OpenSSL

Intro

One of the most popular commands in SSL to create, convert, manage the SSL Certificates is OpenSSL. There are many cases nowadays where OpenSSL have to be used in various ways. Below are the most common commnads used for managing Certficates, ciphers, encryption, et all. OpenSSL includes tonnes of features covering a broad range of use cases, and it’s difficult to remember its syntax for all of them and quite easy to get lost. Helppages are not so helpful here, so often we just Google “openssl how to [use case here]” or look for openssl cheatsheet to recall the usage of a command and see examples.
For indept review and usercases of OpenSSL see http://fvck.in/ssl-basics/

Some of the abbreviations related to certificates.

SSL – Secure Socket Layer
CSR – Certificate Signing Request
TLS – Transport Layer Security
PEM – Privacy Enhanced Mail
DER – Distinguished Encoding Rules
SHA – Secure Hash Algorithm
PKCS – Public-Key Cryptography Standards

Create new Private Key and Certificate Signing Request

openssl req -out domain.csr -newkey rsa:2048 -nodes -keyout domain.key

Above command will generate CSR and 2048-bit RSA key file. If you intend to use this certificate in Apache or Nginx, then you need to send this CSR file to certificate issuer authority, and they will give you signed certificate mostly in der or pem format which you need to configure in Apache or Nginx web server.

Create a Self-Signed Certificate (default is 30 days)

openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout domain_selfsigned.key -out domain_cert.pem

Above command will generate a self-signed certificate and key file with 2048-bit RSA. I have also included sha256 as it’s considered most secure at the moment.

Create a Self-Signed Certificate (custom, 2 years)

Tip: by default, it will generate self-signed certificate valid for only one month so you may consider defining –days parameter to extend the validity.

openssl req -x509 -sha256 -nodes -days 750 -newkey rsa:2048 -keyout  domain_selfsigned.key  -out domain_cert.pem

Verify CSR file

openssl req -noout -text -in domain.csr

Verification is essential to ensure you are sending CSR to issuer authority with required details.

Create RSA Private Key

openssl genrsa -out private.key 2048

If you just need to generate RSA private key, you can use the above command. I have included 2048 for stronger encryption.

Remove Passphrase from Key

openssl rsa -in certkey.key -out nopassphrase.key

If you are using passphrase in key file and using Apache then every time you start, you have to enter the password. If you are annoyed with entering a password, then you can use above openssl rsa -in domain.key -check to remove the passphrase key from an existing key.

Verify Private Key

openssl rsa -in certkey.key –check

If you doubt on your key file, you can use the above command to check.

Verify Certificate File

openssl x509 -in certfile.pem -text –noout

If you would like to validate certificate data like CN, OU, etc. then you can use an above command which will give you certificate details.

Verify the Certificate Signer Authority

openssl x509 -in certfile.pem -noout -issuer -issuer_hash

Certificate issuer authority signs every certificate and in case you need to check them.

Check Hash Value of A Certificate

openssl x509 -noout -hash -in domain.pem

Convert DER to PEM format

openssl x509 –inform der –in sslcert.der –out sslcert.pem

Usually, certificate authority will give you SSL cert in .der format, and if you need to use them in apache or .pem format then the above command will help you.

Convert PEM to DER format

openssl x509 –outform der –in sslcert.pem –out sslcert.der

In case you need to change .pem format to .der

Convert Certificate and Private Key to PKCS#12 format

openssl pkcs12 –export –out sslcert.pfx –inkey key.pem –in sslcert.pem

If you need to use a cert with the java application or with any other who accept only PKCS#12 format, you can use the above command, which will generate single pfx containing certificate & key file. You can also include chain certificate by passing –chain as below.

openssl pkcs12 –export –out sslcert.pfx –inkey key.pem –in sslcert.pem -chain cacert.pem

Create CSR using an existing private key

openssl req –out certificate.csr –key existing.key –new

If you don’t want to create a new private key instead using an existing one, you can go with the above command.

Check contents of PKCS12 format cert

openssl pkcs12 –info –nodes –in cert.p12

PKCS12 is binary format so you won’t be able to view the content in notepad or another editor. The above command will help you to see the contents of PKCS12 file.

Convert PKCS12 format to PEM certificate

openssl pkcs12 –in cert.p12 –out cert.pem

If you wish to use existing pkcs12 format with Apache or just in pem format, this will be useful.

Test SSL certificate of particular URL

openssl s_client -connect domain.com:443 –showcerts

I use this quite often to validate the SSL certificate of particular URL from the server. This is very handy to validate the protocol, cipher, and cert details.

Find out OpenSSL version

openssl version

If you are responsible for ensuring OpenSSL is secure then probably one of the first things you got to do is to verify the version.

18Check PEM File Certificate Expiration Date

openssl x509 -noout -in certificate.pem -dates

Useful if you are planning to put some monitoring to check the validity. It will show you date in notBefore and notAfter syntax. notAfter is one you will have to verify to confirm if a certificate is expired or still valid.

Example

[root@Chandan opt]# openssl x509 -noout -in bestflare.pem -dates
notBefore=Jul 4 14:02:45 2015 GMT
notAfter=Aug 4 09:46:42 2015 GMT

Check Certificate Expiration Date of SSL URL

openssl s_client -connect domain.com:443 2>/dev/null | openssl x509 -noout –enddate

Another useful if you are planning to monitor SSL cert expiration date remotely or particular URL.

Example:

[root@Chandan opt]# openssl s_client -connect google.com:443 2>/dev/null | openssl x509 -noout -enddate

notAfter=Dec 8 00:00:00 2020 GMT

Check if SSL V2 or V3 is accepted on URL

To check SSL V2

openssl s_client -connect domain.com:443 -ssl2

To Check SSL V3

openssl s_client -connect domain.com:443 –ssl3

To Check TLS 1.0

openssl s_client -connect domain.com:443 –tls1

To Check TLS 1.1

openssl s_client -connect domain.com:443 –tls1_1

To Check TLS 1.2

openssl s_client -connect domain.com:443 –tls1_2

If you are securing web server and need to validate if SSL V2/V3 is enabled or not, you can use the above command. If activated, you will get “CONNECTED” else “handshake failure.” For all risks associated with SSL vulnerabilities please visit http://fvck.in/vulerabilities/

Verify if the particular cipher is accepted on URL

openssl s_client -cipher 'ECDHE-ECDSA-AES256-SHA' -connect domiain.com:443

If you are working on security findings and pen test results show some of the weak ciphers is accepted then to validate, you can use the above command.

Of course, you will have to change the cipher and URL, which you want to test against. If the mentioned cipher is accepted, then you will get “CONNECTED” else “handshake failure.”

SPF

Myths and Legends of SPF

SPF is an abbreviation for Sender Policy Framework (SPF) for Authorizing Use of Domains in Email. Email domains use this protocol to specify which Internet hosts are authorized to use this domain in the SMTP HELO and MAIL FROM commands. You do not have to use any additional software to publish the SPF policy and therefore this procedure is extremely simple: Simply add a TXT record containing the policy to the DNS zone. An example of this type of entry is given at the end of this article. There are numerous manuals and even online constructors for working with SPF.

The first ever version of the SPF standard was approved more than 10 years ago. During this time, numerous implementations and application practices have been developed. In addition, a new version of the standard has been released. But the most surprising is that for some reason SPF, more than any other standard, has grown over 10 years with an incredible amount of myths and misconceptions that wander from article to article and with an enviable regularity pop up in discussions and answers to questions on the forums. At the same time, the protocol itself seems very simple: implementation takes only a couple minutes. Let’s try to recall and analyze the most common misconceptions.

1. Misconception: SPF will protect my domain from spoofing

Fact: SPF does not protect the sender’s address that is visible to the user.

Explanation: SPF does not work with the contents of the message that the user sees, in particular, the sender’s address. SPF authorizes and verifies addresses at the mail transport level (SMTP) between two MTAs (envelope-from, RFC5321.MailFrom aka Return-Path). These addresses are not visible to the user, and they can differ from those in the From header that the user sees (RFC5322.From). Thus, nothing prevents a message with a fake sender in the ‘From’ header from being authorized with SPF.

Use DMARC to protect visible domain name from spoofing.

2. Misconception: After implementation, SPF will improve security and combat spam

Fact: most likely, you will not see any significant changes in terms of security and spam.

Explanation: SPF is originally an altruistic protocol, so it does not provide any advantages to anyone who publishes the SPF policy. Theoretically, if you implemented SPF, this protocol could protect someone else from receiving fake emails from your domain. But in fact, even this assumption is not true, because the results of applying SPF are rarely used directly (we’ll discuss all of this later). Moreover, even if all domains published SPF, and all recipients forbade receiving messages without SPF authorization, such an approach would hardly reduce the amount of spam.

SPF does not protect against spoofing or spam directly, nevertheless, this protocol is actively and successfully used to deploy spam filtering systems, as well as to protect against counterfeit emails, since it allows you to check each message against a specific domain and its reputation.

3. Misconception: SPF negatively (positively) influences email deliverability

Fact: It all depends on the type of message, the way it is delivered and your reputation

Explanation: SPF is not meant to affect email deliverability within a standard flow, and adversely impacts the improper implementation or indirect flows of messages, when users receive such messages from a server that differs from that from which the message was sent, for example, this applies to redirected emails. But spam filtering systems and reputation-based classifiers take into account the availability of SPF and reputation of authorizing domain, and this generally gives a positive result with respect to the standard message flow. Unless, of course, you yourself are a spammer.

4. Misconception: SPF provides authorization of the email sender

Fact: SPF provides authorization of the email server that sends a message on behalf of a domain

Explanation: Firstly, SPF works only at the domain level, and not at the level of individual email addresses. Secondly, even if you are a legitimate email user of a specific domain, SPF does not allow you to send messages from anywhere that you wish. In order for your message to successfully pass SPF validation, you must send it only from an authorized server. Thirdly, if you authorized a server using SPF (for example, you could allow sending emails from your domain via any ESP or hosting provider), and this server does not impose any additional restrictions, then all users of this server are authorized to send messages on behalf of your domain. Please keep this in mind when implementing SPF and providing authentication of email messages in general.

5. Misconception: Email messages not authorized by SPF will be rejected

Fact: In general, SPF authorization or lack thereof does not have a significant impact on the delivery of email messages.

Explanation: SPF is only an authorization standard, and it explicitly indicates that actions to be applied to email messages that were not authorized are outside the scope of the standard and are governed by the recipient’s local policy. If there is a ban on receiving such messages, this leads to problems with messages going through indirect delivery routes, for example, when using redirection or mailing lists, and you should consider this fact in the local policy. In practice, it is not recommended to use a strict ban in case of an SPF authorization failure. Standard allows (but does not require) strict ban only when the domain publishes the -all (hardfail) policy in the absence of other filters. In most cases, SPF authorization is used as one of the factors in the weighted systems. At the same time, this factor will have an insignificant weight, because violation of SPF authorization is usually not a reliable indicator of spam: many spam messages successfully pass SPF authorization, and legal ones often can not do this, and it is unlikely that we will ever witness cardinal changes in this field. If we look at it this way, there is no difference between -all and ~all.

SPF authorization is not so important in terms of message delivery or spam filtering, but it allows for confirmation of the sender’s address and the relationship with the domain, as well as the use of the reputation of the domain instead of the IP reputation for this message.

DMARC policy has a much more significant influence on the decision-making on further actions in relation to handling a message that has not passed authorization. DMARC allows you to reject (or quarantine) all or part of messages that have not been authorized.

6. Misconception: SPF recommends using -all (hardfail), since it is safer than ?all or ~all

Fact: In fact, -all does not affect security in any way, but it negatively affects the delivery of messages.

Explanation: -all results in the blocking of messages that were sent through indirect routes by those few recipients who use SPF directly and block messages. At the same time, this policy will not have a significant impact on most spam and fake messages. At the moment, ~all (softfail) is considered the most appropriate policy and it is used by almost all large domains, even those that impose very strict security requirements (such as paypal.com). -all can be used for domains that are not used for sending legitimate emails. DMARC considers -, ~ and ? as equivalents.

7. Misconception: It is sufficient to configure SPF only for domains that are used to send mail

Fact: It is also necessary to configure SPF for domains that are used in HELO on mail servers. In addition, it is recommended to apply a blocking policy for MX, A records and the wildcard that are not used to send emails.

Explanation: In some cases, in particular, when delivering NDR (a non-delivery report), DSN (delivery status notification) and some auto-responses, the address of the sender in the SMTP envelope (envelope-from) will be empty. In this case, SPF checks the host name from the HELO/EHLO command. You need to check the name from this command (for example, by opening the server configuration or by sending an email to a public server and checking the headers) and enable SPF for this name.

Spammers can use not only the same domains that you use to send messages, they can send spam on behalf of any host that has an A- or MX record. Therefore, if you publish SPF from altruistic considerations, then you need to add SPF for all such records, and it is also desirable to add a wildcard (*) for nonexistent records.

8. Misconception: It’s better to add a special SPF type record to DNS (instead of TXT)

Fact: It must be a TXT record.

Explanation: According to the current version of the SPF standard (RFC 7208), SPF type DNS records are deprecated and should no longer be used.

9. Misconception: it is recommended that you include as many of the available elements in SPF as possible (a, mx, ptr, include), because this can reduce the likelihood of an error

Fact: it is necessary to minimize the SPF record and it is recommended to specify only addresses of the networks via ip4/ip6.

Explanation: There is a limit of 10 DNS queries for resolving the SPF policy. Exceeding this limit will result in a permanent policy error (permerror). Moreover, DNS is an unreliable service, so there is a probability of a failure (temperror) for each request, which increases with the number of requests. Each additional a or include record requires an additional DNS request; as for include, it is also necessary to request all elements specified in the include record. mx requires to request MX records and an additional A record request for each MX server. ptr requires an additional request, moreover, it is inherently unsafe. Only the addresses of the networks listed through ip4/ip6 do not require additional DNS requests.

10. Misconception: TTL for the SPF record should be smaller (larger)

Fact: As for most DNS records, it is better to choose TTL from the range of 1 hour to 1 day and reduce it in advance during the deployment or implementation of planned changes, or increase, when the policies are stable.

Explanation: A higher TTL reduces the likelihood of DNS errors and, as a consequence, SPF temperrors, but it increases the response time when it is necessary to make changes to the SPF record.

11. Misconception: If I don’t know which IP addresses can be used to send my messages, then it is better to publish the policy with +all

Fact: A policy with an explicit +all or an implicit rule that enables mailing on behalf of the domain name from any IP address will negatively affect the delivery of emails.

Explanation: Such a policy does not make sense, and it is often used by spammers to ensure SPF authentication of spam messages that are sent through botnets. Therefore, a domain that publishes such a policy risks being blocked.

12. Misconception: It does not make sense to use SPF

Fact: It is necessary to use SPF.

Explanation: SPF is one of the mechanisms for authorizing the sender in email and the way to identify the domain in reputation-based systems. Currently, large email service providers are gradually beginning to require the authorization of messages, and messages that do not have authorization can be subject to “penalties” in terms of delivery or display to the user. In addition, there may be no auto-responses and notifications on delivery or non-delivery for messages that have not passed SPF authorization. The reason is that such responses are usually sent exactly to the SMTP envelope address SPF authorizes and require that it is authorized. Therefore, SPF is required even if all messages are authorized by DKIM. Also, SPF is a must for IPv6 networks and cloud services: In such networks, it is almost impossible to use the reputation of IP addresses, and messages from addresses without SPF authorization will, as a rule, not be accepted. In accordance with the standard, one of the primary tasks of SPF is to use the reputation of a domain name instead of the IP reputation.

13. Misconception: SPF is self-sufficient

Fact: DKIM and DMARC are also necessary.

Explanation: DKIM is required to successfully forward email messages. DMARC is required to protect the sender’s address from spoofing. In addition, DMARC allows you to receive reports on violations of the SPF policy.

14. Misconception: Two SPF records are better than one

Fact: The record must be exactly one.

Explanation: This requirement is described in the standard. If there is more than one record, this will result in a permanent error (permerror). If it is necessary to merge several SPF records, simply publish a record with several include operators.

15. Misconception: spf1 is good, but spf2.0 is better

Fact: You should use v=spf1.

Explanation: spf2.0 does not exist. By publishing the spf2.0 record, you can expose yourself to the risk of unpredictable results. spf2.0 has never existed and it is not a standard, but it was mentioned in the experimental standard RFC 4406 (Sender ID), which was based on the assumption that such a standard would be adopted, since the corresponding discussions did take place. Sender ID, which was supposed to solve the problem of address spoofing, did not become a generally accepted standard, and you should use DMARC instead. Even if you decide to use Sender ID and publish the spf2.0 entry, it will not be a replacement for the spf1 entry.

I had almost finished writing this article, when I was suddenly intercepted by our Customer Support staff who strongly (and categorically) recommended that I recall the following nuances of SPF that they often have to deal with when solving various issues:

SPF policy should end with the all or redirect directive. There should be absolutely nothing after these directives.
all or redirect directives can be used in this policy exactly once, and they replace each other (that is, one policy can not include all and redirect simultaneously).
The include directive does not replace all or redirect. include can be used several times, but your policy should still be terminated with the all or redirect directive. include or redirect should be used to include a valid policy terminated with all or redirect. At the same time, include does not pay attention to the rule (-all, ~all, ?all) that is used for all in the included policy, however, for redirect it makes a difference.
include is used with colons (include:example.com), and redirect requires the sign of equality (redirect=example.com).
SPF does not cover subdomains. SPF DOES NOT СOVER SUBDOMAINS . SPF. DOES. NOT. COVER. SUBDOMAINS. (And DMARC, by default, covers them). You should publish SPF for each A or MX record in DNS, if those records are used or can be used to deliver emails.

