it especially helpful in the enterprise context. An active community contributes to the large library of plugins that enhance function far beyond a traditional wiki. Credit for this one goes to timunraw.

Flameshot is an easy-to-use screenshot tool for Linux. The GUI includes a wide variety of tools for annotating your screenshots, and you can save the resulting images locally or upload to Imgur. Recommended by spam2 as the best tool for screenshots.

Hexyl is a simple hex viewer for Terminal that uses a colored output to distinguish different categories of bytes (NULL bytes, printable ASCII characters, ASCII whitespace characters, other ASCII characters and non-ASCII). Kindly suggested by phils_lab.

Wsus Package Publisher lets you publish your own updates as MSI, MSP or EXE files to deploy applications like Adobe Reader, Java, Flash Player or Symantec Endpoint Protection and update them. Import updates from vendor catalogs like Dell, HP and Fujitsu to publish hardware updates like drivers or new BIOS versions to your servers and PCs. Suggested by OurWhoresAreClean, who adds, "It'll let you push those third-party updates directly from WSUS. It takes some playing with, but it works."

UrBackup is an easy-to-setup, open-source client/server backup system with a web interface. It uses a combination of image and file backups to ensure data safety and speed. Backups are made while the system is running without interrupting current processes. Continuously watches flagged folders for differences from previous backups, so incremental backups are fast. Files can be restored through the web interface, the client or Windows Explorer, and backups of drive volumes can be restored with a bootable CD or USB-Stick. Suggested by realistap, who has "been using for about 20 computers across two sites. Can support multi backup servers. Had a few hard drive failures and restore was easy. Overall has no vested interest in selling you anything, so don't need to worry about limits or premium version, etc."

FusionPBX is an open-source GUI for FreeSWITCH, a highly scalable, multi-threaded, multi-platform communication software. It can be used as a highly available single or domain based multi-tenant PBX, carrier grade switch, call center server, fax server, voip server, voicemail server, conference server, voice application server, appliance framework and more. Features include unlimited extensions, voicemail-to-email, music on hold, call parking, call center, call queues, phone provisioning. FlyingSysAdmin tells us, "I can highly recommend it! I use it myself in production and it has been rock stable so far with many "out of the box" features included."

The Ultimate Silent Switch Finder helps speed up deployment of an EXE. Since most applications aren't standardized, the silent switches an EXE supports depend on the packaging technology and vendor. This means finding all the silent switches can be time-consuming. Enter this nifty tool, suggested by Sharp_Eyed_Bot, who adds, "it essentially tells you what arguments to use on an installer package to get it to silently install." May not work for some custom-packaged EXEs. 

7-Zip is an open-source file archiver with a high compression ratio for Windows. It provides a compression ratio 2-10 % better than PKZip and WinZip, with strong AES-256 encryption in 7z and ZIP formats, self-extracting capability for 7z format, integration with Windows Shell, a powerful file manager and command line version, a plugin for FAR Manager and localizations for 87 languages. Appreciation to The-Dark-Jedi for the recommendation.

Launcher for Windows is an effective alternative to Alfred and Launchy that enables you to search for everything—applications, uwp, folders, files, programs, plugins, Google. Thanks go to Arkiteck for the recommendation.

Blackbox Exporter lets you check if HTTP and HTTPS endpoints are working. Allows blackbox probing of endpoints over HTTP, HTTPS, DNS, TCP and ICMP. Suggested by SuperQue.

Core Temp is an easy-to-use, compact monitor of processor temperature and other vital information. It can display temperature for each individual core of every processor in your system so you can see temperature fluctuations in real time during different workloads. Customizeable and expandable, with plugins to extend functionality. Appreciation for this one goes to jjkmk.

sp_Blitz is a fast, easy SQL server health check that flags common issues. For each warning, you get a link to a web page with more detailed information. Helps identify configuration settings that are causing slow performance or unreliability. Thanks to vIpshnu for the suggestion.

Zenmap is the multiplatform, open-source GUI for Nmap Security Scanner. Makes Nmap easier for beginners while also offering advanced features for experienced users. Profiles of often-used scans can be saved for easy access, and a command creator allows interactive creation of Nmap command lines. Scan results can be saved in a searchable database. Recommended by nsto for those who are "on Windows and want an actually useful, extremely powerful network scanner."

Telegraf is an open source, plugin-driven server agent that helps collect metrics from your stacks, sensors and systems. It is written in Go, compiles into a single binary with no external dependencies and requires a minimal memory footprint. Recommended by unikstylz.

phpipam is an open-source web IP address management application. Features IPv4/IPv6 address management, ICMP status updates, domain authentication (AD)/OpenLDAP authentication, per-group permissions, VRF support, device management and much more. Thanks go to ViciousEntropy for the recommendation.

Kubernetes is a container-centric management environment. This portable, extensible, open-source platform allows you to manage containerized workloads and services. It facilitates both declarative configuration and automation and has a large, rapidly growing ecosystem of services, support and tools. Orchestrates computing, networking and storage infrastructure on behalf of user workloads. Recommended by SuperQue.

Process Monitor shows real-time file system, registry and process/thread activity for Windows. It combines the features of Filemon and Regmon with enhancements like rich and non-destructive filtering, comprehensive event properties, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file and more.

Performance Analysis of Logs (PAL) interprets performance counter logs using known thresholds. Features an easy-to-use GUI, thresholds files for most of the main Microsoft products, report creation in HTML for copy/pasting into other applications. Analyzes performance counter logs for thresholds using thresholds whose criteria change based on the computer's role or hardware specs. Appreciation to jeffstokes72 for the suggestion.

SQL Workbench/J is a DBMS-independent, cross-platform SQL query tool designed to run SQL scripts (either interactively or as a batch) and export/import. It is written in Java and should work on any OS that provides a Java Runtime Environment. This one was kindly recommended by The-Dark-Jedi.

ConEmu is a highly configurable, fast terminal window for hosting any console application for WinAPI (cmd, powershell, far) or Unix PTY (cygwin, msys, wsl bash). It presents multiple consoles and simple GUI applications as one customizable, tabbed GUI window. Its deep integration makes ConEmu the best companion for Far Manager. Features include storing favorite commands and configurations in a one-click location and a text-based file manager. Looks at the currently running application and some heuristics and overlays progress. Recommended by majkinetor.

Rundeck allows you to create automated runbooks that provide self-service to your team and eliminate the need to fill out tickets and wait. Expand the number of people who can safely respond to incidents by selecting who on your staff will have self-service access to the operations procedures. Create standard operating procedures that enable faster resolution of incidents and reduce the number of escalations and interruptions. Suggested by bmullan.

FalconFour Ultimate Boot CD contains the most popular and useful free and commercial software tools all on one CD-R that’s readable by virtually any computer. Perfect for those times when you need to boot a machine that can't read a DVD, and without the headaches that can come with USB booting. Thanks to orion3999 for the recommendation.

Oxidized is a network device configuration backup tool that serves as a RANCID replacement. It's light and extensible, with support for more than 90 OS types. Features include: Automatic addition/removal of threads to meet configured retrieval interval, syslog udp+file example to catch config change events (IOS/JunOS) and trigger a config fetch, signals which IOS/JunOS user made the change so it can be used by output modules (via POST), git output module uses this info (‘git blame' shows who changed each line and when) and restful API to:

  • move node immediately to head-of-queue.
  • reload list of nodes.
  • fetch configurations.
  • show list of nodes and versions for a node and diffs.

CPU-Z gathers information on your system's main devices. Data collected includes: processor name/number, codename, process, package, cache levels; mainboard & chipset; memory type, size, timings and module specifications (SPD); real-time measurement of each core's internal frequency, memory frequency. CaptainFluffyTail suggests it "for when you want to find out what is inside a machine but don't feel like cracking the case. Not an everyday tool by any means, but useful for working on oddball (legacy) equipment. Not everyone has an inventory management tool that pulls back BIOS version or installed memory."

calibre is a simple, powerful open-source e-book manager. It goes a step beyond normal e-book software with features like the ability to edit any e-book and convert between many e-book formats. Suggested by Petti-The-Yeti, who says, "I have an obscene amount of Ebooks, whitepapers, reference docs, etc. I load them into Calibre and keep them organized in there. That also means I have a way to look up anything and everything. No thumbing through hundreds of pages for one particular code snippet. Just a Ctrl+F."