Summary

You should be sure that you create a policy for all MX and, preferably, all A records.
Add SPF policies for the names used in the HELO/EHLO of the mail server.
Publish the SPF policy as a TXT record with v=spf1 in DNS.
Try to use the addresses as ip4/ip6 networks in your policy. Specify them at the beginning of the policy to avoid unnecessary DNS requests. Minimize the use of include, try to do without a, use mx only in case of extreme and irresistible necessity, and never use ptr.
Specify ~all for domains that are really used to send emails, -all for unused domains and records.
Use small TTL during the implementation and testing period, and then increase TTL to the appropriate values. Before making any changes, reduce the TTL beforehand.
Be sure to validate your SPF policy, for example, here.
Do not limit yourself to the deployment of SPF, try to implement DKIM and always implement DMARC. DMARC protects your messages from spoofing and allows you to receive information on violations of the SPF. You will be able to detect forgery, indirect message flows and configuration errors.
If you read Russian (or just for fun) after implementing SPF, DKIM and/or DMARC, check them using https://postmaster.mail.ru/security/. SPF and DMARC are validated according to the current state; DKIM is checked using the statistics for the previous day only if there is correspondence with the boxes on Mail.Ru on the previous day or earlier.
There are good SPF BCPs from M3AAWG

Sample SPF policy: @ IN TXT “v=spf1 ip4:1.2.3.0/24 include:_spf.myesp.example.com ~all”

Create your SPF record

SPF authenticates a sender’s identity by comparing the sending mail server’s IP address to the list of authorized sending IP addresses published by the sender in the DNS record. Here’s how to create your SPF record:

Start with v=spf1 (version 1) tag and follow it with the IP addresses that are authorized to send mail. For example, v=spf1 ip4:1.2.3.4 ip4:2.3.4.5
If you use a third party to send email on behalf of the domain in question, you must add an “include” statement in your SPF record (e.g., include:thirdparty.com) to designate that third party as a legitimate sender
Once you have added all authorized IP addresses and include statements, end your record with an ~all or -all tag
An ~all tag indicates a soft SPF fail while an -all tag indicates a hard SPF fail. In the eyes of the major mailbox providers ~all and -all will both result in SPF failure. Return Path recommends an -all as it is the most secure record.
SPF records cannot be over 255 characters in length and cannot include more than ten include statements, also known as “lookups.” Here’s an example of what your record might look like:
v=spf1 ip4:1.2.3.4 ip4:2.3.4.5 include:thirdparty.com -all
For your domains that do not send email, the SPF record will exclude any modifier with the exception of -all. Here’s an example record for a non-sending domain:
v=spf1 -all

Verify published SPF

https://www.spfwizard.net/ (SPF creation wizard)
https://stopemailfraud.proofpoint.com/spf/ (Verify existing SPF)
https://www.dmarcanalyzer.com/spf/checker/ (Verify SPF)
https://mxtoolbox.com/spf.aspx (Verify SPF)
https://www.kitterman.com/spf/validate.html (Verify SPF)
https://vamsoft.com/support/tools/spf-policy-tester (SPF Policy tester)

Telnet

Intro

Telnet is a computer protocol that was built for interacting with remote computers.
The word “Telnet” also refers to the command-line utility “telnet”, available under Windows OS and Unix-like systems, including Mac, Linux, and others. We will use the term “Telnet” mostly in the context of the telnet client software.
Telnet utility allows users to test connectivity to remote machines and issue commands through the use of a keyboard. Though most users opt to work with graphical interfaces, Telnet is one of the simplest ways to check connectivity on certain ports.

Enable telnet client in Windows

Telnet is disabled by default in Window’s settings, so you need to turn it on before you can do anything. Turning it on will help you to run the required diagnostics and check if a port is open. If you try to use telnet without turning it on first, you’ll receive a message like:

‘telnet’ is not recognized as an internal or external command, operable program or C:\>

Enabling telnet client through Command Prompt:
Install-WindowsFeature -name Telnet-Client

Enabling telnet client via GUI Win10:
Open Windows Start menu > Type “Control Panel” > Press Enter > “Programs” > “Programs and Features” > Turn Windows features on or off > Select “Telnet Client” > Press “OK”

Enabling telnet client via GUI WS2012+:
Open “Server Manager” > “Add roles and features” > click “Next” until reaching the “Features” step > tick “Telnet Client” > click “Install” > when the feature installation finishes, click “Close”.

Telnet Commands List

Type this	To do this
open or o	Establish a Telnet connection with a host computer or remote server. You can use the full command, open, or abbreviate it to just o. For example, o domain.com 25 will connect your computer to a computer named domain.com port 25.
display	View the current settings for Telnet Client. Type display for a list of the current operating parameters. If you are in a Telnet session (connected to a Telnet server), to modify the parameters, press Ctrl+] to leave the Telnet session. To return to the Telnet session, press Enter. The following operating parameters are available: WILL AUTH (NTLM Authentication) WONT AUTH WILL TERM TYPE WONT TERM TYPE LOCALECHO off LOCALECHO on
quit or q	Exit from Telnet.
set	Set the terminal type for the connection, turn on local echo, set authentication to NTLM, set the escape character, and set up logging. >SET NTLM turns on NTLM. While you are using NTLM authentication, if you’re connecting from a remote computer, you will not be prompted to type a logon name and password. > SET LOCALECHO turns on local echoing. > SET TERM {ANSI\|VT100\|VT52\|VTNT} sets the terminal type to the appropriate terminal type. You should use the VT100 terminal type if you are running normal command-line applications. Use the VTNT terminal type if you are running advanced command-line applications, such as . > ESCAPE + Character sets the key sequence to use for switching from session to command mode. For example, to set Ctrl+P as your escape character, typeset escape, press Ctrl+P, and then press Enter. > LOGFILE FileName sets the file to be used for logging Telnet activity. The log file must be on your local computer. Logging begins automatically when you set this option. > LOGGING turns on logging. If no log file is set, an error message is displayed.
unset	Turn off local echo or set authentication for the logon or password prompt. UNSET NLM turns off NLM. UNSET LOCALECHO turns off local echoing.
status	Move to the Telnet command prompt from a connected session
enter	Go to the connected session (if it exists)
?/help	View Help information

Parameter List

Parameter	Description
/a	attempt automatic logon. Same as /l option except uses the currently logged on user s name.
/e <EscapeChar>	Escape character used to enter the telnet client prompt.
/f <FileName>	File name used for client side logging.
/l <UserName>	Specifies the user name to log on with on the remote computer.
/t {vt100 \| vt52 \| ansi \| vtnt}	Specifies the terminal type. Supported terminal types are vt100, vt52, ansi, and vtnt.
<Host> [<Port>]	Specifies the hostname or IP address of the remote computer to connect to, and optionally the TCP port to use (default is TCP port 23).
/?	Displays help at the command prompt. Alternatively, you can type /h.

Check the listen port

You can use this command for check the connection of a application.

telnet IPADDRESS PORT

telnet 192.168.0.10 80       <- http
telnet 192.168.0.10 25       <- smtp
telnet 192.168.0.10 25

Check Connection and Close Connection

# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 office-serv ESMTP Sendmail 8.13 ; Mon, 28 Mar 2019 08:00:00 +0900
^]                                 <- Ctrl ]
telnet> quit
Connection closed.

Telnet to Web Server (port 8o or 443

# telnet localhost 80
Trying 127.0.0.1...
Connected to localhost.domain.com (127.0.0.1).
Escape character is '^]'.
GET / HTTP/1.0                       <-  Enter 2 times (http://localhost/index.html)

HTTP/1.1 200 OK
Date: Wed, 29 Jul 2009 15:16:50 GMT
Server: Apache/1.3.37 (Unix) mod_fastcgi/2.4.6 mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.4.7 abbr.
Last-Modified: Mon, 05 Feb 2007 11:04:57 GMT
ETag: "1b200-b2c-45c70f59"
Accept-Ranges: bytes
Content-Length: 2860
Connection: close
Content-Type: text/html

<html>
<html>
<title>TEST</title>

abbr.

</body>
</html>
Connection closed by foreign host.
#

Telnet to Mail Server

# telnet localhost 25
Trying 127.0.0.1...
Connected to test-server.test-server (127.0.0.1).
Escape character is '^]'.
220 test-server.example-sec.local ESMTP
helo localhost
250 test-server.example-sec.local
mail from:user01@example-sec.jp
250 ok
rcpt to:user02@example-sec.jp
250 ok
502 unimplemented (#5.5.1)
data
354 go ahead
From: user01@example-sec.jp
To: user02@example-sec.jp
Subject: test
this is test.

.
250 ok 1184072108 qp 20747

502 unimplemented (#5.5.1)
quit
221 test-server.example-sec.local
Connection closed by foreign host.

  C:\>telnet hostname 25
 220 TEST.local Microsoft ESMTP MAIL Service, Version: 7.5. ready at  Thu, 01 Jul 2018 11:11:11 -0500
 helo test
 250 ESXi-DEV-WEB01.local Hello [127.0.0.1]
 mail from:none@none.com
 250 2.1.0 none@none.com….Sender OK
 rcpt to:youremail@domain.com
 250 2.1.5 youremail@domain.com
 data
 354 Start mail input; end with .
 subject:This is a test email
 This is the body of the test email sent via Telnet.
 .
 250 2.6.0  Queued mail for delivery
 quit
 221 2.0.0 TEST.local Service closing transmission channel
 Connection to host lost.

Nano command editor

Nano is a text editor suited to working in a UNIX-based command line environment. It is not as powerful as PC window-based editors, as it does not rely on the mouse, but still has many useful features.
Most nano commands are invoked by holding down the Ctrl key (that is, the control key), and pressing one of the other keys. In this text, the control key is referred to using ^. For example, ^X means “hold down the CTRL key and press the x key”. Most of the important commands are listed at the bottom of your screen when nano is running.

File Control in nano

nano index.php Open or create the file “index.php” with nano on command line.
Ctrl-o Y Enter Save changes.
Ctrl-r Alt-f Open a new file with a new buffer within nano.
Alt-> Switch to the next file buffer in nano.
Alt-< Switch to the previous file buffer in nano.
Ctrl-x Quit nano.

Navigating through file contents in nano

Ctrl-a Move to the beginning of the current line.
Ctrl-e Move to the end of the current line.
Ctrl-v Move down one page.
Ctrl-y Move up one page.
Alt-\ Go to the beginning of the file.
Alt-/ Go to the end of the file.
Alt-g Go to a target line number.
Alt-] Jump to matching open/close symbol.
Alt-a Alt-} Select a block and indent the block.
Alt-a Alt-{ Select a block and outden the block.

Copy and Paste in nano

Alt-a To select a block for copy or cut operation, do Alt-a again to unselect.
Alt-a Alt-^ Copy a highlighted block to the clipboard.
Alt-a Ctrl-k Cut a highlighted block to the clipboard.
Ctrl-k Cut from the current cursor position to the end of the current line.
Ctrl-u Paste the contents from the clipboard at the current cursor position.

Search and Replace in nano

Ctrl-w Search for a target string.
Alt-w Repeat the last search.
Alt-r Search and replace.

File Management

Key	Action
Ctrl+G	Display help text
Ctrl+X	Close the current file buffer / Exit from nano
Ctrl+O	Write the current file to disk
Ctrl+R	Insert another file into the current one
Alt+>	Switch to the next file buffer
Alt+<	Switch to the previous file buffer

Search and Replace

Key	Action
Ctrl+W	Search for a string or a regular expression
Ctrl+\	Replace a string or a regular expression
Alt+W	Repeat the last search

Navigation

Key	Action
Ctrl+_	Go to line and column number
Ctrl+Y	Go one screenful up
Ctrl+V	Go one screenful down
Alt+\	Go to the first line of the file
Alt+/	Go to the last line of the file
Ctrl+B	Go back one character
Ctrl+F	Go forward one character
Alt+Space	Go back one word
Ctrl+Space	Go forward one word
Ctrl+A	Go to beginning of current line
Ctrl+E	Go to end of current line
Ctrl+P	Go to previous line
Ctrl+N	Go to next line
Alt+(	Go to beginning of paragraph; then of previous paragraph
Alt+)	Go just beyond end of paragraph; then of next paragraph
Alt+-	Scroll up one line without scrolling the cursor
Alt++	Scroll down one line without scrolling the cursor
Alt+<	Switch to the previous file buffer
Alt+>	Switch to the next file buffer
Ctrl+C	Display the position of the cursor
Alt+]	Go to the matching bracket

Editing

Key	Action
Alt+U	Undo the last operation
Alt+E	Redo the last undone operation
Alt+}	Indent the current line
Alt+{	Unindent the current line
Alt+^	Copy the current line and store it in the cutbuffer
Ctrl+K	Cut the current line and store it in the cutbuffer
Ctrl+U	Uncut from the cutbuffer into the current line
Ctrl+J	Justify the current paragraph
Ctrl+T	Invoke the spell checker, if available
Alt+V	Insert the next keystroke verbatim
Ctrl+I	Insert a tab at the cursor position
Ctrl+M	Insert a newline at the cursor position
Ctrl+D	Delete the character under the cursor
Ctrl+H	Delete the character to the left of the cursor
Alt+T	Cut from the cursor position to the end of the file
Alt+J	Justify the entire file
Alt+D	Count the number of words, lines, and characters
Ctrl+^	Mark text starting from the cursor position

Settings

Key	Action
Alt+X	Help mode enable/disable
Alt+C	Constant cursor position display enable/disable
Alt+O	Use of one more line for editing enable/disable
Alt+S	Smooth scrolling enable/disable
Alt+$	Soft wrapping of overlong lines enable/disable
Alt+P	Whitespace display enable/disable
Alt+Y	Color syntax highlighting enable/disable
Alt+H	Smart home key enable/disable
Alt+I	Auto indent enable/disable
Alt+K	Cut to end enable/disable
Alt+L	Hard wrapping of overlong lines enable/disable
Alt+Q	Conversion of typed tabs to spaces enable/disable
Alt+B	Backup files enable/disable
Alt+F	Reading file into separate buffer enable/disable

Cryptoadvice

If you’re new to bitcoin you’re likely to be a target for scammers, scammers will offer you the following:

A bot that earns bitcoin
Mobile or Cloud Mining
Ask you to help them recover funds
Asked to deposit funds in order to withdrawl funds
Ask you to deposit bitcoin to earn Interest
Ask you to deposit to double your bitcoin
A trading platform that will trade for you

⚠️ BEWARE:

If you lose funds you will likey be private messaged by another scammer offering to recover your funds for a fee (This is also a scam)
All of these are scams & there is NO EXCEPTION to the rule just your belief in getting rich quickly which will leave you with less money than you have now.
If you want bitcoin the only way to get it, is to buy it from a reputable exchange in your country! not from some stranger off the internet
Daily we see people get scammed, you are not an exception to the rule, be smart and read more

Learn To Trade – Here are some helpful tips to get you started

Where to Buy/Trade

Binance.com
Bitfinex.com
Bitmex.com
Bittrex.com
Coinbase.com
Coinut.com
GDAX.com
Gemini.com
Kraken.com
Etoro.com
OKCoin.com
OKCoin.cn
Poloniex.com
SimpleFX.com
TuxExchange.com
Wex.nz

Websites for Charting

BitcoinWisdom.com
CryptoWat.ch
TensorCharts.com
TradeBlock.com
TradingView.com

Training YouTube Videos

https://youtu.be/oFB2zt2bYtc [@MrJozza]
https://www.youtube.com/watch?v=e4KtUKP82mM
https://www.youtube.com/watch?v=hyELHtxTp7I
https://www.youtube.com/user/carpenoctom/videos

Crypto Trading Terms

ASHDRAKED = Lost all your money
BOGDANOFF = The market makers
BEAR/BEARISH = Price negative
BULL/BULLISH = Price positive
DILDO = Large green or red candle
DYOR = Do Your Own Research
FOMO = Fear Of Missing Out
FUD = Fear Uncertainty & Doubt
HODL = Holding a position
JOMO = Joy Of Missing Out
LONG = Margin bull position
MOON = Price will explode up
OTC = Over The Counter
SAJ CANDLE = Huge green candle
SHORT = Margin bear position
REKT = Had a bad loss
REVERSE INDICATOR = Someone who is always wrong predicting price movements.
(For complete cryptoslang see – http://fvck.in/crypto-slang/ )

Handy Websites:

Trading Communities

BabyPips.com (trading training)
BitcoinTalk.org (forum)
@Crypto (telegram)
TradingView.com (webchat)
For Voice Chat including Discord & Teamspeak links check the coinsole links on https://CryptoGroups.com

Security

Use 2FA on all accounts
Add pin only access to your mobile phone provider
2FA on all email accounts
Enable 2FA on withdrawals & trades if possible

Information: Trading on others advice is the best way to lose money, yes there are respected names in the industry but even they get it wrong. If you’re new, its best to paper trade (trade without real money) if you can prove you make money consistently over time, you’re ready to trade with real money. Margin trading is for people who know what they’re doing, if you dont, its the quickest money you will ever lose.

Beware of EXPERTS that claim “I’m always right!

We see many supposed crypto “experts” or “traders”, let’s call them this way, who like to declare that they are always right. Always.

First of all, it’s mathematically impossible. No way you will be always right in the long run, even if you are the guru of TA or FA. Especially when we talk about TA. You have to realize that TA only says what’s more likely to happen. Trading is about probabilities and money management. But let’s get back to those “always winning experts”.
Don’t you make fun of them when they post their charts with two arrows up & down? We do. Especially after the price action when they say that they were right.

⚠️ Be cautious with these “experts. There are so many of them over the Telegram and Trading View! Do not follow their recommendations, because:

Firstly, it’s hard to figure out which direction they expect the market to go (due to their ambiguous analysis)
Secondly, if they give an analysis, you follow it and the market goes in the opposite direction, you will lose your money, but that “expert” will write that he was right again and predicted the move perfectly.

!Warning & Disclaimer!

Cloud mining sites are largely scams.
Pump & Dump groups are scams
All HYIP’s & MLM’s are scams, you will get banned from all groups if you are found participating or sharing HYIP/MLM links, dont make money out of scamming others, learn to trade.
There are scammers posing as well known members on telegram private messaging people asking for money, DONT SEND!
Dont open files posted in these groups
Careful about clicking on 3rd party links, these can easily be malicious.
All advice given here is to be taken at own risk, we have no affiliation with any exchange & exchanges can be hacked. If an exchange gets hacked, your funds could be lost with no recourse, so be careful.

Email Bounces

Emails bounces – when an email can’t be delivered for one reason or another – almost like throwing a ball to a someone, only to hit a wall and the ball bounces back at you.

There are two different types of bounces when it comes to email marketing: –

A Soft Bounce – temporary error
A Hard Bounce – permanent error

A Soft bounce happens when the person who your are emailing has simply run out of space in their mailbox, the address exists but it simply can’t fit in another email until they clean it up. If this continues, then the system will change to a Hard Bounce as it begins to affect your sending reputation if these emails keep getting bounced back.

Hard Bounce means that there was a fundamental issue delivering your email which one of the following categories: –

Bounce Category: bad-domain

Explanation: The message bounced due to an invalid or non-existing domain, 5.X.X error.

Resolution: Check the spelling and format of the domain, and edit the contact’s details with the corrected domain. Once the contact has been updated, their bounce status will be reset and you can send to them again.

Bounce Category: bad-mailbox

Explanation: The message bounced due to a bad, invalid, or non-existent recipient address, 5.X.X error.

Resolution: Check the spelling and format of the contact’s email address, and edit with the corrected information. Once the contact has been updated, their bounce status will be reset and you can send to them again.

Bounce Category: inactive-mailbox

Explanation: The message bounced due to an expired, inactive, or disabled recipient address, 5.X.X error.

Resolution: Confirm with the contact if their email address is still active. Check the spelling and format of the contact’s email address, and edit with the corrected information. Once the contact has been updated, their bounce status will be reset and you can send to them again.

Bounce Category: message-expired

Explanation: The message bounced due to not being delivered before the two day window in which the system continues to attempt delivery, 4.X.X error.

Resolution: Confirm with the contact if their email address is still valid, and edit the contact’s email address with any updated information. If the email address has not changed, ask the contact to whitelist. Once that has been done, reset the contact’s delivery status and you will be able to send to them again.

Bounce Category: no-answer-from-host

Explanation: The message bounced due to receiving no response from the recipient’s server after connecting, 4.X.X or 5.X.X error.

Resolution: The recipient’s mail server is offline or has an issue in its configuration. Ask the recipient to investigate if there is an issue with their mail server. Once that has been done, reset the contact’s delivery status and you will be able to send to them again.

Bounce Category: other messages

Explanation: The message bounced due to other reasons, 4.X.X or 5.X.X error.

Resolution: The system did not receive any detailed message back from the recipient’s mail server. Ask the contact to whitelist. Once that has been done, reset the contact’s delivery status and you will be able to send to them again.

Bounce Category: policy-related

Explanation: The message bounced due to a policy reason on a recipient address or domain, 5.X.X error.

Resolution: This is usually due to a message being classified as spam by a recipient’s mail server or due to some type of limit restriction in place on the recipient’s side. Ask the contact to whitelist. Once that has been done, reset the contact’s delivery status and you will be able to send to them again.

Bounce Category: quota-issues

Explanation: The message bounced due to the recipient’s mailbox being over its limit, 4.X.X or 5.X.X error.

Resolution: Confirm with the contact if they are able to receive email. Once that issue has been resolved on their side, reset the contact’s delivery status and you will be able to send to them again.

Bounce Category: routing-errors

Explanation: The message bounced due to mail routing issues for a recipient domain, 5.X.X error.

Resolution: This is usually due to an invalid configuration in the DNS records on the recipient’s mail server. Ask the recipient to investigate if there is an issue with their mail server. Once that has been done, reset the contact’s delivery status and you will be able to send to them again.

Bounce Category: spam-related

Explanation: The message bounced due to spam related reasons, 5.X.X error.

Resolution: This is usually due to a message being classified as spam by a recipient’s mail server. Ask the contact to whitelist. Once that has been done, reset the contact’s delivery status and you will be able to send to them again.

Error overview

Error Code	Error Message	Recommended actions
*bad-configuration*	Messages were rejected due to problems in the remote server configuration. This is a problem on the recipient’s server that has an error in the settings and is not allowing new messages.	You will need to contact the subscriber by phone to talk to the system administrator to try to solve the problem. When the administrator notify that the issue has been solved, you should contact the Mailrelay technical staff.
*bad-connection*	Messages were rejected due to connection problems with the remote server. It is not possible to connect with the recipient’s domain correctly due to some failure in the connection route. In this case, the problem may not be occurring directly on the recipient’s server, but on some intermediate server that is receiving and forwarding the message.	You sould contact the administrator of the recipient’s server to explain the problem, but also with the internet service provider, so they can analyze and try to locate the problem that is causing this error.
bad-domain	Messages bounced because the domain is invalid or nonexistent. If the recipient’s domain does not exist, you can receive this error. You need to confirm that the account is valid.	You also will need to contact the subscriber by phone to talk to the system administrator to try to solve the problem. When the administrator notify that the issue has been solved, you should contact the Mailrelay technical staff to validate the email again.
bad-mailbox	Messages rejected because the recipient’s address is incorrect, is invalid or nonexistent. The email account was not found on the recipient’s server.	You will need to contact the subscriber by phone to talk to the system administrator to try to solve the problem. When the administrator notify that the issue has been solved, you should contact the Mailrelay technical staff to validate the email again.
content-related	Messages bounced due to its content (Possible spam, sender is blacklisted, etc)	You will need to contact the administrator of the recipient’s server for information about the problem and determine possible solutions. And, you should contact our Customer Service Department to see what could be done to solve this issue.
inactive-mailbox	Messages rejected because the accounts expired, are inactive or have been disabled.	You will need to confirm that the account is correct and contact the subscriber by phone to talk to the system administrator to try to solve the problem. When the administrator notify that the issue has been solved, you should contact the Mailrelay technical staff.
message-expired	The message was sent before the maximum time allowed, after previous attempts have failed.	You can try to send the message again when there is less saturation in the sending queue.
no-answer-from-host	Messages bounced because the system could not receive any response from the remote server after connecting. This could be a problem on the remote server configuration.	You will need to contact the administrator of the server to ask for more information on how to solve the problem.
other	Were rejected due to other reasons	You will need to contact the administrator of the server to ask for more information on how to solve the problem.
policy-related	Messages bounced or blocked due to problems with the policy of the recipient’s server.	You will also need to contact the administrator of the server to ask for more information on how to solve the problem. And, you should contact our Customer Service Department to see what could be done to solve this issue.
protocol-errors	The message is being rejected due to syntax errors in the SMTP protocol. Mailrelay always uses correct syntax and commands, but there may be an interpretation problem on the recipient’s server.	You will need to contact the system administrator to try to solve the problem.
quota-issues	Messages rejected or blocked due to quota issues. The server rejects the message because the account has exceeded the limit of messages.	You will need to contact the subscriber by phone to talk to the system administrator to try to solve the problem. When the administrator notify that the issue has been solved, you should contact the Mailrelay technical staff to validate the email again.
relaying-issues	Messages rejected or blocked due to problems when trying to deliver the emails on the remote server. These errors may occur due to various reasons of internal administrative policies of the recipient’s server, for example, some servers will not accept any email with your domain that does not come from your own IP.	You will need to contact the system administrator to try to solve the problem.
routing-errors	Messages due to routing problems in the recipient’s domain. That is, the sender server cannot deliver the email correctly due to a failure in an intermediate server.	You sould contact the administrator of the recipient’s server to explain the problem, but also with the internet service provider, so they can analyze and try to locate the problem that is causing this error.
spam-related	Messages blocked or rejected due to reasons related to SPAM. There is a problem with the configurations of the sender domain, the contents of the email or spam complaints and the spam filter is blocking the email.	You will need to contact the administrator of the recipient’s server for information about the problem and determine possible solutions.
virus-related	Messages blocked or rejected due to reasons related to infected emails. This can be a serious issue. When you attach a file containing a virus or that potentially could contain a threat, for example, Word or Excel, your emails will probably be blocked.	The best solution in these cases is to scan the attached files using a good antivirus and if the problem occurs because the server rejects the message, marking it as potentially dangerous, you can compress the file using a software like Winzip, Winrar, and upload it to a server. After that, just add a link were your subscribers can download it.

Generic Error codes

Invalid or expired email address

421 Service not available, closing transmission channel
450 Requested mail action not taken: mailbox unavailable (e.g., mailbox busy)
451 Requested action aborted: error in processing
550 User’s mailbox was unavailable (such as not found)
551 The recipient is not local to the server.
553 The command was aborted because the mailbox name is invalid.
5.0.0   Address does not exist
5.1.1   Bad destination mailbox address
5.1.2   Bad destination system address
5.1.3   Bad destination mailbox address syntax
5.1.4   Destination mailbox address ambiguous
5.1.5   Destination mailbox address valid
5.1.6   Mailbox has moved
5.1.7   Bad sender’s mailbox address syntax
5.1.8   Bad sender’s system address
5.2.0   Other or undefined mailbox status
5.2.1   Mailbox disabled, not accepting messages
5.1.0   Other address status
5.3.0   Other or undefined mail system status
5.4.1   No answer from host
5.4.2   Bad connection
5.4.0   Other or undefined network or routing status
5.4.3   Routing server failure
5.4.4   Unable to route
5.4.7   Delivery time expired
5.5.0   Other or undefined protocol status

Mailbox full

5.2.2 Mailbox full
5.3.1 Mail system full

Message rejected

5.2.3   Message length exceeds administrative limit.
5.2.4   Mailing list expansion problem
5.3.4   Message too big for system
5.5.3   Too many recipients
5.7.0   Other or undefined security status
5.7.1   Delivery not authorized, message refused
5.7.2   Mailing list expansion prohibited
5.7.7   Message integrity failure

Miscellaneous issues in the remote mail server

452 Requested action not taken: insufficient system storage
500 The server could not recognize the command due to a syntax error.
501 A syntax error was encountered in command arguments.
502 This command is not implemented.
503 The server has encountered a bad sequence of commands.
504 A command parameter is not implemented.
552 The action was aborted due to exceeded storage allocation.
554 The transaction failed for some unstated reason.
5.3.2   System not accepting network messages
5.3.3   System not capable of selected features
5.4.5   Network congestion
5.4.6   Routing loop detected
5.5.1   Invalid command
5.5.2   Syntax error
5.5.4   Invalid command arguments
5.5.5   Wrong protocol version
5.6.0   Other or undefined media error
5.6.1   Media not supported
5.6.2   Conversion required and prohibited
5.6.3   Conversion required but not supported
5.6.4   Conversion with loss performed
5.6.5   Conversion failed
5.7.3   Security conversion required but not possible
5.7.4   Security features not supported
5.7.5   Cryptographic failure
5.7.6   Cryptographic algorithm not supported

Yahoo SMTP codes

SMTP Error	Diagnostic Error Message	Reason
421	421 Message temporarily deferred – [numeric code]	The message content contained objectionable content, we’re seeing unusual traffic from your servers, or emails from your mail server are generating complaints from Yahoo Mail users.
421	421 4.7.0 [TS01] Messages from x.x.x.x temporarily deferred due to user complaints – 4.16.55	We’re seeing unusual traffic patterns from your server. Submit your sending IPs for review.
421	421 4.7.0 [TS02] Messages from x.x.x.x temporarily deferred due to user complaints – 4.16.55	We’re seeing unusual traffic patterns from your server or your mailings are generating complaints from Yahoo Mail users. Submit your sending IPs for review.
421	421 4.7.1 [TS03] Messages from x.x.x.x permanently deferred. Retrying will NOT succeed	We’re seeing a high volume of e-mails from your server that are indicative of unsolicited mailings. Submit your sending IPs for review.
451	451 Resources temporarily not available – Please try again later [numeric code]	This error indicates that our servers were busy and temporarily unable to process your transaction at the time of connection.
451	451 VS1-IP Excessive unknown recipients – possible Open Relay (#4.1.8)	Your mail server is configured as an open relay or proxy. Review our guidelines for avoiding deprioritization.
451	451 VS1-MF Excessive unknown recipients – possible Open Relay (#4.4.5)	The senders MAIL FROM address has been sending to excessive bouncing accounts (non-active, don’t exist). Review your mailing lists, and remove any addresses that generate bounces.
553	553 5.7.1 [BLXX] Connections not accepted from IP addresses on Spamhaus PBL	The sending IP is listed on a Spamhaus blacklist. You can check your status on Spamhaus’ site.
554	554 Message not allowed – [numeric code]	Your emails have become deprioritized due to the message content triggering our filters. We ask that you review the email’s header and message content for potentially objectionable content.
554	Delivery error: dd This user doesn’t have a yahoo.com account (******@yahoo.com) [-5] – mta1126.mail.gq1.yahoo.com [BODY]	The Yahoo account that you’re trying to send to doesn’t exist. We recommend that you contact the recipient directly to confirm their correct email address.
554	554 5.7.9 Message not accepted for policy reasons	Your message wasn’t delivered because Yahoo was unable to verify that it came from a legitimate email sender.

Outlook Error codes

SMTP Error Code	Explanation
421 RP-001	The mail server IP connecting to Outlook.com server has exceeded the rate limit allowed. Reason for rate limitation is related to IP/domain reputation. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
421 RP-002	The mail server IP connecting to Outlook.com server has exceeded the rate limit allowed on this connection. Reason for rate limitation is related to IP/domain reputation. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
421 RP-003	The mail server IP connecting to Outlook.com server has exceeded the connection limit allowed. Reason for limitation is related to IP/domain reputation. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
550 SC-001	Emails rejected by Outlook.com for policy reasons. Reasons for rejection may be related to content with spam-like characteristics or IP/domain reputation. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
550 SC-002	Emails rejected by Outlook.com for policy reasons. The email server IP connecting to Outlook.com has exhibited namespace mining behaviour. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
550 SC-003	Emails rejected by Outlook.com for policy reasons. Your IP address appears to be an open proxy/relay. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
550 SC-004	Emails rejected by Outlook.com for policy reasons. A block has been placed against your IP address because we have received complaints concerning emails coming from that IP address. We recommend enrolling in our Junk Email Reporting Programme (JMRP), a free programme intended to help senders remove unwanted recipients from their email list. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
550 DY-001	Emails rejected by Outlook.com for policy reasons. We generally do not accept emails from dynamic IPs as they are not typically used to deliver unauthenticated SMTP email to an Internet mail server. If you are not an email/network admin please contact your Email/Internet Service Provider for help. http://www.spamhaus.org maintains lists of dynamic and residential IP addresses.
550 DY-002	Emails rejected by Outlook.com for policy reasons. The likely cause is a compromised or virus-infected server/personal computer. If you are not an email/network admin please contact your Email/Internet Service Provider for help.
550 OU-001	Emails rejected by Outlook.com for policy reasons. If you are not an email/network admin please contact your Email/Internet Service Provider for help. For more information about this block and to request removal please go to: http://www.spamhaus.org.
550 OU-002	Emails rejected by Outlook.com for policy reasons. Reasons for rejection may be related to content with spam-like characteristics or IP/domain reputation. If you are not an email/network admin please contact your Email/Internet Service Provider for help.

NOTE: If you are having problems with email delivery to Cox, and you were unable to resolve your problem using the steps in the Error Codes section above, send us an email at unblock.request@cox.net for assistance. Your email must contain all of the following information in order for us to process your request.