 
 
 

Free Services

SSL Labs SSL Server Test is a free online service that will run a deep analysis on the configuration for any SSL web server. Simply enter the hostname, and you'll get a detailed report highlighting any problems found on each server.

Draw.io is a free, browser-based diagramming application that's terrific for creating flowcharts and org charts. It's available as an online application with optional integration to various cloud storage options.

ImmuniWeb® SSLScan allows you to test SSL/TLS security and implementation for compliance with PCI DSS requirements, HIPAA guidance and NIST guidelines. Checks SSL certificate expiration for subdomains, insecure third-party content, and email servers’ SPF, DKIM, and DMARC implementation. Credit for this one goes to pixl_graphix.

BadSSL.com offers a simple, free way to test a browser's security setup. This helpful service was suggested by Already__Taken who advises you to "test what your MITM proxy will happily re-sign and present to you as a valid site."

Testssl.sh is a free command line tool that checks a server's service on any port for the support of TLS/SSL ciphers, protocols, recent cryptographic flaws and more. Recommended by stuck_in_the_tubes who likes it "for when you need to assess protocol encryption without the use of external services."

UptimeRobot is a service that alerts you whenever your monitored websites are down. Sites are checked every 5 minutes (or more depending on settings), and alerts can go out via e-mail, SMS, voice calls, Telegram, Slack, Microsoft Teams, push or web-hooks. It allows you to check HTTP(s), ping, port and keywords; view uptime, downtime and response times; verify downtime from multiple locations; and adjust settings to ignore minor downtimes or maintenance windows. Thanks go to orgitnized for suggesting this one!

Blacklist Monitor is an RBL monitoring service that can monitor all your IP addresses and domain names and notify you should anything get blacklisted. Helps you quickly find the source of the spam or malware that's affecting you and immediately begin the delisting process. The service is free for up to 32 IPv4 and domain monitors.

Wetransfer is a simple, easy-to-use cloud-based file transfer service that allows you to send files up to 2 GB anywhere in the world free of charge.

Temp-Mail allows you to receive email at a temporary address that self-destructs after a certain period of time. Outwit all the forums, Wi-Fi owners, websites and blogs that insist you register to use them. Petti-The-Yeti says, "I don't give any company my direct email anymore. If I want to trial something but they ask for an email signup, I just grab a temporary email from here, sign up with it, and wait for the trial link or license info to come through. Then, you just download the file and close the website."

Free My IP offers free, dynamic DNS. This service comes with no login, no ads, no newsletters, no links to click and no hassle. Kindly suggested by Jack of All Trades.

Duck DNS will point a DNS (sub domains of duckdns.org) to an IP of your choice. DDNS is a handy way for you to refer to a server/router with an easily rememberable name for situations when the server's ip address will likely change. Suggested by xgnarf, who finds it "so much better for the free tier of noip—no 30-day nag to keep your host up."

Joe Sandbox detects and analyzes potential malicious files and URLs on Windows, Android, Mac OS, Linux and iOS for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed reports. The Community Edition of Joe Sandbox Cloud allows you to run a maximum of 6 analyses per month, 3 per day on Windows, Linux and Android with limited analysis output. This one is from dangibbons94, who wanted to "share this cool service ... for malware analysis. I usually use Virus total for URL scanning, but this goes a lot more in depth. I just used basic analysis, which is free and enough for my needs."

Mailinator provides free, temporary email inboxes on a receive-only, attachment-free system that requires no sign-up. All @mailinator.com addresses are public, readable and discoverable by anyone at any time—but are automatically deleted after a few hours. Can be a nice option for times when you to give out an address that won't be accessible longterm. Recommended by nachomountain, who's been using it "for years." 

Hybrid Analysis is a malware analysis service that detects and analyzes unknown threats for the community. This one was suggested by compupheonix, who adds that it  "gets you super detailed reports... it's about the most fleshed out and detailed one I can find."

JustBeamIt is a file-transfer service that allows you to send files of any size via a peer-to-peer streaming model. Simply drag and drop your file and specify the recipient's email address. They will then receive a link that will trigger the download directly from your computer, so the file does not have to be uploaded to the service itself. The link is good for one download and expires after 10 minutes. Thanks to cooljacob204sfw for the recommendation!

ShieldsUP is a quick but powerful internet security checkup and information service. It was created by security researcher Steve Gibson to scan ports and let you know which ones have been opened through your firewalls or NAT routers.

Magic Wormhole is a service for sending files directly with no intermediate upload, no web interface and no login. When both parties are online you with the minimal software installed, the wormhole is invoked via command line identifying the file you want to send. The server then provides a speakable, one-time-use password that you give the recipient. When they enter that password in their wormhole console, key exchange occurs and the download begins directly between your computers. rjohnson99 explains, "Magic Wormhole is sort of like JustBeamIt but is open-source and is built on Python. I use it a lot on Linux servers."

USBDeview lists all USB devices currently or previously connected to a computer. Displays details for each device—including name/description, type, serial number (for mass storage devices), date/time it was added, VendorID, ProductID, and more. Allows you to disable/enable USB devices, uninstall those that were previously used and disconnect the devices currently connected. Works on a remote computer when logged in as an admin. Thanks to DoTheEvolution for the suggestion.

Firefox Send is an encrypted file transfer service that allows you to share files up to 2.5GB from any browser or an Android app. Uses end-to-end encryption to keep data secure and offers security controls you can set. You can determine when your file link expires, the number of downloads, and whether to add a password. Your recipient receives a link to download the file, and they don’t need a Firefox account. This one comes from DePingus, who appreciates the focus on privacy. "They have E2E, expiring links, and a clear privacy policy."

WSCC - Windows System Control Center will install, update, execute and organize utilities from suites such as Microsoft Sysinternals and Nirsoft Utilities. Get all the tools you want in one convenient download!

Free DNS is a service where programmers share domain names with one another at no cost. Offers free hosting as well as dynamic DNS, static DNS, subdomain and domain hosting. They can host your domain's DNS as well as allowing you to register hostnames from domains they're hosting already. If you don't have a domain, you can sign up for a free account and create up to 5 subdomains off the domains others have contributed and point these hosts anywhere on the Internet. Thanks to 0x000000000000004C (yes, that's a username) for the suggestion!

ANY.RUN is an interactive malware analysis service for dynamic and static research of the majority of threats in any environment. It can provide a convenient in-depth analysis of new, unidentified malicious objects and help with the investigation of incidents. ImAshtonTurner appreciates it as "a great sandbox tool for viewing malware, etc."

Plik is a scalable, temporary file upload system similar to wetransfer that is written in golang. Thanks go to I_eat_Narwhals for this one!

Have I been pwned? is a service that looks up the accounts that are known to have been compromised in data breaches. Tells you if your email has been compromised, when and by whom. Another fine recommendation from jjkmk.

DKIM Validator quickly shows your DomainKeys, DKIM, SPF validity and SpamAssassin score in a single place. To use the service, first send an email to any address @dkimvalidator.com. Then go to https://dkimvalidator.com/ for your results. Since your message passes through regular mail servers, these tools will see the headers and can help you verify end-to-end functionality of your DKIM and SPF configuration, as well as your SpamAssasin score. Appreciation to jjkmk for the suggestion.

10MinuteMail is another temporary email option, with secure accounts that expire—disposing of any associated emails—in 10 minutes. Perfect for when you don't want your real e-mail address to end up on spam lists. Suggested by hackeristi because "10 min is all I need."phpipam is an open-source web IP address management application. Features IPv4/IPv6 address management, ICMP status updates, domain authentication (AD)/OpenLDAP authentication, per-group permissions, VRF support, device management and much more. Thanks go to ViciousEntropy for the recommendation.

Kubernetes is a container-centric management environment. This portable, extensible, open-source platform allows you to manage containerized workloads and services. It facilitates both declarative configuration and automation and has a large, rapidly growing ecosystem of services, support and tools. Orchestrates computing, networking and storage infrastructure on behalf of user workloads. Recommended by SuperQue.

Process Monitor shows real-time file system, registry and process/thread activity for Windows. It combines the features of Filemon and Regmon with enhancements like rich and non-destructive filtering, comprehensive event properties, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file and more.