COX Email error codes

Error Code	Description	Resolution
CXBL	The sending IP address has been blocked by Cox due to exhibiting spam-like behavior.	Send an email request to Cox to ask for a sending IP address be unblocked. Note: Cox has sole discretion whether to unblock the sending IP address.
CXTHRT	Email sending limited due to suspicious account activity. To secure your account, please reset your password at cox.com/password. It may take up to 2 hours to confirm security and remove sending limits.	Reset your password at www.cox.com/password or by logging into your Cox.com account and going through the My Profile page. It can take up to 2 hours for the new password to be effective and the email sending limits to be taken off.
CXMJ	Email sending blocked due to suspicious account activity on primary Cox account. To secure your account, please reset all Cox account passwords at cox.com/password. Contact Cox at cox.com/chat to remove block and reference error code AUP#CXMJ.	Reset your password at www.cox.com/password or visit www.cox.com to sign in to your primary Cox account and go to the My Profile page. Then, contact Cox at www.cox.com/chat to remove the block referenced by error code AUP#CXMJ.
CXDNS	There was an issue with the connecting IP address Domain Name System (DNS).	The Reverse DNS (rDNS) lookup for your IP address is failing. Confirm the IP address that sends your email. Check the rDNS of that IP address. If it passes, then wait 24 hours and try resending your email.
CXSNDR	There was a problem with the sender’s domain.	Your email failed authentication checks against your sending domain’s SPF, DomainKeys, or DKIM policy.
CXSMTP	There was a violation of SMTP protocol.	Your email wasn’t delivered because Cox was unable to verify that it came from a legitimate email sender.
CXCNCT	There was a connection issue from the IP address.	There is a limit to the number of concurrent SMTP connections per IP address to protect the systems against attack. Ensure that the sending email server is not opening more than 10 concurrent connections to avoid reaching this limit.
CXMXRT	The sender has sent email to too many recipients and needs to wait before sending more email.	The email sender has exceeded the maximum number of sent email allowed.
CDRBL	The sending IP address has been temporarily blocked by Cox due to exhibiting spam-like behavior.	The block duration varies depending on reputation and other factors, but will not exceed 24 hours. Inspect email traffic for potential spam, and retry email delivery.
IPBL0001	The sending IP address is listed in the Spamhaus Zen DNSBL.	Refer to Spamhaus for more information and removal instructions. Spamhaus has sole discretion whether to remove the sending IP address from the DNSBL.
IPBL0010	The sending IP is listed in the Return Path DNSBL.	Refer to Return Path for more information and removal instructions. Return Path has sole discretion whether to remove the sending IP address from the DNSBL.
IPBL0100	The sending IP is listed in the Invaluement ivmSIP DNSBL.	Refer to ivmSIP for more information and removal instructions. ivmSIP has sole discretion whether to remove the sending IP address from the DNSBL.
IPBL0011	The sending IP is in the Spamhaus Zen and Return Path DNSBLs.	Refer to the instructions above for error codes IPBL0001 and IPBL0010.
IPBL0101	The sending IP is in the Spamhaus Zen and Invaluement ivmSIP DNSBLs.	Refer to the instructions above for error codes IPBL0001 and IPBL0100.
IPBL0110	The sending IP is in the Return Path and Invaluement ivmSIP DNSBLs.	Refer to the instructions above for error codes IPBL0010 and IPBL0100.
IPBL0111	The sending IP is in the Spamhaus Zen, Return Path and Invaluement ivmSIP DNSBLs.	Refer to the instructions above for error codes IPBL0001, IPBL0010, and IPBL0100.
IPBL1000	Cloudmark CSI Suspect / CSI Global	The sending IP address is listed on a CSI blacklist. You can check your status on the CSI website.
IPBL1001	The sending IP is listed in the Cloudmark CSI and Spamhaus Zen DNSBLs.	Refer to the instructions above for error codes IPBL1000 and IPBL0001.
IPBL1010	The sending IP is listed in the Cloudmark CSI and Return Path DNSBLs.	Refer to the instructions above for error codes IPBL1000 and IPBL0010.
IPBL1011	The sending IP is in the Cloudmark CSI, Spamhaus Zen and Return Path DNSBLs.	Refer to the instructions above for error codes IPBL1000, IPBL0001, and IPBL0010.
IPBL1100	The sending IP is listed in the Cloudmark CSI and Invaluement ivmSIP DNSBLs.	Refer to the instructions above for error codes IPBL1000 and IPBL0100.
IPBL1101	The sending IP is in the Cloudmark CSI, Spamhaus Zen and Invaluement IVMsip DNSBLs.	Refer to the instructions above for error codes IPBL1000, IPBL0001, and IPBL0100.
IPBL1110	The sending IP is in the Cloudmark CSI, Return Path and Invaluement ivmSIP DNSBLs.	Refer to the instructions above for error codes IPBL1000, IPL0010, and IPBL0100.
IPBL1111	The sending IP is in the Cloudmark CSI, Spamhaus Zen, Return Path and Invaluement ivmSIP DNSBLs.	Refer to the instructions above for error codes IPBL1000, IPBL0001, IPBL0010, and IPBL0100.
IPBL00001	Spamhaus ZEN	The sending IP address is listed on a Spamhaus blacklist. Check your status at Spamhaus.
URLBL011	A URL within the body of the message was found on blocklists SURBL and Spamhaus DBL.	Refer to SURBL for more information and removal instructions. Refer to Spamhaus for DBL information and removal instructions
URLBL101	A URL within the body of the message was found on blocklists SURBL and ivmURI.	Refer to SURBL for more information and removal instructions. Refer to ivmURI for more information and removal instructions
URLBL110	A URL within the body of the message was found on blocklists Spamhaus DBL and ivmURI.	Refer to ivmURI for more information and removal instructions. Refer to Spamhaus for DBL information and removal instructions
URLBL1001	Spamhaus DBL	The URL is listed on a Spamhaus blacklist. Check your status at Spamhaus.
421 – [ESMTP server temporarily not available]	Our systems are experiencing an issue which is causing a temporary inability to accept new email.	Retry your mailings at a later time.
421 – [too many sessions from <source IP>]	The sending IP address has exceeded the five maximum concurrent connection limit.	Configure your sending server to establish no more than five concurrent connections.
554 – [ESMTP no data before greeting]	The sending server has attempted to communicate too soon within the SMTP transaction.	Ensure that your sending server is RFC 5321-compliant, and is following the proper SMTP protocol standards.
554 – [<source IP> rejected – no rDNS]	Cox requires that all connecting email servers contain valid reverse DNS PTR records.	Ensure that your sending email servers have a valid reverse DNS entry.
554 – [cox too many bad commands from <source IP>]	An email client has repeatedly sent bad commands or invalid passwords resulting in a three-hour block of the client’s IP address.	Check the password used by your email client and consider using an alternate email client if your password is correct.
421 – [<source IP> DNS check failure – try again later]	The reverse DNS check of the sending server IP address has failed.	Ensure that your DNS configuration is correct and that the PTR record is resolvable.
452 – [<mailfrom address> requested action aborted: try again later]	The SMTP connection has exceeded the 100 email message threshold and was disconnected.	Establish a new connection and continue sending.
550 – [<mailfrom address> sender rejected]	Cox requires that all sender domains resolve to a valid MX or A-record within DNS.	Ensure that your domain has a valid MX or A-record within DNS.
550 – [<recipient email> recipient rejected]	The intended recipient is not a valid Cox Email account.	Ensure that your mailing list is up-to-date with verified recipient email addresses.
552 – [$(_id) attachment extension is forbidden]	The message has been rejected because it contains an attachment with one of the following prohibited file types, which commonly contain viruses: .shb, .shs, .vbe, .vbs, .wsc, .wsf, .wsh, .pif, .msc, .msi, .msp, .reg, .sct, .bat, .chm, .isp, .cpl, .js, .jse, .scr, .exe.	Ensure that your mailings do not contain attachments with these file types.
452 – [<source IP> rejected. Too many invalid recipients]	The sending IP address has exceeded the threshold of invalid recipients and has been blocked.	Ensure that your mailing list is up-to-date with verified recipient email addresses, and try again at a later time.
452 – [Message threshold exceeded]	Cox enforces various rate limits to protect our platform. The sending IP address has exceeded one of these rate limits and has been temporarily blocked.	Slow down the rate at which you attempt to send email.

COMCAST error codes

Error Code Returned	For more information
421 – [Too many sessions opened]	Comcast allows 25 simultaneous connections per sending IP address. This error results when that limit is exceeded.
421 – [Reverse DNS failure : Try again later]	Comcast requires all sending IP addresses have a valid rDNS. This error results when the lookup failed. This error should be treated as a temp-fail and can be retried. SERVFAIL response. 99.9% means that the DNS somewhere up the auth tree is misconfigured or down or very badly overloaded.
421 – [Try again later]	This error results for several reasons. This error should be treated as a temp-fail and can be retried.
452 – [Too many emails sent on this session]	Comcast allows 1000 emails per session. This error results when that limit is exceeded.
452 – [Too many recipients for message]	Comcast allows 100 recipients per message. This error results when that limit is exceeded.
550 – [Not our customer]	This error results when a message is sent to a non-existent Comcast customer. These errors should be treated as an “unsubscribe” by the sender, if a bulk mailer.
550 – [Your message could not be delivered due to too many invalid recipients]	This error results when a message is sent to too many invalid recipients. As a result none of the recipients received the message. Please check your distribution list and resend.
550 – [Invalid sender domain]	Comcast requires that all sending domains have a valid A or MX record. This error results when neither record can be found.
550 – [Account not available]	This error results when a message is sent to a Comcast account that is currently not available.
552 – [Message size exceeded]	Comcast allows messages of 15MB or smaller. This error results when that limit is exceeded.
554 – [PTR lookup failure]	Comcast requires all sending mail server IP addresses have a valid PTR record set up. This error results when the lookup failed. NXDOMAIN response. One of the authoritative servers for the relevant section of the in-addr.arpa DNS tree is saying that there is no PTR record for the given IP address.

AOL – YAHOO SMTP Error Codes

An SMTP error, or Delivery Status Notification (DSN), indicates that an email could not be delivered, either due to a temporary or permanent problem. You can review our list of SMTP error messages below for details about each error.

What are 4xx (421 and 451) temporary errors?

A 421 or 451 SMTP error indicates a temporary problem blocking the delivery of your message. Message delivery can be delayed for multiple reasons including :
- We’ve observed unusual traffic patterns from your sending server’s IP address.
- The message you attempted to send included characteristics of spam.
- Emails from your mail server have been generating complaints from Verizon Media users.
- The Verizon Media mail servers are busy when attempting a connection.
- Other suspicious behavior which leads Verizon Media to enforce a dynamic deprioritization for your sender’s server.
Review our Sender Best Practices to learn how you can help your emails reach Verizon Media.
If you’re not the administrator of the mail server in question, we suggest you contact the administrator directly to discuss the error message you’re receiving.
If you encounter 4XX errors when trying to send an email to Verizon Media, you may retry sending at a later time.

What are 5xx (553 and 554) permanent errors?

A 553 or 554 SMTP error indicates an email could not be delivered due to a permanent problem. Message delivery can be permanently deferred because :
- Spamhaus has your domain or IP address listed on a Block List.
- You’re trying to send a message to an invalid email address.
- Your message failed authentication checks against your sending domain’s DMARC or DKIM policy.
- The message contains characteristics that Verizon Media won’t accept for policy reasons.
- Other suspicious behavior which leads Verizon Media to issue a permanent rejection for your SMTP connection.
If you consistently receive 5xx errors when sending to Verizon Media, we encourage you to review our Sender Best Practices, since 5xx errors can be a symptom of a more widespread, general problem.
You should not retry sending an email that comes back with with a 5xx error. List managers should have a policy for removing email addresses that generate 5xx errors/bounces.

Excessive user complaints

These errors indicate emails from your mail server are generating an excessive amount of complaints from Verizon Media users. We suggest you consider the following :
- Monitor your sender reputation – Even if you have a good reputation, users can vote your email as spam and affect your overall reputation.
- If you’re an administrator of message content and mailing policy and you’ve deployed significant changes or you’ve received this error for more than 48 hours, we ask that you review your outgoing messages for objectionable content or practices.
- Using a shared IP address – Mail traffic from other domains could be negatively affecting your IP sending reputation. If applicable, contact your host provider to request using dedicated IP addresses to send your mail to resolve this problem.
We recommend you review our Sender Best Practices to ensure you’re following proper opt-in methods of user subscriptions.

Excessive unsolicited messages

Excessively high volume of emails from a single IP address is a characteristic of unsolicited, bulk emailing. Don’t resend the email until you review our Sender Best Practices and make any necessary changes.
You may have setup the IP you are using to send email very recently and did not increase the email traffic slowly.
Check your subscription practices and lists to ensure that messages are sent only to users who’ve requested it.
If you’re an administrator for message content or mailing policy and you’ve made significant changes, or you’ve received this error for more than 48 hours, we ask that you review your outgoing emails for objectionable content or practices.

Excessive unknown recipients

Your mail server is sending to a large number of invalid recipients and may be configured as an “open relay” or “open proxy”.
Open proxies and open relays are a very common source of spam and Verizon Media doesn’t accept email from them.
We encourage you to follow our Sender Best Practices and make appropriate changes to secure your servers.
Review your mailing lists and remove any addresses that generate bounces.
Examine your outbound queues for potentially objectionable content to ensure that spammers aren’t abusing your mail server.

Authentication failures

Your email failed one or more authentication checks that Verizon Media uses to verify emails are truly sent from the domains they claim to originate from.
Verizon Media rejects emails for failing DKIM authentication when all of following conditions apply :
- The signing domain publishes a policy which states that all emails from the domain must be signed and authenticated with DKIM to prevent forgery.
- The signing domain is identified in the “d=” tag of the DKIM signature.
- The rejected email couldn’t be authenticated against the sending domain’s policy, for example, due to a missing or bad signature.
If you’re not the system administrator for the mail servers affected, we encourage you to contact the administrator, so they can look into the situation further.
For mailing lists, also known as “listservs,” you should change your sending behavior by adding the mailing lists’ address to the “From:” line, rather than the sender’s address. Also, enter the actual user/sender address into the “Reply-To:” line.
It’s a good idea to review our guide to Sender Best Practices and make appropriate changes.

Content based blocks

These error messages indicates that your email wasn’t accepted because there is something in the content that Verizon Media won’t accept for policy reasons.
Objectionable content that Verizon Media deems unacceptable includes :
- Viruses
- Phishing attempts
- Ransomeware
- Other malicious software
- Links or URLs to any of the above
Examine your outbound queues for potentially objectionable content to ensure that spammers aren’t abusing your mail server.
Follow our Sender Best Practices and make appropriate changes to secure your servers.

Recipient does not exist

The Verizon Media account that you’re trying to send to does not exist. We recommend that you contact the recipient directly to confirm their correct email address.
You should not retry delivery of the message. It will never complete successfully.
You should remove the email address from your mailing list.

Message temporarily deferred

This is a temporary error and your mail server may automatically re-try sending the email at a later time. Your message may have been deferred due to one or more of the following :
- Emails from your mail server are generating substantial complaints from Verizon Media users.
- The message contained objectionable content or exhibited characteristics indicative of spam.
- The IP (x.x.x.x or its subnet, i.e., .255 ) has a poor reputation.
- We are seeing unusual traffic patterns from your mail servers.
We ask that you follow our Sender Best Practices and review your outgoing messages for potentially objectionable content.
If your mail server does not primarily send bulk mailings (e.g., you run a personal, corporate, educational, or ISP mail server), examine your outbound queues to ensure that spammers aren’t abusing your mail server.
If you’re seeing the same error consistently over an extended period of time, we encourage you to submit a Sender Support Request with specific details of the error and diagnostic codes you see in your logs.

Resources temporarily unavailable

This error indicates that the Verizon Media mail servers were busy and temporarily unable to process your transaction at the time of connection.
Such issues are generally brief, and normal connectivity is usually restored after a short period of time.

Sample Email Failed Delivery message

When you get mail from a “MAILER-DAEMON” or a “Mail Delivery Subsystem” with a subject similar to “Failed Delivery,” this means that a message you sent was undeliverable and has been bounced back to you.
These messages are produced automatically and usually include a reason for the delivery failure.
Failed or “bounced” messages normally consist of two parts:
- The reason for the bounce
- Your original message
Failure notice example:

Define if SOFT or HARD bounces

Bounce code	Bounce type	Description
5.0.0	Hard	Address does not exist
5.1.0	Hard	Other address status
5.1.1	Hard	Bad destination mailbox address
5.1.2	Hard	Bad destination system address
5.1.3	Hard	Bad destination mailbox address syntax
5.1.4	Hard	Destination mailbox address ambiguous
5.1.5	Hard	Destination mailbox address valid
5.1.6	Hard	Mailbox has moved
5.1.7	Hard	Bad sender\’s mailbox address syntax
5.1.8	Hard	Bad sender’s system address
5.2.0	Soft	Other or undefined mailbox status
5.2.1	Soft	Mailbox disabled, not accepting messages
5.2.2	Soft	Mailbox full
5.2.3	Hard	Message length exceeds administrative limit.
5.2.4	Hard	Mailing list expansion problem
5.3.0	Hard	Other or undefined mail system status
5.3.1	Soft	Mail system full
5.3.2	Hard	System not accepting network messages
5.3.3	Hard	System not capable of selected features
5.3.4	Hard	Message too big for system
5.4.0	Hard	Other or undefined network or routing status
5.4.1	Hard	No answer from host
5.4.2	Hard	Bad connection
5.4.3	Hard	Routing server failure
5.4.4	Hard	Unable to route
5.4.5	Soft	Network congestion
5.4.6	Hard	Routing loop detected
5.4.7	Hard	Delivery time expired
5.5.0	Hard	Other or undefined protocol status
5.5.1	Hard	Invalid command
5.5.2	Hard	Syntax error
5.5.3	Soft	Too many recipients
5.5.4	Hard	Invalid command arguments
5.5.5	Hard	Wrong protocol version
5.6.0	Hard	Other or undefined media error
5.6.1	Hard	Media not supported
5.6.2	Hard	Conversion required and prohibited
5.6.3	Hard	Conversion required but not supported
5.6.4	Hard	Conversion with loss performed
5.6.5	Hard	Conversion failed
5.7.0	Hard	Other or undefined security status
5.7.1	Hard	Delivery not authorized, message refused
5.7.2	Hard	Mailing list expansion prohibited
5.7.3	Hard	Security conversion required but not possible
5.7.4	Hard	Security features not supported
5.7.5	Hard	Cryptographic failure
5.7.6	Hard	Cryptographic algorithm not supported
5.7.7	Hard	Message integrity failure
9.1.1	Hard	Hard bounce with no bounce code found. It could be an invalid email or rejected email from your mail server (such as from a sending limit).

Traditional SMTP status codes

The table below is not a definitive list of all available status codes, only a representation of the most frequent ones.

Status Code Group	Group Name	Description
1xx	Informational	Request received, continuing process
2xx	Success	The action was successfully received, understood, and accepted
3xx	Redirection	Further action must be taken in order to complete the request
4xx	Client Error	The request contains bad syntax or cannot be fulfilled
5xx	Server Error	The server failed to fulfil an apparently valid request

Code	Description
421	domain service not available, closing transmission channel
450	Requested mail action not taken: mailbox unavailable (e.g., mailbox busy)
451	Requested action aborted: error in processing
452	Requested action not taken: insufficient system storage
500	The server could not recognize the command due to a syntax error
501	A syntax error was encountered in command arguments
502	This command is not implemented
503	The server has encountered a bad sequence of commands
504	A command parameter is not implemented
550	User’s mailbox was unavailable (“not found”)
551	The recipient is not local to the server
552	The action was aborted due to exceeded storage allocation
553	The command was aborted because the mailbox name is invalid
554	The transaction failed for some unstated reason

Exchange NDR Code List

Listed NDR (Nondeliverable returns) emails and codes. Overlapping with the codes above.

Status code	Description
4.2.2	The recipient has exceeded their mailbox limit
4.3.1	Insufficient system resources
4.3.2	System not accepting network messages
4.4.1	Connection timed out
4.4.2	Connection dropped
4.4.6	Too many hops
4.4.7	Message expired
4.4.9	DNS Problem – check your connector
4.6.5	Multi-language situation
5.0.0	HELO / EHLO requires domain address
5.1.x	Exchange NDR problems with email address
5.1.0	Sender denied / Message categorizer failures
5.1.1	Bad destination mailbox address
5.1.2	Invalid X.400 address
5.1.3	Invalid recipient address
5.1.4	Destination mailbox address ambiguous
5.1.7	Invalid address
5.1.8	Something the matter with sender’s address
5.2.x	NDR caused by the size of the email
5.2.1	Mailbox cannot be accessed
5.2.2	Mailbox full
5.2.3	Message too large
5.2.4	Mailing list expansion problem
5.3.0	Problem with MTA / Store driver
5.3.1	Mail system full
5.3.2	System not accepting network messages
5.3.3	Unrecognized command
5.3.4	Message too big for system
5.3.5	System incorrectly configured
5.4.0	DNS Problem. Check the Smart host and DNS
5.4.1	No answer from host
5.4.2	Bad connection
5.4.3	Routing server failure. No available route
5.4.4	Invalid arguments
5.4.6	Routing loop detected
5.4.7	Delivery time-out. Message is taking too long to be delivered
5.4.8	Microsoft advise, check your recipient policy
5.5.0	Underlying SMTP 500 error
5.5.1	Invalid command
5.5.2	Send hello first
5.5.3	Too many recipients
5.5.4	Invalid domain name
5.5.5	Wrong protocol version
5.5.6	Invalid message content
5.6.0	Corrupt message content. Try sending without attachment
5.6.1	Media not supported
5.6.3	More than 250 attachments
5.7.1	Delivery not authorized
5.7.1	Unable to relay
5.7.1	Client was not authenticated
5.7.2	Distribution list cannot expand and so is unable to deliver its messages
5.7.3	Not Authorized
5.7.4	Extra security features not supported. Check delivery server settings
5.7.5	Cryptographic failure
5.7.6	Certificate problem, encryption level may be to high
5.7.7	Message integrity problem

AWS PostgreSQL RDS

Intro

The World’s Most Advanced Open Source Relational Database

PostgreSQL is winning this title for the second year in a row. First released in 1989, PostgreSQL turns 30 this year and is at the peak of its popularity, showing no signs of ageing with a very active community. It’s the fastest growing DBMS last three years.

Everyone wants a fast database, I think that is what everybody can agree upon. The question is: fast in what respect?
In terms of databases, there are at least different directions of fast:

number of transactions per second
throughput or amount of data processed

These are interrelated but definitely not the same.
And both have completely different requirements in terms of IO. In general, you want to avoid IO at all cost. This is because IO is always slow in comparison to access to data in memory, CPU-caches of different levels or even CPU registers. As a rule of thumb, every layer slows down access by about 1:1000.
For a system with high demand for a large number of transactions per second, you need as many concurrent IOs as you can get, for a system with high throughput you need an IO subsystem which can deliver as many bytes per seconds as possible.

That leads to the requirement to have as much data as possible near to the CPU, e.g. in RAM. At least the working set should fit, which is the set of data that is needed to give answers in an acceptable amount of time.

Each database engine has a specific memory layout and handles different memory areas for different purposes.

To recap: we need to avoid IO and we need to size the memory layout so that the database is able to work efficiently (and I assume that all other tasks in terms of proper schema design are done).

Here are the critical parameters

max_connections
This is what you think: the maximum number of current connections. If you reach the limit you will not be able to connect to the server anymore. Every connection occupies resources, the number should not be set too high. If you have long run sessions, you probably need to use a higher number as if the sessions are mostly short-lived. Keep aligned with configuration for connection pooling.
max_prepared_transactions
When you use prepared transactions you should set this parameter at least equal to the amount of max_connections, so that every connection can have at least one prepared transaction. You should consult the documentation for your prefered ORM to see if there are special hints on this.
shared_buffers
This is the main memory configuration parameter, PostgreSQL uses that for memory buffers. As a rule of thumb, you should set this parameter to 25% of the physical RAM. The operating system itself caches as much data to and from disk, so increasing this value over a certain amount will give you no benefit.
effective_cache_size
The available OS memory should equal shared_buffers + effective_cache_size. So when you have 16 GB RAM and you set shared_buffers to 25% thereof (4 GB) then effective_cache_size should be set to 12 GB.
maintenance_work_mem
The amount of this memory setting is used for maintenance tasks like VACUUM or CREATE INDEX. A good first estimate is 25% of shared_buffers.
wal_buffers
This translates roughly to the amount of uncommitted or dirty data inside the caches. If you set this to -1, then PostgreSQL takes 1/32 of shared_buffers for this. In other words: when you do so and you have shared_buffers = 32 GB, then you might have up to 1G of unwritten data to the WAL (=transaction) log.
work_mem
All complex sorts benefit from this, so it should not be too low. Setting it too high can have a negative impact: a query with 4 tables in a merge join occupies 4xwork_mem. You could start with ~ 1% of shared_buffers or at least 8 MB. For a data warehouse, I’d suggest starting with much larger values.
max_worker_processes
Set this to the number of CPUs you want to share for PostgreSQL exclusively. This is the number of background processes the database engine can use.
max_parallel_workers_per_gather
The maximum workers a Gather or GatherMerge node can use (see documentation about details), should be set equal to max_worker_processes.
max_parallel_workers
Maximum parallel worker processes for parallel queries. Same as for max_worker_processes.

The following settings have direct impact on the query optimizer, which tries its best to find the right strategy to answer a query as fast as possible.

effective_io_concurrency
The number of real concurrent IO operations supported by the IO subsystem. As a starting point: with plain HDD try 2, with SSDs go for 200 and if you have a potent SAN you can start with 300.
random_page_cost
This factor basically tells the PostgreSQL query planner how much more (or less) expensive it is to access a random page than to do sequential access.
In times of SSDs or potent SANs this does not seem so relevant, but it was in times of traditional hard disk drives. For SSDs an SANs, start with 1.1, for plain old disks set it to 4.
min_ and max_wal_size
These settings set size boundaries on the transaction log of PostgreSQL. Basically this is the amount of data that can be written until a checkpoint is issued which in turn syncs the in-memory data with the on-disk data.

User cases

8 GB RAM, 4 virtual CPU cores, SSD storage, Data Warehouse:

large sequential IOs, due to ETL processes
large result sets
complex joins with many tables
many long lasting connections

So let’s look at some example configuration:

max_connections = 100
shared_buffers = 2GB
effective_cache_size = 6GB
maintenance_work_mem = 1GB
wal_buffers = 16MB
random_page_cost = 1.1
effective_io_concurrency = 200
work_mem = 64MB
min_wal_size = 4GB
max_wal_size = 8GB
max_worker_processes = 4
max_parallel_workers_per_gather = 2
max_parallel_workers = 4

2 GB RAM, 2 virtual CPU, SAN-like storage, a blog-engine like WordPress

few connection
simple queries
tiny result sets
low transaction frequency

max_connections = 20
shared_buffers = 512MB
effective_cache_size = 1536MB
maintenance_work_mem = 128MB
wal_buffers = 16MB
random_page_cost = 1.1
effective_io_concurrency = 300
work_mem = 26214kB
min_wal_size = 16MB
max_wal_size = 64MB
max_worker_processes = 2
max_parallel_workers_per_gather = 1
max_parallel_workers = 2

Rasperry Pi, 4 arm cores, SD-card storage, some self-written Python thingy

max_connections = 10
shared_buffers = 128MB
effective_cache_size = 384MB
maintenance_work_mem = 32MB
wal_buffers = 3932kB
random_page_cost = 10 # really slow IO, really slow
effective_io_concurrency = 1
work_mem = 3276kB
max_worker_processes = 4
max_parallel_workers_per_gather = 2
max_parallel_workers = 4

More details

Football

Premier League ENGLAND 2018/2019

September 2018

https://api.media.atlassian.com/file/0d1634d8-5dc6-4e9c-9c17-2a8bf7759ff1/image?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkNDdlODRhOC1jMmRiLTRkY2ItYTc4My00ZjQ3OTU5NDQ5ZmQiLCJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOjBkMTYzNGQ4LTVkYzYtNGU5Yy05YzE3LTJhOGJmNzc1OWZmMSI6WyJyZWFkIl19LCJleHAiOjE1NjYyOTUxMjAsIm5iZiI6MTU2NjI5MjA2MH0.fcroZePWmVm4AuHMYhK4s33YasHi1yvNa5W9an2UrXo&client=d47e84a8-c2db-4dcb-a783-4f47959449fd&name=image2018-12-18_9-31-53.png&max-age=2940&width=598&height=669

December 2018 – before Christmas

https://api.media.atlassian.com/file/bf3931b2-1b93-4af5-ab2c-45e6137535bb/image?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkNDdlODRhOC1jMmRiLTRkY2ItYTc4My00ZjQ3OTU5NDQ5ZmQiLCJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOmJmMzkzMWIyLTFiOTMtNGFmNS1hYjJjLTQ1ZTYxMzc1MzViYiI6WyJyZWFkIl19LCJleHAiOjE1NjYyOTUxMjAsIm5iZiI6MTU2NjI5MjA2MH0.uhBHQuk1NWrBEnbKzDZDFe68AU-ll8NXjRtLM0p4edE&client=d47e84a8-c2db-4dcb-a783-4f47959449fd&name=image2018-12-18_9-33-13.png&max-age=2940&width=568&height=616

Mid-January 2019

https://api.media.atlassian.com/file/c2733f79-de5c-4c56-9b6e-2b7b4822593b/image?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkNDdlODRhOC1jMmRiLTRkY2ItYTc4My00ZjQ3OTU5NDQ5ZmQiLCJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOmMyNzMzZjc5LWRlNWMtNGM1Ni05YjZlLTJiN2I0ODIyNTkzYiI6WyJyZWFkIl19LCJleHAiOjE1NjYyOTUxMjAsIm5iZiI6MTU2NjI5MjA2MH0.Pkgjpc7Wkp-DI3EWHF4Hug6hn9YM3J-Bj9VBLUCgFKs&client=d47e84a8-c2db-4dcb-a783-4f47959449fd&name=image2019-1-16_11-20-14.png&max-age=2940&width=558&height=620

End-feb 2019 (27th feb, 20C)

https://api.media.atlassian.com/file/5bbf7bd1-b0cd-4b29-bfec-5009b17e5ff0/binary?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkNDdlODRhOC1jMmRiLTRkY2ItYTc4My00ZjQ3OTU5NDQ5ZmQiLCJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOjViYmY3YmQxLWIwY2QtNGIyOS1iZmVjLTUwMDliMTdlNWZmMCI6WyJyZWFkIl19LCJleHAiOjE1NjYzNzUwNDAsIm5iZiI6MTU2NjI5MjA2MH0.Mdu7NoIi6wiPFGpHqUumubAGc7wN9bIiYgrDlht0wRk&client=d47e84a8-c2db-4dcb-a783-4f47959449fd&name=image2019-2-27_17-34-18.png&max-age=2940&width=566&height=576

Start of April 2019

https://api.media.atlassian.com/file/19700f96-16f3-477f-8872-fad63df3382e/image?token=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJkNDdlODRhOC1jMmRiLTRkY2ItYTc4My00ZjQ3OTU5NDQ5ZmQiLCJhY2Nlc3MiOnsidXJuOmZpbGVzdG9yZTpmaWxlOjE5NzAwZjk2LTE2ZjMtNDc3Zi04ODcyLWZhZDYzZGYzMzgyZSI6WyJyZWFkIl19LCJleHAiOjE1NjYyOTUxMjAsIm5iZiI6MTU2NjI5MjA2MH0.vss5-5eGXenSme79jF8WYAsNJm_9jaUXD8l9PhbTz48&client=d47e84a8-c2db-4dcb-a783-4f47959449fd&name=image2019-4-8_15-48-37.png&max-age=2940&width=455&height=613