Performance Analysis of Logs (PAL) interprets performance counter logs using known thresholds. Features an easy-to-use GUI, thresholds files for most of the main Microsoft products, report creation in HTML for copy/pasting into other applications. Analyzes performance counter logs for thresholds using thresholds whose criteria change based on the computer's role or hardware specs. Appreciation to jeffstokes72 for the suggestion.

SQL Workbench/J is a DBMS-independent, cross-platform SQL query tool designed to run SQL scripts (either interactively or as a batch) and export/import. It is written in Java and should work on any OS that provides a Java Runtime Environment. This one was kindly recommended by The-Dark-Jedi.

ConEmu is a highly configurable, fast terminal window for hosting any console application for WinAPI (cmd, powershell, far) or Unix PTY (cygwin, msys, wsl bash). It presents multiple consoles and simple GUI applications as one customizable, tabbed GUI window. Its deep integration makes ConEmu the best companion for Far Manager. Features include storing favorite commands and configurations in a one-click location and a text-based file manager. Looks at the currently running application and some heuristics and overlays progress. Recommended by majkinetor.

 

 

Quotes

"Passwords are like underwear. You shouldn't leave them out where people can see them. You should change them regularly. And you shouldn't loan them out to strangers." Source Unknown

"Give a person a fish and you feed them for a day; teach that person to use the Internet and they won't bother you for weeks."  An Unknown SysAdmin.

"If you want immediate feedback, always make changes in production" Source: Unknown.

"It's easy to forget that the ultimate goal of systems administration is to make systems, applications and services available to people who use them to get their jobs done. A good systems administrator must be able to communicate and get along well with others." Source article here

"A computer lets you make more mistakes faster than any invention in human history—with the possible exceptions of handguns and tequila." Mitch Ratcliffe

 

Tips

Are you being effective or just efficient? “Efficiency is doing things right; effectiveness is doing the right things.” This can make all the difference whether you're a SysAdmin, CTO or MSP. The way I think about this is essentially; are you being very organized (effective) working towards your specific goals (effective), or just being organized, feeling good about it, but achieving little. Read more about this in the "Effective Executive" by Peter Drucker.

Speed up your mouse pointer. Mine is at max. Try it. It's strange for the first hour, then you get used to it and get everything done faster. 

Windows Key + directional arrows will move and resize windows. (I.e., Windows Key + Up will maximize the window, windows key + left will snap it to the left of the screen and make it full height, WK + right will do the same but on the right side of the screen, WK + down will minimize the window.)

From greatshittywifi: "For Windows desktop cleanup I just wrote a simple batch script. Make yourself a folder called "sorted" or something and in it a subfolder for common file types "jpg", "png", "gif", etc. Then open up notepad, and paste this in:

move *.jpg "F:\sorted\jpg\"
move *.png "F:\sorted\png\"
move *.gif "F:\sorted\gif\"

Save it with a .bat extension, and voila! I'm sure you could modify this approach to detect file extensions, then mkdirs and move everything from a for loop if you want to go that far."

Quickly Find a MAC Address. Rather than going through network dialog windows or scrolling through long lists via ipconfig, simply open up a command prompt and type getmac. It’s quick, and easy, especially if you have multiple NIC interfaces.

Import PST files to Office 365 Exchange. For all of you Office 365 users, this is an option you need in your armory. 

Here's a simple trick for physically tracing unlabeled server-room cables: Slide a velcro loop or binder clip along the cable until you reach the other end. 

Use a mobile app barcode scanner to input IT hardware inventory. Just scan, then copy and paste instead of entering manually. You'll save a little time and eliminate the possibility of introducing typos.

For access to all of the sysinternals tools on any Windows box with internet, just Win+R and open \\live.sysinternals.com\tools. It's a public SMB share with all of the tools that Microsoft hosts. Thanks to jedieaston for the tip.

BASH keyboard shortcut: 'Control + r' initiates a name/command lookup from the bash history. As you type, this 'reverse incremental search' will autocomplete with the most-recent match from your history.

Here are some helpful, lesser-known keyboard shortcuts for Windows, pulled together by sysadmin brother_bean.

Press the Windows Key + ...

  • Left or Right arrow—to snap the active window to half of the screen. (You can also do this by clicking and dragging your active window and smashing it into the left or right side of the screen.)
  • Up arrow—to maximize active window.
  • D—takes you to your desktop again to go back to your active window.
  • M—to minimize everything.
  • Shift + Left or Right arrow—to send your active window to the next monitor over, left or right respectively.

More keyboard shortcuts for Windows. Thanks for these go to RegularAlicorn.

  • Win + Ctrl + D—New virtual desktop
  • Win + Ctrl + (Left Arrow|Right Arrow)—Switch virtual desktop backward/forward
  • Ctrl + Shift + Enter (from the Start Menu)—Open focus program with admin privilege
  • Win + X (Win8+)—Really neat menu (RegularAlicorn's most-used shortcut) 
  • Win + Pause—Open the system settings
  • Win + L—Lock your computer
  • Ctrl + Win + Shift + B—Reset the graphics driver (may help avoid a restart for docking issues)
  • Win + Shift + S: Captures a user-selectable area of the screen to the clipboard (on Windows 10 Ver 1703+)
  • WIN + CTRL + F4: Close a virtual desktop

A shortcut for a 4-pane explorer in Windows without installing 3rd party software:

  • Win + E, win + left, up
  • Win + E, win + right, up
  • Win + E, win + left, down
  • Win + E, win + right, down

(Keep the win key down for the arrows, and no pauses.) Appreciation goes to ZAFJB for this one.

Our recent tip for a shortcut to get a 4-pane explorer in Windows, triggered this suggestion from SevaraB: "You can do that for an even larger grid of Windows by right-clicking the clock in the taskbar, and clicking 'Show windows side by side' to arrange them neatly. Did this for 4 rows of 6 windows when I had to have a quick 'n' dirty "video wall" of windows monitoring servers at our branches." ZAFJB adds that it actually works when you right-click "anywhere on the taskbar, except application icons or start button."

This tip comes courtesy of shipsass: "When I need to use Windows Explorer but I don't want to take my hands off the keyboard, I press Windows-E to launch Explorer and then Ctrl-L to jump to the address line and type my path. The Ctrl-L trick also works with any web browser, and it's an efficient way of talking less-technical people through instructions when 'browse to [location]' stumps them."

Clear browser history/cookies by pressing CTRL-SHIFT-DELETE on most major browsers. Thanks go to synapticpanda, who adds that this "saves me so much time when troubleshooting web apps where I am playing with the cache and such."

To rename a file with F2, while still editing the name of that file: Hit TAB to tab into the renaming of the next file. 
Thanks to abeeftaco for this one!

Alt-D is a reliable alternative to Ctrl-L for jumping to the address line in a browser.
Thanks for this one go to fencepost_ajm, who explains: "Ctrl-L comes from the browser side as a shortcut for Location, Alt-D from the Windows Explorer side for Directory."

Browser shortcut: When typing a URL that ends with dot com, Ctrl + Enter will place the ".com" and take you to the page.
Thanks to wpierre for this one!

This tip comes from anynonus, as something that daily that saves a few clicks:
"Running a program with ctrl + shift + enter from start menu will start it as administrator
(alt + y will select YES to run as admin) ... my user account is local admin [so] I don't feel like that is unsafe"

Building on our PowerShell resources, we received the following suggestion from halbaradkenafin:
aka.ms/pskoans is "a way to learn PowerShell using PowerShell (and Pester). It's really cool and a bunch of folks have high praise for it (including a few teams within MSFT)."

Keyboard shortcut: 
If you already have an application open, hold ctrl + shift and middle click on the application in your task bar to open another instance as admin.
Thanks go to Polymira for this one.

Remote server advice: "When testing out network configuration changes, prior to restarting the networking service or rebooting, always create a cron job that will restore your original network configuration and then reboot/restart networking on the machine after 5 minutes. If your config worked, you have enough time to remove it. If it didn't, it will fix itself.
This is a beautifully simple solution that I learned from my old mentor at my very first job. I've held on to it for a long time."

Thanks go to FrigidNox for the tip!