May, 7th 2019

Premier League ENGLAND 2019/2020

Windows Controls via CMD

Windows RUN Shortcuts

Type of Command	Canonical Name	Command	Keyword	OS
Control Panel Applet,	Accessibility Options	control access.cpl	cpl	XP
Control Panel Applet	Action Center	control /name Microsoft.ActionCenter	cpl	8, 7
Control Panel Apple	Recent Messages	control wscui.cpl	cpl	8, 7
Control Panel Applet	Add Features to Windows 8	control /name Microsoft.WindowsAnytimeUpgrade	cpl	Win8
Control Panel Applet	Add Hardware	control /name Microsoft.AddHardware	cpl	Vista
Control Panel Applet	Device Manager (W10)	control hdwwiz.cpl	cpl	XP
Control Panel Applet	Add or Remove Programs	control appwiz.cpl	cpl	XP
Control Panel Applet	Administrative Tools	control /name Microsoft.AdministrativeTools	cpl	10, 8, 7, Vista
Control Panel Applet	Administrative Tools	control admintools	cpl	10, 8, 7, Vista, XP
Control Panel Applet	Automatic Updates	control wuaucpl.cpl	cpl	XP
Control Panel Applet	AutoPlay	control /name Microsoft.AutoPlay	cpl	8, 7, Vista
Control Panel Applet	Backup and Restore Center	control /name Microsoft.BackupAndRestoreCenter	cpl	Vista
Control Panel Applet	Backup and Restore	control /name Microsoft.BackupAndRestore	cpl	7
Control Panel Applet	Biometric Devices	control /name Microsoft.BiometricDevices	cpl	8, 7
Control Panel Applet	BitLocker Drive Encryption	control /name Microsoft.BitLockerDriveEncryption	cpl	8, 7, Vista
Control Panel Applet	Bluetooth Devices	control bthprops.cpl 13	cpl	8, 7, Vista
Control Panel Applet	Bluetooth Devices	control /name Microsoft.BluetoothDevices	cpl	Vista
Control Panel Applet	Color Management	control /name Microsoft.ColorManagement	cpl	8, 7, Vista
Control Panel Applet	Color 1	WinColor.exe 2	cpl	XP
Control Panel Applet	Credential Manager	control /name Microsoft.CredentialManager	cpl	8, 7
Control Panel Applet	Client Service for NetWare	control nwc.cpl	cpl	XP
Control Panel Applet	Date and Time	control /name Microsoft.DateAndTime	cpl	8, 7, Vista
Control Panel Applet	Date and Time	control timedate.cpl	cpl	8, 7, Vista
Control Panel Applet	Date and Time	control date/time	cpl	8, 7, Vista, XP
Control Panel Applet	Default Location	control /name Microsoft.DefaultLocation	cpl	Win7
Control Panel Applet	Default Programs	control /name Microsoft.DefaultPrograms	cpl	8, 7, Vista
Control Panel Applet	Desktop Gadgets	control /name Microsoft.DesktopGadgets	cpl	Win7
Control Panel Applet	Device Manager	control /name Microsoft.DeviceManager	cpl	8, 7, Vista
Control Panel Applet	Device Manager	control hdwwiz.cpl	cpl	8, 7, Vista
Control Panel Applet	Device Manager	devmgmt.msc	msc	8, 7, Vista, XP
Control Panel Applet	Devices and Printers	control /name Microsoft.DevicesAndPrinters	cpl	8, 7
Control Panel Applet	Devices and Printers	control printers	cpl	8, 7
Control Panel Applet	Display	control /name Microsoft.Display	cpl	8, 7
Control Panel Applet	Display	control desk.cpl	cpl	10, XP
Control Panel Applet	Setting Background	control desktop	cpl	10, XP
Control Panel Applet	Ease of Access Center	control /name Microsoft.EaseOfAccessCenter	cpl	10, 8, 7, Vista
Control Panel Applet	Ease of Access Center	control access.cpl	cpl	10, 8, 7, Vista
Control Panel Applet	Family Safety	control /name Microsoft.ParentalControls	cpl	Win8
Control Panel Applet	File History	control /name Microsoft.FileHistory	cpl	Win8
Control Panel Applet	Flash Player Settings Manager	control flashplayercplapp.cpl	cpl	Win8
Control Panel Applet	Folder Options	control /name Microsoft.FolderOptions	cpl	8, 7, Vista
Control Panel Applet	File Explorer Options	control folders	cpl	8, 7, Vista, XP
Control Panel Applet	Fonts	control /name Microsoft.Fonts	cpl	8, 7, Vista
Control Panel Applet	Fonts	control fonts	cpl	8, 7, Vista, XP
Control Panel Applet	Game Controllers	control /name Microsoft.GameControllers	cpl	8, 7, Vista
Control Panel Applet	Game Controller	control joy.cpl	cpl	10, 8, 7, Vista, XP
Control Panel Applet	Get Programs	control /name Microsoft.GetPrograms	cpl	8, 7, Vista
Control Panel Applet	Getting Started	control /name Microsoft.GettingStarted	cpl	Win7
Control Panel Applet	Home Group	control /name Microsoft.HomeGroup	cpl	8, 7
Control Panel Applet	Indexing Options	control /name Microsoft.IndexingOptions	cpl	8, 7, Vista
Control Panel Applet	Indexing options (W10)	rundll32.exe shell32.dll,Control_RunDLL srchadmin.dll	cpl	8, 7, Vista, XP
Control Panel Applet	Infrared	control /name Microsoft.Infrared	cpl	10, 8, 7
Control Panel Applet	Infrared	control irprops.cpl	cpl	8, 7, Vista
Control Panel Applet	Infrared	control /name Microsoft.InfraredOptions	cpl	Vista
Control Panel Applet	Internet Options	control /name Microsoft.InternetOptions	cpl	8, 7, Vista
Control Panel Applet	Internet Options	control inetcpl.cpl	cpl	8, 7, Vista, XP
Control Panel Applet	iSCSI Initiator	control /name Microsoft.iSCSIInitiator	cpl	8, 7, Vista
Control Panel Applet	Keyboard	control /name Microsoft.Keyboard	cpl	10, 8, 7, Vista
Control Panel Applet	Keyboard	control keyboard	cpl	10, 8, 7, Vista, XP
Control Panel Applet	Language	control /name Microsoft.Language	cpl	10, 8
Control Panel Applet	Location and Other Sensors	control /name Microsoft.LocationAndOtherSensors	cpl	10, 7
Control Panel Applet	Location Settings	control /name Microsoft.LocationSettings	cpl	Win8
Control Panel Applet	Mail 4	control mlcfg32.cpl 5	cpl	8, 7, Vista, XP
Control Panel Applet	Mouse	control /name Microsoft.Mouse	cpl	8, 7, Vista
Control Panel Applet	Mouse	control main.cpl	cpl	8, 7, Vista
Control Panel Applet	Mouse	control mouse	cpl	8, 7, Vista, XP
Control Panel Applet	Network and Sharing Center	control /name Microsoft.NetworkAndSharingCenter	cpl	8, 7, Vista
Control Panel Applet	Network Connections	control ncpa.cpl	cpl	8, 7, Vista
Control Panel Applet	Network Connections	control netconnections	cpl	8, 7, Vista, XP
Control Panel Applet	Network Setup Wizard	control netsetup.cpl	cpl	8, 7, Vista, XP
Control Panel Applet	Notification Area Icons	control /name Microsoft.NotificationAreaIcons	cpl	8, 7
Control Panel Applet	ODBC Data Source Administrator	control odbccp32.cpl	cpl	XP
Control Panel Applet	Offline Files	control /name Microsoft.OfflineFiles	cpl	8, 7, Vista
Control Panel Applet	Parental Controls	control /name Microsoft.ParentalControls	cpl	7, Vista
Control Panel Applet	Pen and Input Devices	control /name Microsoft.PenAndInputDevices	cpl	Vista
Control Panel Applet	Pen and Input Devices	control tabletpc.cpl	cpl	Vista
Control Panel Applet	Pen and Touch	control /name Microsoft.PenAndTouch	cpl	8, 7
Control Panel Applet	Pen and Touch	control tabletpc.cpl	cpl	8, 7
Control Panel Applet	People Near Me	control /name Microsoft.PeopleNearMe	cpl	7, Vista
Control Panel Applet	People Near Me	control collab.cpl	cpl	7, Vista
Control Panel Applet	Performance Information and Tools	control /name Microsoft.PerformanceInformationAndTools	cpl	8, 7, Vista
Control Panel Applet	Personalization	control /name Microsoft.Personalization	cpl	8, 7, Vista
Control Panel Applet	Personalization	control desktop	cpl	8, 7, Vista
Control Panel Applet	Phone and Modem Options	control /name Microsoft.PhoneAndModemOptions	cpl	Vista
Control Panel Applet	Phone and Modem Options	control telephon.cpl	cpl	Vista, XP
Control Panel Applet	Phone and Modem	control /name Microsoft.PhoneAndModem	cpl	8, 7
Control Panel Applet	Phone and Modem	control telephon.cpl	cpl	8, 7
Control Panel Applet	Power Options	control /name Microsoft.PowerOptions	cpl	8, 7, Vista
Control Panel Applet	Power Options	control powercfg.cpl	cpl	8, 7, Vista, XP
Control Panel Applet	Printers and Faxes	control printers	cpl	XP
Control Panel Applet	Printers	control /name Microsoft.Printers	cpl	Vista
Control Panel Applet	Printers	control printers	cpl	Vista
Control Panel Applet	Problem Reports and Solutions	control /name Microsoft.ProblemReportsAndSolutions	cpl	Vista
Control Panel Applet	Programs and Features	control /name Microsoft.ProgramsAndFeatures	cpl	8, 7, Vista
Control Panel Applet	Programs and Features	control appwiz.cpl	cpl	8, 7, Vista
Control Panel Applet	Recovery	control /name Microsoft.Recovery	cpl	8, 7
Control Panel Applet	Region	control /name Microsoft.RegionAndLanguage	cpl	Win8
Control Panel Applet	Region	control intl.cpl	cpl	Win8
Control Panel Applet	Region	control international	cpl	Win8
Control Panel Applet	Region and Language	control /name Microsoft.RegionAndLanguage	cpl	Win7
Control Panel Applet	Region and Language	control intl.cpl	cpl	Win7
Control Panel Applet	Region and Language	control international	cpl	Win7
Control Panel Applet	Regional and Language Options	control /name Microsoft.RegionalAndLanguageOptions	cpl	Vista
Control Panel Applet	Regional and Language Options	control intl.cpl	cpl	Vista
Control Panel Applet	Regional and Language Options	control international	cpl	Vista, XP
Control Panel Applet	RemoteApp and Desktop Connections	control /name Microsoft.RemoteAppAndDesktopConnections	cpl	8, 7
Control Panel Applet	Scanners and Cameras	control /name Microsoft.ScannersAndCameras	cpl	8, 7, Vista
Control Panel Applet	Scanners and Cameras	control sticpl.cpl	cpl	XP
Control Panel Applet	Scheduled Tasks	control schedtasks	cpl	XP
Control Panel Applet	Screen Resolution	control desk.cpl	cpl	8, 7
Control Panel Applet	Security Center	control /name Microsoft.SecurityCenter	cpl	Vista
Control Panel Applet	Security Center	control wscui.cpl	cpl	XP
Control Panel Applet	Software Explorers 8	msascui.exe 9	cpl	XP
Control Panel Applet	Sound	control /name Microsoft.Sound	cpl	8, 7
Control Panel Applet	Sound	control /name Microsoft.AudioDevicesAndSoundThemes	cpl	Vista
Control Panel Applet	Sound	control mmsys.cpl	cpl	8, 7, Vista
Control Panel Applet	Sounds and Audio Devices	control mmsys.cpl	cpl	XP
Control Panel Applet	Speech Recognition Options	control /name Microsoft.SpeechRecognitionOptions	cpl	Vista
Control Panel Applet	Speech Recognition	control /name Microsoft.SpeechRecognition	cpl	8, 7
Control Panel Applet	Speech	control sapi.cpl 10	cpl	XP
Control Panel Applet	Storage Spaces	control /name Microsoft.StorageSpaces	cpl	Win8
Control Panel Applet	Sync Center	control /name Microsoft.SyncCenter	cpl	8, 7, Vista
Control Panel Applet	System	control /name Microsoft.System	cpl	8, 7, Vista
Control Panel Applet	System Properties	control sysdm.cpl	cpl	7, XP
Control Panel Applet	System Properties	control sysdm.cpl	cpl	8, 7, Vista
Control Panel Applet	Tablet PC Settings	control /name Microsoft.TabletPCSettings	cpl	8, 7, Vista
Control Panel Applet	Task Scheduler 7	control schedtasks	cpl	8, 7, Vista
Control Panel Applet	Taskbar	control /name Microsoft.Taskbar	cpl	10, 8
Control Panel Applet	Taskbar	rundll32.exe shell32.dll,Options_RunDLL 1	cpl	Win8
Control Panel Applet	Taskbar and Start Menu	control /name Microsoft.TaskbarAndStartMenu	cpl	7, Vista
Control Panel Applet	Taskbar and Start Menu	rundll32.exe shell32.dll,Options_RunDLL 1	cpl	7, Vista, XP
Control Panel Applet	Text to Speech	control /name Microsoft.TextToSpeech	cpl	8, 7, Vista
Control Panel Applet	Troubleshooting	control /name Microsoft.Troubleshooting	cpl	8, 7
Control Panel Applet	User Accounts	control /name Microsoft.UserAccounts	cpl	8, 7, Vista
Control Panel Applet	User Accounts	control userpasswords control userpasswords2	cpl	8, 7, Vista, XP
Control Panel Applet	Welcome Center	control /name Microsoft.WelcomeCenter	cpl	Vista
Control Panel Applet	Windows 7 File Recovery	control /name Microsoft.BackupAndRestore	cpl	Win8
Control Panel Applet	Windows Anytime Upgrade	control /name Microsoft.WindowsAnytimeUpgrade	cpl	7, Vista
Control Panel Applet	Windows CardSpace	control /name Microsoft.CardSpace	cpl	7, Vista
Control Panel Applet	Windows CardSpace	control infocardcpl.cpl	cpl	7, Vista
Control Panel Applet	Windows Defender	control /name Microsoft.WindowsDefender	cpl	8, 7, Vista
Control Panel Applet	Windows Firewall	control /name Microsoft.WindowsFirewall	cpl	8, 7, Vista
Control Panel Applet	Windows Firewall	control firewall.cpl	cpl	10, 8, 7, Vista, XP
Control Panel Applet	Windows Marketplace	control /name Microsoft.GetProgramsOnline	cpl	Vista only
Control Panel Applet	Windows Mobility Center	control /name Microsoft.MobilityCenter	cpl	10, 8, 7, Vista
Control Panel Applet	Windows Sidebar Properties	control /name Microsoft.WindowsSidebarProperties	cpl	Vista only
Control Panel Applet	Windows SideShow	control /name Microsoft.WindowsSideShow	cpl	8,7, Vista only
Control Panel Applet	Windows Update	control /name Microsoft.WindowsUpdate	cpl	10, 8, 7, Vista
Control Panel Applet	Wireless Link, Infrared	control irprops.cpl	cpl	10, XP
Executable	Accessibility Options	utilman	exe	Win7, 8, 10
Executable	Add Hardware Wizard	hdwwiz	exe	Win7, 8, 10
Control Panel Applet	(Add New Programs)	control appwiz.cpl,,1	cpl	Win7, 8, 10
Control Panel Applet	(Add Remove Windows Components)	control appwiz.cpl,,2	cpl	Win7, 8, 10
Control Panel Applet	(Set Program Access & Defaults )	control appwiz.cpl,,3	cpl	Win7, 8, 10
Executable	Advanced User Accounts Control Panel	netplwiz	exe	Win7, 8, 10
Management console	Authorization Manager	azman.msc	msc	Win7, 8, 10
Executable	Automatic Update	control wuaucpl.cpl	exe	Win7, 8, 10
Executable	Backup and Restore Utility	sdclt	exe	Win7, 8, 10
Executable	Bluetooth Transfer Wizard	fsquirt	exe	Win7, 8, 10
Executable	Calculator	calc	exe	Win7, 8, 10
Management console	Certificate Manager	certmgr.msc	msc	Win7, 8, 10
Executable	Character Map	charmap	exe	Win7, 8, 10
Executable	Check Disk Utility	chkdsk	exe	Win7, 8, 10
Executable	Clear Type (tune or turn off)	cttune	exe	Win7, 8, 10
Executable	Color Management	colorcpl	exe	Win7, 8, 10
Executable	Command Prompt	cmd	exe	Win7, 8, 10
Executable	Component Services	dcomcnfg	exe	Win7, 8, 10
Management console	Component Services	comexp.msc	msc	Win7, 8, 10
Executable	Computer Management	CompMgmtLauncher.exe	exe	Win7, 8, 10
Management console	Computer Management	compmgmt.msc	msc	Win7, 8, 10
Executable	Control Panel	control	exe	Win7, 8, 10
Executable	Credential (passwords) Backup and Restore Wizard	credwiz	exe	Win7, 8, 10
Executable	Data Execution Prevention	SystemPropertiesDataExecutionPrevention	exe	Win7, 8, 10
Executable	Date and Time Properties	timedate.cpl	exe	Win7, 8, 10
Executable	Device Pairing Wizard	DevicePairingWizard	exe	Win7, 8, 10
Executable	Digitizer Calibration Tool (Tablets/Touch screens)	tabcal	exe	Win7, 8, 10
Control Panel Applet	Direct X Control Panel (if installed)	directx.cpl	cpl	Win7, 8, 10
Executable	Direct X Troubleshooter	dxdiag	exe	Win7, 8, 10
Executable	Disk Cleanup Utility	cleanmgr	exe	Win7, 8, 10
Executable	Disk Defragmenter	dfrgui	exe	Win7, 8, 10
Executable	Disk Defragmenter	defrag	exe	Win7, 8, 10
Management console	Disk Management	diskmgmt.msc	msc	Win7, 8, 10
Executable	Disk Partition Manager	diskpart	exe	Win7, 8, 10
Executable	Display Color Calibration	dccw	exe	Win7, 8, 10
Executable	Display DPI / Text size	dpiscaling	exe	Win7, 8, 10
Executable	Display Properties (Themes, Desktop, Screensaver)	control desktop	exe	Win7, 8, 10
Executable	Display Properties (Resolution, Orientation)	desk.cpl	exe	Win7, 8, 10
Executable	Display Properties (Color & Appearance)	control color	exe	Win7, 8, 10
Executable	Documents (open 'My Documents' folder)	documents	exe	Win7, 8, 10
Executable	Downloads (open 'Downloads' folder)	downloads	exe	Win7, 8, 10