MiataCory shares a shortcut that is "Something I use with RSAT all the time, but can be handy in other cases:
Shift + Right-click something to 'run as a different user'"
DevTechSolutions adds "To expand on this a bit, I use this trick to run Server Manager as my admin account, then run any RSAT tools from Server Manager and they are automatically run as the admin account. No need to run each tool as another user."

Credit for this helpful hint goes to AcceptEULA:
"I have live.sysinternals.com\tools burnt into my brain. Blows a lot of folks minds when they realize you can access all that through File Explorer and you can map a drive to it."

"I'd add aka.ms/pskoans to the list of PS resources. It's a way to learn PowerShell using PowerShell (and Pester). It's really cool and a bunch of folks have high praise for it (including a few teams within MSFT)."
This is compliments of halbaradkenafin.

Use Win + shift + s instead of snipping tool. Thanks go to Nick_Lange_ for this one.

TheTajmaha suggested PSR.exe (https://blogs.msdn.microsoft.com/patricka/2010/01/04/using-the-secret-wi...) as a Built-in screenshot tool for Windows that is similar to Sharex. "You can almost rewrite all your windows documentation with PSR and it comes with windows. It screenshots the steps and writes it out for you!"

Next time it seems a machine is possessed by demons, take a look around to see if there's a magnet nearby. Magnetic fields can trigger weird behavior in laptops, like the screen suddenly going black or keyboard not functioning. As juskom95 explains, "Modern laptop screens have a magnetic sensor on the bezel to detect if the laptop lid is open or closed as opposed to the mechanical switch older models had. This wasn't noticed prior because laptops were thicker, now with the thinner laptops, the magnetic sensor of one laptop can trigger the laptop above [when they are stacked]. This is also the case for magnetic bracelets like those found on the smart watches and fitness devices."

 
 

 

Podcasts

Sysadmin Today. EveryCloud was featured on this podcast and it is hosted by a (now) partner of ours, but it's mostly about his experiences as a Sysadmin.

DevOpsCafe. The new Season is now live from this impressive podcast by John Willis & Damon Edwards, which includes interviews and stories from the world of DevOps & System Administration. 

The Admin Admin Podcast. A British IT Admin Podcast I stumbled across "for people who work in the Real world of IT. If you are a sysadmin or want to learn more about servers this podcast is for you."

Iron Sysadmin Podcast. This podcast features expert sysadmins covering all manner of topics of interest in their field. Since 2016, Iron Sysadmin has been covering the latest industry news, ideas, strategies, and chat—always with a focus on the practical needs of real-world sysadmins.

Darknet Diaries podcast relates the fascinating, true stories of hackers, defenders, threats, malware, botnets, breaches, and privacy. The show's producer, Jack Rhysider, is a security-world veteran who gained experience fighting such exploits at a Security Operations Center. Thanks to  unarj for suggesting this one.

StormCast is a daily 5-10 minute podcast from the Internet Storm Center covering the latest information security threat updates. New podcasts are released late in the day, so they're waiting for you to listen on your morning commute. While the format is compact, the information is very high-level and provides a real overview of the current state of affairs in the info-sec world.

Microsoft Cloud IT Pro podcast is hosted by Scott and Ben, two IT Pros with expertise in SharePoint, Office 365 and Azure. The podcast focuses primarily on Office 365 with some discussion on Azure, especially as it relates to Office 365 in areas such as Azure AD and Mobile Device Management (MDM) or Mobile Application Management (MAM).

Datanauts podcast keeps you up to date on developments in data center and infrastructure related to cloud, storage, virtualization, containers, networking, and convergence. Discussions focus on data center compute, storage, networking and automation to explore the newest technologies, including hyperconvergence and cloud.

Cloud Architects is a podcast on best practices, the latest news, and cutting-edge Microsoft cloud technologies. Nicolas Blank, Warren du Toit and Chris Goosen host discussions with various experts in the cloud space to gather helpful guidance and ideas.

Risky Business is a weekly podcast that covers both the latest news and thoughtful, in-depth discussions with the top minds in the security industry. Hosted by award-winning journalist Patrick Gray, it is a terrific way to stay up to date on information security.

The rollBak is a podcast on systems engineering, DevOps, networking, and automation—along with the odd discussion on software development or information security. Conversation is casual with the intention of making complex topics approachable in a way that fosters learning.

Podnutz Tech Podcast Network offers assorted podcasts targeted toward end users of all different kinds of tech. Topics range from Windows residential and business support to computer repair to Linux (for regular people) to Android games. Because the hosts are also end users, conversation is always appropriately focused and interesting. Thanks to speel for the recommendation!

Smashing Security is a podcast featuring computer security industry veterans Graham Cluley and Carole Theriault. The hosts discuss cybercrime, hacking, and online privacy with assorted expert guests in an informative and entertaining style. Winner: "Best Security Podcast 2018."

Jupiter Broadcasting is a podcast network built on the initial success of "The Linux Action Show!" The network is currently home to a number of informed and entertaining shows on Linux, Open Source, Security, Privacy, Community, Development, News and Politics. Our thanks to speel for directing us to this one.

Security Now is a podcast where hosts Steve Gibson and Leo Laporte discuss hot topics in security. Gibson is about as expert in security as one can get—he's the man who literally invented the term spyware and he created the first anti-spyware program. Laporte is founder and owner of the TWiT Netcast Network and has a long history in tech and media. Records live every Tuesday.

RunAs Radio is a weekly podcast for the sysadmin who works with Microsoft products. A new 30-minute episode comes out every Wednesday, covering a specific topic in the field of IT from a Microsoft-centric viewpoint. Join host Richard Campbell in his informative discussions with a different guest expert each week. Thanks to johnjohnjohn87 for pointing us to this one.

Defrag Tools is a show in which MS experts explain how to make the best use of the tools from SysInternals. Each episode focuses on a specific tool in depth to cover features, appropriate uses, and how to get the most from it. New episodes appear each week. Our appreciation for this one goes to Phil4real.

The Case of the Unexplained is a webcast of Mark Russinovich's #1-rated TechEd sessions showing how to troubleshoot the toughest Windows and application problems using Sysinternals and other advanced tools. Each episode covers different techniques for troubleshooting using real-world examples. Appreciation to bagaudin for the recommendation.

Daily Tech News is Tom Merrit's show covering the latest tech issues with some of the top experts in the field. With the focus on daily tech news and analysis, it's a great way to stay current. Thanks to EmoPolarbear for drawing it to our attention.

This Week in Enterprise Tech is a podcast that features IT experts explaining the complicated details of cutting-edge enterprise technology. Join host Lou Maresca on this informative exploration of enterprise solutions, with new episodes recorded every Friday afternoon. 

Security Weekly is a podcast where a "bunch of security nerds" get together and talk shop. Topics are greatly varied, and the atmosphere is relaxed and conversational. The show typically tops out at 2 hours, which is perfect for those with a long commute. If you’re fascinated by discussion of deep technical and security-related topics, this may be a nice addition to your podcast repertoire.

Grumpy Old Geeks—What Went Wrong on the Internet and Who's To Blame is a podcast about the internet, technology and geek culture—among other things. The hosts bring their grumpy brand of humor to the "state of the world as they see it" in these roughly hour-long weekly episodes. Recommended by mkaxsnyder, who enjoys it because, "They are a good team that talk about recent and relevant topics from an IT perspective."

The Social-Engineer Podcast is a monthly discussion among the hosts—a group of security experts from SEORG—and a diverse assortment of guests. Topics focus around human behavior and how it affects information security, with new episodes released on the second Monday of every month. Thanks to MrAshRhodes for the suggestion.

The CyberWire podcasts discuss what's happening in cyberspace, providing news and commentary from industry experts. This cyber security-focused news service delivers concise, accessible, and relevant content without the gossip, sensationalism, and the marketing buzz that often distract from the stories that really matter. Appreciation to supermicromainboard for the suggestion.

Malicious Life is a podcast that tells the fascinating—and often unknown—stories of the wildest hacks you can ever imagine. Host Ran Levi, a cybersecurity expert and author, talks with the people who were actually involved to reveal the history of each event in depth. Our appreciation goes to peraphon for the recommendation.