Executable	Driver Verifier Utility	verifier	exe	Win7, 8, 10
Executable	DVD Player	dvdplay	exe	Win7, 8, 10
Executable	Edit Environment Variables	rundll32.exe sysdm.cpl,EditEnvironmentVariables	exe	Win7, 8, 10
Executable	Encrypting File System Wizard (EFS)	rekeywiz	exe	Win7, 8, 10
Management console	Event Viewer	eventvwr.msc	msc	Win7, 8, 10
Executable	File Signature Verification Tool (Device drivers)	sigverif	exe	Win7, 8, 10
Executable	Files and Settings Transfer Tool	%systemroot%\system32\migwiz\migwiz.exe	exe	Win7, 8, 10
Executable	Folders Properties	control folders	exe	Win7, 8, 10
Executable	Fonts list	control fonts	exe	Win7, 8, 10
Executable	Font preview	fontview arial.ttf	exe	Win7, 8, 10
Executable	Game Controllers	joy.cpl	exe	Win7, 8, 10
Management console	Local Group Policy Editor	gpedit.msc	msc	Win7, 8, 10
Executable	Internet Properties	inetcpl.cpl	exe	Win7, 8, 10
Executable	IP Configuration	ipconfig	exe	Win7, 8, 10
Executable	iSCSI Initiator configuration	iscsicpl	exe	Win7, 8, 10
Executable	Keyboard Properties	control keyboard	exe	Win7, 8, 10
Executable	Language Pack Installer	lpksetup	exe	Win7, 8, 10
Management console	Local Security Policy	secpol.msc	msc	Win7, 8, 10
Executable	Log out	logoff	exe	Win7, 8, 10
Executable	Microsoft Malicious Software Removal Tool	mrt	exe	Win7, 8, 10
Executable	Microsoft Management Console	mmc	exe	Win7, 8, 10
Executable	Access (Microsoft Office)	msaccess	exe	Win7, 8, 10
Executable	Excel (Microsoft Office)	Excel	exe	Win7, 8, 10
Executable	Powerpoint (Microsoft Office)	powerpnt	exe	Win7, 8, 10
Executable	Word (Microsoft Office)	winword	exe	Win7, 8, 10
Executable	Microsoft Paint	mspaint	exe	Win7, 8, 10
Executable	Microsoft Support Diagnostic Tool	msdt	exe	Win7, 8, 10
Executable	Projector: Connect to Network Projector	netproj	exe	Win7, 8, 10
Executable	Projector: Switch projector display	displayswitch	exe	Win7, 8, 10
Executable	Notepad	notepad	exe	Win7, 8, 10
Executable	ODBC Data Source Admin	C:\windows\system32\odbcad32.exe	exe	Win7, 8, 10
Executable	Default ODBC driver: 32-bit ODBC driver under 64-bit platform	C:\windows\sysWOW64\odbcad32.exe	exe	Win7, 8, 10
Executable	ODBC configuration - Install/configure MDAC drivers	odbcconf	exe	Win7, 8, 10
Executable	On Screen Keyboard	osk	exe	Win7, 8, 10
Executable	OOB Getting Started	gettingstarted	exe	Win7, 8, 10
Executable	Password - Create a Windows Password Reset Disk (USB)	"C:\Windows\system32\rundll32.exe" keymgr.dll,PRShowSaveWizardExW	exe	Win7, 8, 10
Management console	Performance Monitor	perfmon.msc	msc	Win7, 8, 10
Executable	Phone Dialer	dialer	exe	Win7, 8, 10
Executable	Presentation Settings	PresentationSettings	exe	Win7, 8, 10
Executable	Problem Steps Recorder	psr	exe	Win7, 8, 10
Executable	Program Access and Computer Defaults - browser / email / media	computerdefaults	exe	Win7, 8, 10
Executable	Printers and Faxes	control printers	exe	Win7, 8, 10
Management console	Print Management	PrintManagement.msc	msc	Win7, 8, 10
Executable	Printer Migration (backup/restore)	printbrmui and printbrm.exe	exe	Win7, 8, 10
Executable	Printer user interface (List all printui.dll options)	printui	exe	Win7, 8, 10
Executable	Private Character Editor	eudcedit	exe	Win7, 8, 10
Executable	Regional Settings - Language, Date/Time format, keyboard locale.	intl.cpl	exe	Win7, 8, 10
Executable	Registry Editor	regedit	exe	Win7, 8, 10
Executable	Remote Assistance	msra	exe	Win7, 8, 10
Executable	Remote Desktop	mstsc	exe	Win7, 8, 10
Executable	Resource Monitor	resmon	exe	Win7, 8, 10
Management console	Resultant Set of Policy	rsop.msc	msc	Win7, 8, 10
Executable	Settings (Windows 10)	ms-settings:	exe	Win7, 8, 10
Executable	Scheduled Tasks	control schedtasks	exe	Win7, 8, 10
Executable	Screenshot Snipping Tool	snippingtool	exe	Win7, 8, 10
Management console	Services	services.msc	msc	Win7, 8, 10
Executable	Shared Folder Wizard	shrpubw	exe	Win7, 8, 10
Management console	Shared Folders	fsmgmt.msc	msc	Win7, 8, 10
Executable	Shut Down Windows	shutdown	exe	Win7, 8, 10
Executable	EXAMPLE: Immediately Restart immediately Abort shutdown/restart countdown	shutdown /s /t 0 shutdown /r /t 0 shutdown /a	exe	Win7, 8, 10
Executable	Software Licensing/Activation	slui	exe	Win7, 8, 10
Executable	Sound Recorder	soundrecorder	exe	Win7, 8, 10
Executable	Sound Volume	sndvol	exe	Win7, 8, 10
Executable	Syncronization Tool (Offline files)	mobsync	exe	Win7, 8, 10
Management console	System Configuration Utility	msconfig	msc	Win7, 8, 10
Executable	System File Checker Utility (Scan/Purge)	sfc	exe	Win7, 8, 10
Executable	System Information	msinfo32	exe	Win7, 8, 10
Executable	System Properties - Performance	SystemPropertiesPerformance	exe	Win7, 8, 10
Executable	System Properties - Hardware	SystemPropertiesHardware	exe	Win7, 8, 10
Executable	System Properties - Advanced	SystemPropertiesAdvanced	exe	Win7, 8, 10
Executable	System Repair - Create a System Repair Disc	recdisc	exe	Win7, 8, 10
Executable	System Restore	rstrui	exe	Win7, 8, 10
Executable	Task Manager	taskmgr	exe	Win7, 8, 10
Management console	Task Scheduler	taskschd.msc	msc	Win7, 8, 10
Executable	Telnet Client	telnet	exe	Win7, 8, 10
Executable	Trusted Platform Module Initialization Wizard	tpmInit	exe	Win7, 8, 10
Executable	User Accounts (Autologon)	control userpasswords2	exe	Win7, 8, 10
Executable	User Account Control (UAC) Settings	UserAccountControlSettings	exe	Win7, 8, 10
Executable	User Profiles - Edit/Change type	C:\Windows\System32\rundll32.exe sysdm.cpl,EditUserProfiles	exe	Win7, 8, 10
Executable	Windows Disc Image Burning Tool	isoburn C:\movies\madmax.iso	exe	Win7, 8, 10
Executable	Windows Explorer	explorer.exe	exe	Win7, 8, 10
Executable	Windows Features	optionalfeatures	exe	Win7, 8, 10
Executable	Windows Firewall	firewall.cpl	exe	Win7, 8, 10
Management console	Windows Firewall with Advanced Security	wf.msc	msc	Win7, 8, 10
Executable	Windows Image Acquisition (scanner)	wiaacmgr	exe	Win7, 8, 10
Executable	Windows Magnifier	magnify	exe	Win7, 8, 10
Management console	Windows Management Infrastructure	wmimgmt.msc	msc	Win7, 8, 10
Executable	Windows Memory Diagnostic Scheduler	mdsched	exe	Win7, 8, 10
Executable	Windows Mobility Center (Mobile PCs only)	mblctr	exe	Win7, 8, 10
Executable	Windows PowerShell	powershell	exe	Win7, 8, 10
Executable	Windows PowerShell ISE	powershell_ise	exe	Win7, 8, 10
Executable	Windows Security Action Center	wscui.cpl	exe	Win7, 8, 10
Executable	Windows Script Host(VBScript)	wscript NAME_OF_SCRIPT.VBS	exe	Win7, 8, 10
Executable	Windows System Security Tool. Encrypt the SAM database. (boot password.)	syskey	exe	Win7, 8, 10
Executable	Windows Update	wuapp	exe	Win7, 8, 10
Executable	Windows Update Standalone Installer	wusa	exe	Win7, 8, 10
Executable	Windows Version (About Windows)	winver	exe	Win7, 8, 10
Executable	WordPad	write	exe	Win7, 8, 10
Deprecated		Microsoft.BackupAndRestoreCenter/Microsoft.BackupAndRestore		removed in Win 8
Deprecated		Microsoft.CardSpace		removed in Win 8
Deprecated		Microsoft.DesktopGadgets		removed in Win 8
Deprecated		Microsoft.GetProgramsOnline		removed in Win 7
Deprecated		Microsoft.PeopleNearMe		removed in Win 8.1
Deprecated		Microsoft.PerformanceInformationAndTools		removed in Win 8.1
Deprecated		Microsoft.WindowsSidebarProperties		removed in Win 8.1
Deprecated		Microsoft.WindowsSideShow		removed in Win 8.1
command	runas	runas /user:administrator control	full command	Win 10
command	View IP config	netsh interface ip show config	full command	Win 10
command	Configure interface 'Local Area Connection' with [IPaddr] [Netmask] [DefaultGW]	netsh interface ip set address local static [IPaddr] [Netmask] [DefaultGW] 1	full command	Win 10
command	Configure DNS server for 'Local Area Connection'	netsh interface ip set dns local static [IPaddr]	full command	Win 10
command	Configure interface to use DHCP	netsh interface ip set address local dhcp	full command	Win 10
command	Turn off built-in Windows firewall	netsh firewall set opmode disable	full command	Win 10
variable	C:\ProgramData	ALLUSERSPROFILE	variable	Win 10
variable	C:\Users\{username}\AppData\Roaming	APPDATA	variable	Win 10
variable	The current directory (string)	CD	variable	Win 10
reg	Add a key to the registry on machine [TargetIPaddr] within the registry domain [RegDomain] to location [Key].	reg add [\\TargetIPaddr\] [RegDomain]\[Key]	Regedit	Win 10
reg	Export all subkeys and values located in the domain [RegDomain] under the location [Key] to the file [FileName]	reg export [RegDomain]\[Key] [FileName]	Regedit	Win 10
reg	Import all registry entries from the file [FileName]	reg import [FileName]	Regedit	Win 10
reg	Query for a specific Value of a Key:	reg query [\\TargetIPaddr\][RegDomain]\[Key] /v [ValueName]	regedit	Win 10
wmic	Useful [aliases]: process service share nicconfig startup useraccount qfe (Quick Fix Engineering Ã¢ÂÂ shows patches)	wmic [alias] [where clause] [verb clause]	wmic	Win 10
wmic	Example	[where clauses]:where name="nc.exe"where (commandline like "%stuff")where (name="cmd.exe" and parentprocessid!="[pid]")	wmic	Win 10
wmic	Example [verb clauses]:list [full\|brief]get [attrib1,attrib2...]call [method]delete		wmic	Win 10
wmic	List all attributes of [alias]	wmic [alias] get /?	wmic	Win 10
wmic	List all callable methods of [alias]	wmic [alias] call /?	wmic	Win 10
wmic	EXAMPLE: List all attributes of all running processes	wmic process list full	wmic	Win 10
wmic	EXAMPLE: Make WMIC effect remote [TargetIPaddr]	wmic /node:[TargetIPaddr] /user:[User] /password:[Passwd] process list full	wmic	Win 10
Executable	List all processes currently running	tasklist	process	Win 10
Executable	List all processes currently running and the DLLs each has loaded	tasklist /m	process	Win 10
Executable	Lists all processes currently running which have the specified [dll] loaded	tasklist /m [dll]	process	Win 10
Executable	List all processes currently running and the services hosted in those processes	tasklist /svc	process	Win 10
Executable	Query brief status of all services	sc query	services	Win 10
Executable	Query the configuration of a specific service	sc qc [ServiceName]	services	Win 10
Executable	Show all TCP and UDP port usage and process ID	netstat -a	network	Win 10
Executable	To list out only tcp connections	netstat -t	network	Win 11
Executable	Listing all LISTENING Connections	netstat -l	network	Win 12
Executable	Look for usage of port [port] every [N] seconds	netstat -ano [N] \| find [port]	network	Win 10
Executable	Dump detailed protocol statistics	netstat -ano -p [tcp\|udp\|ip\|icmp]	network	Win 10
command	Search directory structure for a file in a specific directory	dir /b /s [Directory]\[FileName]	cpl	Win 10
command	Count the number of lines on StandardOuy of [Command]	[Command] \| find /c /v ""	cpl	Win 10
command	Counting Loop; Set %i to an initial value of [start] and increment it by [step] at every iteration until its value is equal to [stop]. For each iteration, run [command]. The iterator variable %i can be used anywhere in the command to represent its current value	for /L %i in ([start],[step],[stop]) do [command]	cpl	Win 10
command	Iterate over file contents; Iterate through the contents of the file on a line-by-line basis. For each iteration, store the contents of the line into %i and run [command]	for /F %i in ([file-set]) do [command]	command	Win 10
Control Panel Applet	Local User Manager (includes group management)	lusrmgr.msc	command	Win 10
Shell Command	Accesses the account pictures folder you have in your Windows 10 device.	shell:AccountPicture	shell	Win10
Shell Command	Adds a new program folder.	shell:AddNewProgramsFolder	shell	Win10
Shell Command	Accesses administrative tools folder.	shell:Administrative Tools	shell	Win10
Shell Command	Accesses AppData folder in the Windows 10 system.	shell:AppData	shell	Win10
Shell Command	Accesses Application Shortcuts folder.	shell:Application Shortcuts	shell	Win10
Shell Command	Accesses the Apps Folder.	shell:AppsFolder	shell	Win10
Shell Command	Accesses the Apps updates folder.	shell:AppUpdatesFolder	shell	Win10
Shell Command	Accesses the Cache folder.	shell:Cache	shell	Win10
Shell Command	Access camera roll folder.	shell:Camera Roll	shell	Win10
Shell Command	Accesses the temporary burn folder.	shell:CD Burning	shell	Win10
Shell Command	Accesses the Remove/Change program folder.	shell:ChangeRemoveProgramsFolder	shell	Win10
Shell Command	Accesses the Administrative Tools folder.	shell:Common Administrative Tools	shell	Win10
Shell Command	Accesses the Common AppData folder.	shell:Common AppData	shell	Win10
Shell Command	Accesses the public desktop folder.	shell:Common Desktop	shell	Win10
Shell Command	Accesses Public Documents folder.	shell:Common Documents	shell	Win10
Shell Command	Accesses Programs folder.	shell:Common Programs	shell	Win10
Shell Command	Accesses the start menu folder.	shell:Common Start Menu	shell	Win10
Shell Command	Accesses Startup folder situated in t he Windows 10 system.	shell:Common Startup	shell	Win10
Shell Command	Accesses ÂCommon TemplatesÂ folder.	shell:Common Templates	shell	Win10
Shell Command	Accesses Downloads folder.	shell:CommonDownloads	shell	Win10
Shell Command	Accesses the music folder.	shell:CommonMusic	shell	Win10
Shell Command	Accesses ÂPicturesÂ folder.	shell:CommonPictures	shell	Win10
Shell Command	Accesses the ringtones folder.	shell:CommonRingtones	shell	Win10
Shell Command	Accesses the public Video folder.	shell:CommonVideo	shell	Win10
Shell Command	Accesses the Conflict folder in the Windows 10 system.	shell:ConflictFolder	shell	Win10
Shell Command	Opens up the connections folder	shell:ConnectionsFolder	shell	Win10
Shell Command	Opens the Contact folder	shell:Contacts	shell	Win10
Shell Command	Opens the Control panel folder.	shell:ControlPanelFolder	shell	Win10
Shell Command	Opens the Cookies folder.	shell:Cookies	shell	Win10
Shell Command	Opens the Credential manager feature.	shell:CredentialManager	shell	Win10
Shell Command	Opens up the Crypto keys folder	shell:CryptoKeys	shell	Win10
Shell Command	Opens the CSC Folder.	shell:CSCFolder	shell	Win10
Shell Command	Opens up the Desktop folder.	shell:Desktop	shell	Win10
Shell Command	Opens the metadata store folder.	shell:Device Metadata Store	shell	Win10
Shell Command	Opens the Documents Library folder	shell:DocumentsLibrary	shell	Win10
Shell Command	Opens the Downloads folder	shell:Downloads	shell	Win10
Shell Command	Opens the DpapiKeys folder	shell:DpapiKeys	shell	Win10
Shell Command	Opens the Favorites folder.	shell:Favorites	shell	Win10
Shell Command	Opens the Fonts folder.	shell:Fonts	shell	Win10
Shell Command	Opens the Games folder.	shell:Games	shell	Win10
Shell Command	Opens the Game Tasks folder	shell:GameTasks	shell	Win10
Shell Command	Opens the History folder	shell:History	shell	Win10
Shell Command	Opens the HomeGroup folder for the current user.	shell:HomeGroupCurrentUserFolder	shell	Win10
Shell Command	Opens HomeGroup folder.	shell:HomeGroupFolder	shell	Win10
Shell Command	Opens the Implicit Apps shortcut folder.	shell:ImplicitAppShortcuts	shell	Win10
Shell Command	Opens Internet Folder.	shell:InternetFolder	shell	Win10
Shell Command	Opens Libraries folder.	shell:Libraries	shell	Win10
Shell Command	Opens the Links folder.	shell:Links	shell	Win10
Shell Command	Opens Local AppData folder.	shell:Local AppData	shell	Win10