The Broadcast Storm is a podcast for Cisco networking professionals. BluePieceOfPaper suggests it "for people studying for their CCNA/NP. Kevin Wallace is a CCIE Collaboration so he knows his *ishk. Good format for learning too. Most podcasts are about 8-15 mins long and its 'usually' an exam topic. It will be something like "HSPR" but instead of just explaining it super boring like Ben Stein reading a powerpoint, he usually goes into a story about how (insert time in his career) HSPR would have been super useful..."

Software Engineering Radio is a podcast for developers who are looking for an educational resource with original content that isn't recycled from other venues. Consists of conversations on relevant topics with experts from the software engineering world, with new episodes released three to four times per month. a9JDvXLWHumjaC tells us this is "a solid podcast for devs."

 

Tutorials

50 UNIX / Linux Sysadmin Tutorials. Enjoy! 

TechNet for Microsoft. The TechNet Library contains technical documentation for IT professionals using Microsoft products, tools, and technologies. ​

OmniSecu.com. Free Networking Tutorials, Free System Administration Tutorials and Free Security Tutorials. So much here.

Techgenix. Azure, Powershell, Active Directory Tutorials and more. Tons to learn.

SysAdmin Tutorials. Organised neatly into subjects from Microsoft to Cisco, you'll find easy to follow videos for SysAdmins and IT Pros generally.

John Lambert's Office Lures Presentation. "Has some high-quality training material for common phish attacks that are a more subtle than the usual Nigerian prince. John is a security researcher at Microsoft and is a solid twitter follow as well if you like seeing emergent threats and nature hikes simultaneously." Thank you for the tip ReallyLongUserName01.

Get Started in PowerShell3 is a great jump start video series on starting out in PowerShell. According to sysadmin FireLucid, "It's a great broad overview of how it works and I found it extremely useful to have watched before starting on the book."

Sysinternals Video Library is a series of six videos on Windows troubleshooting topics. Recently, presenters Mark Russinovich (cofounder of Winternals and Sysinternals) and David Solomon (Windows internals expert and trainer) kindly agreed to make the videos available for free—and much of the information, while dated, is still useful. Shared by andyinv who says they're "13 years out of date now, but the basics still apply." ZAFJB adds that the "videos are still relevant. These tools are virtually unchanged since then... [because] they were properly written and damn good from the outset." 

Tutorialspoint Library. This large collection of tech tutorials is a great resource for online learning. You'll find nearly 150 high-quality tutorials covering a wide array of languages and topics—from fundamentals to cutting-edge technologies. For example, this Powershell tutorial is designed for those with practical experience handling Windows-based Servers who want to learn how to install and use Windows Server 2012.

The Python Tutorial is a nice introduction to many of Python’s best features, enabling you to read and write Python modules and programs. It offers an understanding of the language's style and prepares you to learn more about the various Python library modules described in 'The Python Standard Library.' Kindly suggested by sharjeelsayed.

 

Thoughts

 

ASAP is Poison. When everything is urgent, nothing is. Don't get a reputation as the ASAP gal / guy, or nobody will take you seriously when you really need them. Paraphrased from a great book on building a business. REWORK from the Founders of Basecamp
 

Travel Jackets

BAUBAX 2.0. This one was found by my business partner Matt Baker. If you have to travel a lot with your role, you'll love this. 

SCOTTeVEST. The last travel Jacket I included had the most clicks to date... Not sure what that say's about you guys... Secretly wanting to travel the world on a motorbike? Anyway, staven11 threw this one in the ring. 
 

IT Admin Knives

Maker Knife. This one came from our own team. It's very cool and now you'll look forward to cutting those cables! 
 

Websites

MS Exchange Guru. This is actually run by a friend of ours (you’ll note the MailFlow Monitor banner) who has helped us with a number of challenging exchange issues. It's amazing for all things exchange and email. 

LandScape by Alen Kremlj. This great overview lists the various vendors in each space.

explainshell.com. A website that explains shell commands. If you are unfamiliar with certain commands or switches this will give you a breakdown of that specific command.

Spiceworks.com. It's a bit of everything for IT. IT Pro forum, product reviews, free software and tutorials. Check it out, we've been using it for years.

KrebsOnSecurity. I've had the pleasure of talking with Brian but even prior to this I was a fan of his honest, clear and informative site. It's a source I trust for all things security. 

GFI TechTalk is an online community for IT pros. Experts weigh in on the latest technologies and ideas in system administration. Features news, insights, and tools.

Awesome Sysadmin. "A curated list of amazingly awesome open source sysadmin resources." Thank you ReallyLongUserName01 for the suggestion. There is so much good stuff in here.

Experts Exchange. We've found this useful over the years to learn more about a particular topic, but also to dig deeper and get answers to tricker technical challenges.

400+ Free Resources for Sysadmins. Thanks DZone and Morpheus Data for this list of free resources for DevOps engineers and System Admins, or really anyone wanting to build something useful out of the internet.

Servers For Hackers. Teaching the server tech you need for development and production. Eliminating the frustration of server configuration. Start here.

4sysops is an online community for IT professionals. "In our weblog, experienced IT pros cover the latest technologies in system administration, cloud computing and DevOps. On our news page, you'll find updates about new developments in IT, in the wiki users can share their IT know-how, and in the forum, members can ask IT administration questions or discuss the latest hot IT topics. The most active members are rewarded with a monthly bonus."

Reddit SysAdmin Multi: /r/netsec /r/networking /r/pwned /r/linuxadmin all in one! I've just worked out you can string multiple subreddits together, so I thought I'd share.

/r/PowerShell. tattsumi pointed out this lesser known subreddit for Powershell. Check out this 'Sneaky PowerShell Trick' to run completely without a window. 

Wahl Network is a weekly technical blog with a focus on data-center technologies, business challenges, and new products and solutions. The site was founded by Chris Wahl in 2010, with a goal of providing technical solutions for SysAdmins.

Ask Woody is a no-nonsense news, tips, and help site for Windows, Office, and more. You can post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through their forums. Recommended to us by deeperdownunder.

Learn X in Y minutes is a community-driven site that provides quick syntax for many popular programming languages. Here are direct links for some common ones, kindly provided by ssebs:

WintelGuy offers a handy collection of useful links, calculators, resources, and tools for the sysadmin. Thanks LateralLimey for the recommendation!

How-To Geek is a website dedicated to explaining today's technology. Content is written to be useful for all audiences—from regular people to geeky technophiles—and the focus is to put the latest news and tech into context. 

EventSentry is a comprehensive, well-organized resource for Windows security events and auditing on the web. It allows you to see how events correlate using insertion strings and review the associated audit instructions. This was recommended by _deftoner_ as an “online DB where you can search for Windows Event Log by id, os, error code, etc. I do a lot of auditing on a big network thru event log ids, and sometimes I found rare errors—and there is not a good db with all of them. Not even Microsoft has one.”

NixCraft is an online community of new and experienced Linux and Unix sysadmins. Content includes research and discussion on various open-source software, including enterprise Linux distributions, traditional Unix operating systems like OpenBSD/AIX/HP-UX, cloud computing, building scalable and high availability infrastructure, networking/DNS/Web/Proxy/office servers, security and firewalls, automation and infrastructure deployment, Desktop Linux, Apple OS X Unix operating systems, best practices and easy-to-follow tutorials.

The Deployment Bunny offers a wealth of Information and resources on OS deployment, virtualization and Microsoft-based infrastructure. The website is the brainchild of deployment expert Mikael Nystrom, a Microsoft MVP and Senior Executive Consultant at TrueSec. Mikael has worked with all kinds of infrastructure tasks, in all kinds of environments, from enterprise to small business and is often selected by Microsoft for partner trainings or to speak at major conferences. His current area of interest is in building Private Cloud solutions based on Hyper-V, System Center and Windows Azure pack as well as building deployment solutions for client and Server OS.

Slipstick Systems Outlook and Exchange Solutions Center is the website of Diane Poremsky, an Outlook MVP and author of several books on the topic. The site offers help for Outlook users and Exchange Administrators. Resources include hints, utilities, apps, tutorials, updates and a forum.

PoshGUI is a very simple GUI designer for Powershell that provides a way to develop GUIs quickly without a paid application or manual coding. Suggested by quarky_uk and IT_2784628364, who says, "That site changed my life."

Deployment Research is the website of Johan Arwidmark, MS MVP in System Center Cloud and Datacenter Management. It is dedicated to sharing information and guidance around System Center, OS deployment, migration and more. The author shares tips and tricks to help improve the quality of IT Pros’ daily work.

Next of Windows is a website on (mostly) Microsoft-related technology. It's the place where Kent Chen—a computer veteran with many years of field experience—and Jonathan Hu—a web/mobile app developer and self-described "cool geek"—share what they know, what they learn and what they find in the hope of helping others learn and benefit.

High Scalability brings together all the relevant information about building scalable websites in one place. Because building a website with confidence requires a body of knowledge that can be slow to develop, the site focuses on moving visitors along the learning curve at a faster pace.

Information Technology Research Library is a great resource for IT-related research, white papers, reports, case studies, magazines, and eBooks. This library is provided at no charge by TradePub. GullibleDetective tells us it offers "free PDF files from a WIIIIIIDE variety of topics, not even just IT. Only caveat: as its a vendor-supported publishing company, you will have to give them a bit of information such as name, email address and possibly a company name. You undoubtedly have the ability to create fake information on this, mind you. The articles range from Excel templates, learning python, powershell, nosql etc. to converged architecture."

SS64 is a web-based reference guide for syntax and examples of the most-common database and OS computing commands. Recommended by Petti-The-Yeti, who adds, "I use this site all the time to look up commands and find examples while I'm building CMD and PS1 scripts."

Phishing and Malware Reporting. This website helps you put a stop to scams by getting fraudulent pages blocked. Easily report phishing webpages so they can be added to blacklists in as little as 15 minutes of your report. "Player024 tells us, "I highly recommend anyone in the industry to bookmark this page...With an average of about 10 minutes of work, I'm usually able to take down the phishing pages we receive thanks to the links posted on that website."

Mike's PBX Cookbook contains technical details and how-to guides for Nortel, Avaya & VoIP installers, technicians and administrators—a technical programming resource for M1/CS1K/PBX technicians. FancyGoldenPants describes it as, "Everything you could possible want to know about Nortel/Avaya PBXs, right from my good friend Mike."

 

Books

The Practice of Cloud System Administration: DevOps and SRE Practices for Web Services, Volume 2 is a comprehensive guide to cloud computing. Using examples from Google, Etsy, Twitter, Facebook, Netflix, Amazon, and others, concepts are explained such that practical applications become clear. Major topics include designing modern web and distributed systems, using the latest DevOps/SRE strategies, and evaluating your team’s operational effectiveness.

The Innovators: How a Group of Hackers, Geniuses, and Geeks Created the Digital Revolution. A great read to geek out on, packed with tons of stories about how our modern IT world has come about, including how the first programming language was written by a woman during the 19th century.

Taming Information Technology: Lessons from Studies of System Administrators. "It is essentially an ethnographic study of system administrators. The authors videotaped and otherwise documented SA's over a period of time and were able to break down a number of fascinating incidents and how to improve the art. I'm disappointed this hasn't been recommended reading for all SA's and maybe more importantly, their bosses, who too often don't really know what SA's do." Thank you very much for point this out AngryMountainBiker.

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage. As one review says: "A great read. If you're a Unix sysadmin, like me, you will recognize and empathize with a lot of the concepts. If you've been doing sysadmin work for more than a decade, like myself, then you'll remember the old technologies as described in this book - the modems, the bulletin boards, the days before "ssh" ... If you're a new-school sysadmin, then you will be surprised to see a lot of things haven't changed in the world of Unix: telnet is still around, the "root" account is still around. The foundations of Unix were laid in the early 1970s. The events of this book took place in the 1980s. And many of the command line tools are still in use today."

Time Management for System Administrators: Stop Working Late and Start Working Smart. I'm a big fan of time management or more specifically using the time we have to be as effective (not just efficient) as possible. This book had been recommended to the team as it tackles this subject specifically for SysAdmins. 

The Practice of System and Network Administration: Volume 1: DevOps and other Best Practices for Enterprise IT (3rd Edition). As a recent review puts it "This book is a crucial library item for any System or Network Administrator regardless of how many years you have under your belt. I picked up the second edition when I first became a sysadmin and it helped me a lot throughout my career. I was very excited when it was announced that this third edition was coming as the second edition has not aged well. The third edition is the perfect, much needed update to the second edition. This new version is definitely now up-to-date and should hopefully give us another decade of service. I definitely recommend this book for the sysadmin in your life or in your office. I always recommend it to my colleagues as it contains valuable information for your career. In fact, buy a few copies because if you loan this book out, I doubt you'll get it back!"

Ghost in the Wires. This is the intriguing true story of Kevin Mitnick, who was the most-elusive computer hacker in history. He broke into networks at the world's biggest companies, all the while being pursued by the Feds. The complex cat-and-mouse game that ensued ultimately inspired permanent changes in the way companies protect their sensitive data.

Essential System Administration is a practical, comprehensive guide for the Unix sysadmin, covering all the fundamentals required to run AIX, FreeBSD, HP-UX, Linux, Solaris, Tru64, and more. Organized to fit the system administrator's job, it discusses higher-level concepts and the procedural details to carry them out. This updated version covers: DHCP, USB devices, the latest automation tools, SNMP and network management, LDAP, PAM, and recent security tools and techniques.

The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win tells the story of an IT manager's efforts to save his company's dysfunctional IT dept. The company's new IT initiative, code named Phoenix Project, is behind schedule and hugely over budget. Bill is given 90 days to resolve the entire mess—or have his entire department outsourced. An entertaining read, with elements that seem familiar to most system admins. Comes highly recommended by sp00n_b3nd3r.

UNIX® and Linux® System Administration Handbook, 5th Edition, is a comprehensive guide written by world-class, hands-on experts. It covers best practices for every area of system administration—including storage management, network design and administration, security, web hosting, automation, configuration management, performance analysis, virtualization, DNS, security, and management of IT service organizations. You'll learn all about installing, configuring, and maintaining any UNIX or Linux system, even those that supply core Internet and cloud infrastructure. A great resource for anyone responsible for running systems built on UNIX or Linux.

Taming Information Technology: Lessons from Studies of System Administrators (Human Technology Interaction Series) was suggested by AngryMountainBiker, who describes it as "essentially an ethnographic study of system administrators. The authors videotaped and otherwise documented SA's over a period of time and were able to break down a number of fascinating incidents and how to improve the art. I'm disappointed this hasn't been recommended reading for all SA's and maybe more importantly, their bosses, who too often don't really know what SA's do."

Learn Active Directory Management in a Month of Lunches is a practical, hands-on guide for those who are new to Active Directory. It covers the administration tasks that keep a network running smoothly and how to administer AD both from the GUI tools built into Windows and from PowerShell at the command line. Provides best practices for managing user access, setting group policies, automating backups, and more. All examples are based in Windows Server 2012.

Deep Work: Rules for Focused Success in a Distracted World teaches the reader to foster the ability to focus without distraction on cognitively demanding tasks. Author and professor Cal Newport celebrates the power of such focus by demonstrating how a deep work ethic will produce massive benefits in virtually any profession. He then shares a series of four rules to adapt your thinking and habits to foster the deep work state. Suggested by wheres_my_toast, who sees it as "a nice little exploration of the psychology behind distraction free work [that] outlines some nice methods for building "deep work" sessions into your routine."

PowerShell in Depth, 2nd Edition is an invaluable reference guide for any Windows admin who already knows the basics of PowerShell. Written by PowerShell MVPs Don Jones, Jeffrey Hicks, and Richard Siddaway, the book covers in detail every major technique, technology, and tactic an admin would need to be able to work in PowerShell. Each technique has been developed and thoroughly tested, so you will be learning how to write production-quality, maintainable scripts—efficiently and easily. For PowerShell version 3 and later.

Pro SQL Server Internals, 2nd ed. is for developers and database admins who want to design, develop and maintain systems that best leverage SQL Server. The book fosters an understanding of how to get to the root causes of problems rather than slapping quick-fixes on the resulting symptoms. Explains how different components work in depth, how they communicate with each other and how different design and implementation decisions affect system performance. Recommended by become_taintless for learning "how SQL Server works on a deeply technical level."

System Center 2012 Configuration Manager is a comprehensive technical guide designed to help you optimize Microsoft's Configuration Manager 2012 according to your requirements and then to deploy and use it successfully. This methodical, step-by-step reference covers: the intentions behind the product and its role in the broader System Center product suite; planning, design, and implementation; and details on each of the most-important feature sets. Learn how to leverage the user-centric capabilities to provide anytime/anywhere services & software, while strengthening control and improving compliance. 

Network Warrior: Everything You Need to Know That Wasn’t on the CCNA Exam is a practical guide to network infrastructure. Provides an in-depth view of routers and routing, switching (with Cisco Catalyst and Nexus switches as examples), SOHO VoIP and SOHO wireless access point design and configuration, introduction to IPv6 with configuration examples, telecom technologies in the data-networking world (including T1, DS3, frame relay, and MPLS), security, firewall theory and configuration, ACL and authentication, Quality of Service (QoS), with an emphasis on low-latency queuing (LLQ), IP address allocation, Network Time Protocol (NTP) and device failures.

Beginning the Linux Command Line is your ally in mastering Linux from the keyboard. It is intended for system administrators, software developers, and enthusiastic users who want a guide that will be useful for most distributions—i.e., all items have been checked against Ubuntu, Red Hat and SUSE. Addresses administering users and security and deploying firewalls. Updated to the latest versions of Linux to cover files and directories, including the Btrfs file system and its management and systemd boot procedure and firewall management with firewalld.

Modern Operating Systems, 4th Ed. is written for students taking intro courses on Operating Systems and for those who want an OS reference guide for work. The author, an OS researcher, includes both the latest materials on relevant operating systems as well as current research. The previous edition of Modern Operating Systems received the 2010 McGuffey Longevity Award that recognizes textbooks for excellence over time.

Time Management for System Administrators is a guide for organizing your approach to this challenging role in a way that improves your results. Bestselling author Thomas Limoncelli offers a collection of tips and techniques for navigating the competing goals and concurrent responsibilities that go along with working on large projects while also taking care of individual user's needs. The book focuses on strategies to help with daily tasks that will also allow you to handle the critical situations that inevitably require your attention. You'll learn how to manage interruptions, eliminate time wasters, keep an effective calendar, develop routines and prioritize, stay focused on the task at hand and document/automate to speed processes.

The Practice of System and Network Administration, 2nd Edition introduces beginners to advanced frameworks while serving as a guide to best practices in system administration that is helpful for even the most advanced experts. Organized into four major sections that build from the foundational elements of system administration through improved techniques for upgrades and change management to exploring assorted management topics. Covers the basics and then moves onto the advanced things that can be built on top of those basics to wield real power and execute difficult projects.

Learn Windows PowerShell in a Month of Lunches, Third Edition is designed to teach you PowerShell in a month's worth of 1-hour lessons. This updated edition covers PowerShell features that run on Windows 7, Windows Server 2008 R2 and later, PowerShell v3 and later, and it includes v5 features like PowerShellGet. For PowerShell v3 and up, Windows 7 and Windows Server 2008 R2 and later.

Troubleshooting with the Windows Sysinternals Tools is a guide to the powerful Sysinternals tools for diagnosing and troubleshooting issues. Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis provide a deep understanding of Windows core concepts that aren’t well-documented elsewhere along with details on how to use Sysinternals tools to optimize any Windows system’s reliability, efficiency, performance and security. Includes an explanation of Sysinternals capabilities, details on each major tool, and examples of how the tools can be used to solve real-world cases involving error messages, hangs, sluggishness, malware infections and more. 

DNS and BIND, 5th Ed. explains how to work with the Internet's distributed host information database—which is responsible for translating names into addresses, routing mail to its proper destination, and listing phone numbers according to the ENUM standard. Covers BIND 9.3.2 & 8.4.7, the what/how/why of DNS, name servers, MX records, subdividing domains (parenting), DNSSEC, TSIG, troubleshooting and more. PEPCK tells us this is "generally considered the DNS reference book (aside from the RFCs of course!)"

Windows PowerShell in Action, 3rd Ed. is a comprehensive guide to PowerShell. Written by language designer Bruce Payette and MVP Richard Siddaway, this volume gives a great introduction to Powershell, including everyday use cases and detailed examples for more-advanced topics like performance and module architecture. Covers workflows and classes, writing modules and scripts, desired state configuration and programming APIs/pipelines.This edition has been updated for PowerShell v6.

Zero Trust Networks: Building Secure Systems in Untrusted Networks explains the principles behind zero trust architecture, along with what's needed to implement it. Covers the evolution of perimeter-based defenses and how they evolved into the current broken model, case studies of zero trust in production networks on both the client and server side, example configurations for open-source tools that are useful for building a zero trust network and how to migrate from a perimeter-based network to a zero trust network in production. Kindly recommended by jaginfosec.

Windows Performance Analysis Field Guide is a practical field guide approach to performance monitoring and analysis. Microsoft expert Clint Huffman explains how to identify and remedy problems with disk, memory, processor and network as well as how to leverage perfomance counters and various tools to troubleshoot. Helps you optimize your MS Windows performance and resolve tricky problems in the best way. Kindly suggested by jeffstokes72.

Windows 10 for Enterprise Administrators helps build the knowledge to be able to fully utilize the advanced feature set of Windows 10 Enterprise. This practical guide focuses on areas such as installation and configuration techniques, deployment scenarios and management strategies, account management, remote management of Windows Server and Azure Active Directory and modern Mobile Device Management, system hardening and enterprise-level security.

Mastering Windows Server 2016 is a complete guidebook with comprehensive information and expert guidance on the tools and features that allow you to get Windows Server 2016 up and running quickly and master its latest features. Topics covered include virtualization products, identity and access, automation, networking, security, storage, software-defined infrastructure, and the cloud; new capabilities including containers and Nano Server, Shielded VMs, Failover Clustering, PowerShell, and more. Focuses on real-world usage, with clear explanations and answers.

Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground tells the story of infamous hacker Max Butler, who took over an online criminal credit card ring worth billions. The FBI rushed to find the new Kingpin, but he seemed to somehow anticipate their every move. What they didn't know was that this brilliant hacker was playing both sides, with a white hat identity as celebrity programmer Max Butler and as black-hat mastermind "Ice Man." He used his genius to steal the ill-gotten gains of his fellow hackers while handily eluding the authorities for years. Kingpin delves into the vast online-fraud markets full of credit card numbers, counterfeit checks, hacked bank accounts, dead drops, and fake passports. Provides a detailed look inside the world and mindset of the cybercriminal.

Mastering System Center Configuration Manager is a comprehensive guide offering intermediate and advanced coverage of all aspects of System Center Configuration Manager. Topics include planning and installation, migrating from previous versions of Configuration Manager, deploying software and operating systems, security, monitoring and troubleshooting, and automating and customizing. Includes many real-world examples that illustrate how to use the tool in different contexts.

Fluent Python is a hands-on guide on how to write effective, idiomatic Python 3 code. Because of Python's simplicity, experienced programmers tend to use Python in ways they learned from other languages, neglecting some of Python's best features. Covers Python’s core language features and libraries as well as how to make your code shorter, faster and more readable. Topics include the Python data model, data structures, functions as objects, object-oriented idioms, control flow and metaprogramming.

Beginning the Linux Command Line, 2nd ed., was written for system administrators, software developers, and enthusiastic users who are interested in mastering the command line in Linux. Since many commands have confusing documentation, this guide helps fill the gap with easily understandable explanations that are distribution agnostic. Covers how Linux is organized and how to work with files & directories, administer users & security and deploy firewalld.

 

 

Hardening Guides


CIS Hardening Guides contain the system security benchmarks developed by a global community of cybersecurity experts. Over 140 configuration guidelines are provided to help safeguard systems against threats. Recommended by cyanghost109 "to get a start on looking at hardening your own systems."

 

SysAdmin Blogs

Spamresource.com. One close to our hearts. There is so much useful information in here on spam prevention and deliverability. 

LoneSysAdmin.net. "Hi, I’m Bob Plankers. I am a virtualization architect, system administrator, storage administrator, network administrator, end user, project manager, and developer."

Kevin Marquette's Blog about PowerShell is packed full of value. Kevin also recommends the PowerShell News Podcast, which you can check out here.

10 Things is a blog on assorted technologies, strategies, and techniques of interest to the IT professional. Content is broken down into informative 10-point lists, so it's always a quick, concise read. 

All About Microsoft. Microsoft watcher Mary Jo Foley's blog covers the products, people, and strategies that make Microsoft tick.

The Daily WTF. Founded in 2004 by Alex Papadimoulis, The Daily WTF is your how-not-to guide for developing software. We recount tales of disastrous development, from project management gone spectacularly bad to inexplicable coding choices.

Ned Pyle's blog from Microsoft's Directory Services Team contains a wealth of posts on best practices and solutions to common issues. While no longer actively maintained by Ned Pyle, the library of information already posted is incredibly valuable. Thanks to azers for bringing this to our attention.

Happy SysAdm has been providing resources, solutions and tips for system administrators since 2010. The blog is written by a Senior Systems Administrator with close to 15 years experience in designing, scripting, monitoring and performance-tuning Microsoft environments going all the way back to Windows 3.1/95/NT4.

Stephanos Constantinou's Blog shares the author's original scripts for PowerShell, Microsoft Active Directory, Microsoft Exchange On-Premise and Online (Office 365) and Microsoft Azure. His current focus is on retrieving data from systems, editing it and automating procedures. You'll also find a section with some PowerShell tutorials.

Microsoft Deployment Toolkit Blog is written by Charles Parker, a Microsoft certified Deployment Specialist who has been working in systems deployment since 2005. The blog documents what the author has learned over time in the hope of making systems deployment projects easier for sysadmins and their end users. Topics covered are of interest for a breadth of different experience levels—from those new to deploying Windows with MDT or for intermediate MDT users.

Technology—The Missing Manual was recommended by ibay770 as another great resource for Windows software. The colleciton is divided into sections: video/music, Office, basics, browsers, antivirus/firewall, wifi stuff, mobile, miscellaneous and more. Includes links to lots of awesome tools and other software for Windows.

Vinfrastructure is Andrea Mauro's blog on virtualization, cloud and storage. The author shares his knowledge as a virtualization expert and architect, system administrator on Linux and Windows OS, network and storage specialist, and teacher (both for industry and university). It was voted among the top virtualization blogs in 2017.

TechBunny: Random Thoughts About Tech is a blog by Jennelle Crothers, who spent 15 years as a SysAdmin overseeing Windows domains, Exchange Server, desktops and other IT systems. As a Microsoft Technology Evangelist for IT Professionals, she writes about the latest news and hints for getting the most out of Microsoft technologies.

The Practical Sysadmin is where Josh Reichardt shares the interesting tidbits he discovers while designing and building simple, scalable systems. The blog covers a broad range of tech topics, with some recent areas of interest being building Docker, Rancher, Kubernetes and other distributed systems, as well as automating infrastructure with code.

Adam the Automator is the blog of Adam Bertram—founder of the tech startup TechSnips, Microsoft Powershell MVP, Pluralsight and Udemy training course author, and technology writer for both print and online tech publications. Posts are focused on automation via software, DevOps and scripting.

NT Weekly is a technology blog focused on Microsoft Azure Infrastructure. Posts go back to 2006, and there are over 1100 to date on topics related to Windows Server, Exchange, Office 365, Azure AD and Intune. All the approaches featured were tested and used in production and test environments. Recommended by ShyAwayFromLight, as a good resource.

KC's Blog is the place where Microsoft MVP and web developer Kent Chen shares his IT insights and discoveries. The rather large library of posts offer helpful hints, how-tos, resources and news of interest to those in the Windows world.

The Windows Server Daily is the ever-current blog of technologist Katherine Moss, VP of open source & community engagement for StormlightTech. Offers brief daily posts on topics related to Windows server, Windows 10 and Administration.

Spam Resource is the blog of Al Iverson, an expert on email deliverability and marketing. Topics include email, anti-spam, policy compliance and email marketing best practices. The large library of posts goes all the way back to 2001. 

 

IT Pro Comedy

The Expert. This one made me laugh, having been on both sides of the table. Ever been in a meeting like this? 

Shit Sales People Say is a humorous Twitter account lamenting the difficulties sales people tend to create for those who have to implement. A bit of fun to break up the day of any sysadmin who's stuck trying to deliver on all those promises. A shout out to kenelbow for the suggestion!

A joke, compliments of SonOfDadOfSam:

A programmer is going to the store.
His wife says, "Get a loaf of bread—and if they have eggs, get a dozen."
The guy comes back with 12 loaves of bread.
His wife says, "Why did you buy so much bread?"
He says, "They had eggs."

Thanks to CoilDomain, figfigworkwork and wagodago for these clever jokes that most people will never understand:

I'd tell you a joke about UDP, but you probably wouldn't get it.

A TCP packet walks into a bar and says, "I'd like a beer."
The bartender replies, "You want a beer?"
The TCP packet replies, "Yes, I'd like a beer."

An SQL statement walks into a bar and sees two tables.
It approaches and asks, "May I join you?"

Day in the Life of a SysAdmin Episode 5: Lunch Break is an amusing look at a SysAdmin's attempt to take a brief lunch break. We imagine many of you can relate!

In this video response, a clever engineer actually does all the insane things the client requested in "The Expert." Fun and inspiring!

There are 10 kinds of people in this world...

  • Those who understand binary 
  • And those who don’t.

During a recent password audit, it was found that someone was using the following password: MickeyMinniePlutoHueyLouieDeweyDonaldGoofySacramento

When asked why the password was so long, they replied, "I was told it had to be at least 8 characters long and include at least one capital."

 

 

Phishing Quiz

Jigsaw Google Phishing Quiz is a quick way to answer the question, "Can you recognize when you're being phished?" This 8-question quiz presents realistic examples that help you assess just how good your internal "phish detector" is at identifying warning signs in assorted scenarios. It's a nice assessment tool as well as providing a bit of training on whatever you might miss, since the quiz also reviews the tell-tale signs present in each scenario.

 

Good Twitter Follows

SwiftPOnSecurity. "I talk systems security, author https://DecentSecurity.com  + http://GotPhish.com, write Scifi, sysadmin, & use Oxford commas. Kinda prefer they/them."
 

Slack Channels

PowerShell Slack. "We have had a Virtual User Group on FreeNode IRC since before PowerShell was generally available, and we added a PowerShell Slack chapter years ago. Join the thousands of members getting real-time assistance!"

Windows Admin Slack is a great drive-by resource for the Windows sysadmin. This team has 33 public channels in total that cover different areas of helpful content on Windows administration.

 

Local Hosting

Awesome Selfhosted is a large list of free software network services and web applications that can be hosted locally—with an eye toward self hosting (locally hosting and managing applications instead of renting from SaaS providers). Example list categories include:

  • Analytics
  • Archiving and Digital Preservation (DP)
  • Automation
  • Blogging Platforms

...and that just the tip of the iceberg!

 

Training Resources

This security training slideshow was created for use during a quarterly infosec class. The content is offered generously by shalafi71, who adds, "Take this as a skeleton and flesh it out on your own. Take an hour or two and research the things I talk about. Tailor this to your own environment and users. Make it relevant to your people. Include corporate stories, include your audience, exclude yourself. This ain't about how smart you are at infosec, and I can't stress this enough, talk about how people can defend themselves. Give them things to look for and action they can take. No one gives a shit about your firewall rules."

 

Everything

The Book of Secret Knowledge is an extensive collection of helpful lists, manuals, blogs, hacks, one-liners, cli/web tools and more that can be useful in the daily life of a SysAdmin. For example:

  • Can I use provides up-to-date browser support tables for support of front-end web technologies.
  • ShellCheck finds bugs in your shell scripts.
  • Shell & Utilities describes the commands and utilities offered to application programs by POSIX-conformant

It is intended for everyone and anyone—especially for System and Network Administrators, DevOps, Pentesters or Security Researchers. Thanks to wheybee99 for sharing this one!

 

If you found this list helpful, then please share it. It helps us make IT Pro Tuesday better and better.

(Share by Email | Twitter | Facebook | Linkedin)

(Report Outdated Items)