Shell Command	Opens Local AppDataLow folder.	shell:LocalAppDataLow	shell	Win10
Shell Command	Opens LocalizedResources folder.	shell:LocalizedResourcesDir	shell	Win10
Shell Command	Opens MAPI folder.	shell:MAPIFolder	shell	Win10
Shell Command	Opens LusicLibrary folder.	shell:MusicLibrary	shell	Win10
Shell Command	Opens My Music folder.	shell:My Music	shell	Win10
Shell Command	Opens My Video folder.	shell:My Video	shell	Win10
Shell Command	Opens MyComputer folder.	shell:MyComputerFolder	shell	Win10
Shell Command	Opens NetHood folder.	shell:NetHood	shell	Win10
Shell Command	Opens NetworkPlaces folder.	shell:NetworkPlacesFolder	shell	Win10
Shell Command	Opens OEM Links folder.	shell:OEM Links	shell	Win10
Shell Command	Opens OneDrive folder in Windows 10	shell:OneDrive	shell	Win10
Shell Command	Opens Original Images folder.	shell:Original Images	shell	Win10
Shell Command	Opens Personal folder.	shell:Personal	shell	Win10
Shell Command	Opens PhotoAlbums folder.	shell:PhotoAlbums	shell	Win10
Shell Command	opens PicturesLibrary folder.	shell:PicturesLibrary	shell	Win10
Shell Command	Opens Playlists folder.	shell:Playlists	shell	Win10
Shell Command	Opens Printer folder.	shell:PrintersFolder	shell	Win10
Shell Command	Opens PrintHood folder.	shell:PrintHood	shell	Win10
Shell Command	Opens Profile folder.	shell:Profile	shell	Win10
Shell Command	Opens ProgramFiles folder.	shell:ProgramFiles	shell	Win10
Shell Command	Opens ProgramFilesCommon folder.	shell:ProgramFilesCommon	shell	Win10
Shell Command	Opens ProgramFilesCommonX64 folder.	shell:ProgramFilesCommonX64	shell	Win10
Shell Command	Opens ProgramFilesCommonX86 folder.	shell:ProgramFilesCommonX86	shell	Win10
Shell Command	Opens ProgramFilesX64 folder.	shell:ProgramFilesX64	shell	Win10
Shell Command	Opens ProgramFilesX86 folder.	shell:ProgramFilesX86	shell	Win10
Shell Command	Opens Programs folder.	shell:Programs	shell	Win10
Shell Command	Opens Public folder.	shell:Public	shell	Win10
Shell Command	Opens PublicAccountPictures folder.	shell:PublicAccountPictures	shell	Win10
Shell Command	Opens PublicGameTasks folder.	shell:PublicGameTasks	shell	Win10
Shell Command	Opens PublicLibraries folder.	shell:PublicLibraries	shell	Win10
Shell Command	Opens Quick Launch folder.	shell:Quick Launch	shell	Win10
Shell Command	Opens up recent items folder	shell:Recent	shell	Win10
Shell Command	Opens up recorder file in the Windows 10 system	shell:RecordedTVLibrary	shell	Win10
Shell Command	Opens the system Recycle Bin folder	shell:RecycleBinFolder	shell	Win10
Shell Command	Opens up the Resource folder	shell:ResourceDir	shell	Win10
Shell Command	Opens up Demo folder	shell:Retail Demo	shell	Win10
Shell Command	Opens up the Ringtones folder in Windows 10	shell:Ringtones	shell	Win10
Shell Command	Opens up the Roamed Tile images folder	shell:Roamed Tile Images	shell	Win10
Shell Command	Opens the Roaming Tiles folder	shell:Roaming Tiles	shell	Win10
Shell Command	It opens the SavedGames folder you have in the Windows 10 system	shell:SavedGames	shell	Win10
Shell Command	Opens the Screenshots folder	shell:Screenshots	shell	Win10
Shell Command	Opens the Search folder.	shell:Searches	shell	Win10
Shell Command	Opens the Search History folder you have in the system.	shell:SearchHistoryFolder	shell	Win10
Shell Command	Opens the Search Home folder.	shell:SearchHomeFolder	shell	Win10
Shell Command	Opens the Search templates folder.	shell:SearchTemplatesFolder	shell	Win10
Shell Command	Opens the SendTo folder.	shell:SendTo	shell	Win10
Shell Command	Opens the SkyDriveCameraRoll folder.	shell:SkyDriveCameraRoll	shell	Win10
Shell Command	Opens the SkyDriveMusic folder.	shell:SkyDriveMusic	shell	Win10
Shell Command	Opens the SkyDrivePictures folder.	shell:SkyDrivePictures	shell	Win10
Shell Command	Opens up the Start menu folder.	shell:Start Menu	shell	Win10
Shell Command	Opens the AllPrograms folder you have in the start menu.	shell:StartMenuAllPrograms	shell	Win10
Shell Command	Opens the Startup folder.	shell:Startup	shell	Win10
Shell Command	Opens the SyncCenter folder.	shell:SyncCenterFolder	shell	Win10
Shell Command	Opens the SyncResults folder.	shell:SyncResultsFolder	shell	Win10
Shell Command	opens the SyncSetup folder.	shell:SyncSetupFolder	shell	Win10
Shell Command	Opens the System folder.	shell:System	shell	Win10
Shell Command	Opens the SystemCertificates folder.	shell:SystemCertificates	shell	Win10
Shell Command	Opens SystemX86 folder.	shell:SystemX86	shell	Win10
Shell Command	Opens the Templates folder.	shell:Templates	shell	Win10
Shell Command	Opens the ThisPCDesktop folder.	shell:ThisPCDesktopFolder	shell	Win10
Shell Command	Opens User pinned folder.	shell:User Pinned	shell	Win10
Shell Command	Opens the user profiles folder.	shell:UserProfiles	shell	Win10
Shell Command	Opens Program Files folder.	shell:UserProgramFiles	shell	Win10
Shell Command	Opens Program Files Common folder.	shell:UserProgramFilesCommon	shell	Win10
Shell Command	Opens the Files folder from a specific user you are logged in with.	shell:UsersFilesFolder	shell	Win10
Shell Command	Opens the Libraries folder for a specific user.	shell:UsersLibrariesFolder	shell	Win10
Shell Command	Opens Video library folder.	shell:VideosLibrary	shell	Win10
Shell Command	Opens the "Windows" folder.	shell:Windows	shell	Win10
Key Shortcut	Close GUI windows	ALT+F4	shortcut	Win 10
OpenSSL	Create new Private Key and Certificate Signing Request	req -out geekflare.csr -newkey rsa:2048 -nodes -keyout geekflare.key	OpenSSL	Win and Unix
OpenSSL	Create a Self-Signed Certificate (dafault 30 days)	openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout gfselfsigned.key -out gfcert.pem	OpenSSL	Win and Unix
OpenSSL	Create a Self-Signed Certificate (for 2 years)	openssl req -x509 -sha256 -nodes -days 730 -newkey rsa:2048 -keyout gfselfsigned.key -out gfcert.pem	OpenSSL	Win and Unix
OpenSSL	Print certificates fingerprint as md5, sha1, sha256 digest	openssl x509 -in cert.pem -fingerprint -sha256 -noout	OpenSSL	Win and Unix
OpenSSL	Verify CSR file	openssl req -noout -text -in geekflare.csr	OpenSSL	Win and Unix
OpenSSL	Create RSA Private Key (2048-bis is secure enough)	openssl genrsa -out private.key 2048	OpenSSL	Win and Unix
OpenSSL	Remove Passphrase from Key	openssl rsa -in certkey.key -out nopassphrase.key	OpenSSL	Win and Unix
OpenSSL	Print public key or modulus only	openssl rsa -in example.key -pubout	OpenSSL	Win and Unix
OpenSSL	Print textual representation of RSA key	openssl rsa -in example.key -text -noout	OpenSSL	Win and Unix
OpenSSL	Check your private key.	openssl rsa -check -in example.key	OpenSSL	Win and Unix
OpenSSL	Encrypt existing private key with a passphrase	openssl rsa -des3 -in example.key -out example_with_pass.key	OpenSSL	Win and Unix
OpenSSL	Verify Private Key	openssl rsa -in certkey.key check	OpenSSL	Win and Unix
OpenSSL	Verify Certificate File	openssl x509 -in certfile.pem -text noout	OpenSSL	Win and Unix
OpenSSL	Verify the Certificate Signer Authority	openssl x509 -in certfile.pem -noout -issuer -issuer_hash	OpenSSL	Win and Unix
OpenSSL	Check Hash Value of A Certificate	openssl x509 -noout -hash -in bestflare.pem	OpenSSL	Win and Unix
OpenSSL	Convert DER to PEM format	openssl x509 inform der in sslcert.der out sslcert.pem	OpenSSL	Win and Unix
OpenSSL	Convert PEM to DER format	openssl x509 outform der in sslcert.pem out sslcert.der	OpenSSL	Win and Unix
OpenSSL	Convert Certificate and Private Key to PKCS#12 format	openssl pkcs12 export out sslcert.pfx inkey key.pem in sslcert.pem	OpenSSL	Win and Unix
OpenSSL	Convert Certificate and Private Key to PKCS#12 format including chains	openssl pkcs12 export out sslcert.pfx inkey key.pem in sslcert.pem -chain cacert.pem	OpenSSL	Win and Unix
OpenSSL	Create CSR using an existing private key	openssl req out certificate.csr key existing.key new	OpenSSL	Win and Unix
OpenSSL	Check contents of PKCS12 format cert	openssl pkcs12 info nodes in cert.p12	OpenSSL	Win and Unix
OpenSSL	Convert PKCS12 format to PEM certificate	openssl pkcs12 in cert.p12 out cert.pem	OpenSSL	Win and Unix
OpenSSL	Combine several certificates in PKCS7 (P7B)	openssl crl2pkcs7 -nocrl -certfile child.crt -certfile ca.crt -out example.p7b	OpenSSL	Win and Unix
OpenSSL	Combine a PEM and a private key to PKCS#12 (.pfx .p12) + chains	openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in certificate.pem -certfile ca-chain.pem	OpenSSL	Win and Unix
OpenSSL	Convert a PKCS#12 file (.pfx .p12) back to PEM (for export)	openssl pkcs12 -in keystore.pfx -out keystore.pem -nodes	OpenSSL	Win and Unix
OpenSSL	List available EC curves supported in OpenSSL	openssl ecparam -list_curves	OpenSSL	Win and Unix
OpenSSL	Test SSL certificate of particular URL	openssl s_client -connect yoururl.com:443 showcerts	OpenSSL	Win and Unix
OpenSSL	Find out OpenSSL version	openssl version	OpenSSL	Win and Unix
OpenSSL	List cipher suites	openssl ciphers -v	OpenSSL	Win and Unix
OpenSSL	Check PEM File Certificate Expiration Date	openssl x509 -noout -in certificate.pem -dates	OpenSSL	Win and Unix
OpenSSL	Check Certificate Expiration Date of SSL URL	openssl s_client -connect secureurl.com:443 2>/dev/null \| openssl x509 -noout enddate	OpenSSL	Win and Unix
OpenSSL	SSL check if SSL3 is accepted on URL	openssl s_client -connect secureurl.com:443 -ssl2	OpenSSL	Win and Unix
OpenSSL	SSL check if SSL3 is accepted on URL	openssl s_client -connect secureurl.com:443 ssl3	OpenSSL	Win and Unix
OpenSSL	SSL check if TLS1 is accepted on URL	openssl s_client -connect secureurl.com:443 tls1	OpenSSL	Win and Unix
OpenSSL	SSL check if TLS1.1 is accepted on URL	openssl s_client -connect secureurl.com:443 tls1_1	OpenSSL	Win and Unix
OpenSSL	SSL check if TLS1.2 is accepted on URL	openssl s_client -connect secureurl.com:443 tls1_2	OpenSSL	Win and Unix
OpenSSL	Verify if the particular cipher is accepted on URL	openssl s_client -cipher 'ECDHE-ECDSA-AES256-SHA' -connect secureurl:443	OpenSSL	Win and Unix
OpenSSL	Connect to a server and show full certificate chain	openssl s_client -showcerts -host example.com -port 443	OpenSSL	Win and Unix
OpenSSL	Override SN when multiple secure sites are hosted on same IP	openssl s_client -servername www.example.com -host example.com -port 443	OpenSSL	Win and Unix
OpenSSL	Measure SSL connection time with session reuse	openssl s_time -connect example.com:443 -new	OpenSSL	Win and Unix
OpenSSL	Measure SSL connection time without session reuse	openssl s_time -connect example.com:443 -reuse	OpenSSL	Win and Unix
OpenSSL	Measure speed of security algorithms, rsa	openssl speed rsa2048	OpenSSL	Win and Unix
OpenSSL	Measure speed of security algorithms, ecdsap	openssl speed ecdsap256	OpenSSL	Win and Unix
openssl, curl	Examine TCP and SSL handshake times using curl	curl -kso /dev/null -w "tcp:%{time_connect}, ssldone:%{time_appconnect}\n" https://example.com	OpenSSL	Win and Unix
curl	Check URL	curl https://domain.com/	cURL	Win and Unix
curl	store the output of URL in a file	curl -o website https://domain.com/	cURL	Win and Unix
curl	Download files	curl -O https://domain.com/file.zip	cURL	Win and Unix
curl	Download with different name	curl -o archive.zip https://domain.com/file.zip	cURL	Win and Unix
curl	Fetch Multiple Files at a time	curl -O URL1 -O URL2	cURL	Win and Unix
curl	Get HTTP header information	curl -I http://domain.com	cURL	Win and Unix
curl	Get HTTP only response header information	curl -i https://domain.com/	cURL	Win and Unix
curl	Access an FTP server	curl ftp://ftp.domain.com --user username:password	cURL	Win and Unix
curl	download files via FTP	curl ftp://ftp.domain.com/filename.extension --user username:password	cURL	Win and Unix
curl	upload a file onto the FTP server:	curl -T filename.extension ftp://ftp.domain.com/ --user username:password	cURL	Win and Unix
curl	Follow HTTP Location Headers with -L option	curl -L http://www.google.com	cURL	Win and Unix
curl	Continue/Resume a Previous Download	curl -O http://domain.com/gettext.html	cURL	Win and Unix
curl	Limit the Rate of Data Transfer	curl --limit-rate 1000B -O http://domain.com/gettext.html	cURL	Win and Unix
curl	Download only if modified before/after	curl -z 01-Jan-19 http://www.example.com/yy.html	cURL	Win and Unix
curl	Pass HTTP Authentication in cURL	curl -u username:password URL	cURL	Win and Unix
curl	More info Verbose and Trace Option	curl -v http://google.com	cURL	Win and Unix
curl	Send Mail using SMTP Protocol	curl --mail-from test@test.com --mail-rcpt foo@test.com smtp://mailserver.com	cURL	Win and Unix
curl	Perform an HTTP POST request	curl -X GET https://domain.com/	cURL	Win and Unix
curl	Perform an HTTP PUT request	curl -X PUT https://domain.com/	cURL	Win and Unix
curl	View External IP	curl wtfismyip.com/json curl eth0.me curl ipecho.net/plain curl icanhazip.com curl l2.io/ip curl ifconfig.me/ip curl httpbin.org/ip	cURL	Win
dig	View External IP	dig +short myip.opendns.com @resolver1.opendns.com		Unix
nslookup	View External IP	nslookup myip.opendns.com resolver1.opendns.com	nslookup	Win
.Net Version check	View .Net version - Navigate to latest folder	\%windir%\Microsoft.NET\FrameWork then .\MSBuild.exe -version	MSBuild.exe -version	Win
mstsc	Full-screen mode Admin mode Matches with local desktop Matches to to the Client Layout Edit before running === Switches RDP full or windowed mode Forces rdp full-screen Take screenshot pf active rdp window Reboot remote computer Take screenshot of entire rdp	mstsc /f mstsc /admin mstsc /span mstsc /multimon mstsc /edit “connection file” === Ctrl + Alt + Pause Ctrl + Alt + Break Ctrl + Alt + Minus Ctrl + Alt + Plus Ctrl + Alt + End	Rdp Commands mstsc multimon span	Win
net view	Display a list of computers List the File/Printer shares on a remote PC List the shares including hidden shares List all the shares in the domain	net view NET VIEW \\ComputerName NET VIEW \\ComputerName /All NET VIEW /DOMAIN
net share	manage file/printer shares	NET SHARE sharename /DELETE NET SHARE devicename /DELETE NET SHARE drive:path /DELETE net share /del *
net use	connect to a file share (Drive MAP). Make all future connections persistent Disconnect from a share Map a drive using alternate credentials - prompt for pass	NET USE F: \\ComputerName\ShareName /PERSISTENT:YES NET USE /P:Yes NET USE [driveletter:] /DELETE NET USE G: \\Server\Share1 /USER:domain\username
net accounts	Adjust account settings	net accounts [/FORCELOGOFF:{minutes \| NO}] [/MINPWLEN:length] [/MAXPWAGE:{days \| UNLIMITED}] [/MINPWAGE:days] [/UNIQUEPW:number] [/DOMAIN]

Notes:

By definition, canonical names do not change based on the system language; they’re always in English, even if the system’s language is not.
Not all Control Panel items are present in all varieties of Windows.
Some Control Panel items only appear if the right hardware is detected on the system.
Third parties can also add Control Panel items. The canonical names listed here are only for Control Panel items that are included with Windows.
You can find out which Control Panel files (.cpl) are available on your version of Windows by going to c:\Windows\System32. There you find all that are available.
You may open different tabs directly by adding ,x to the command, e.g. sysdm.cpl,4 to open the System Protection tab of the System Properties control panel applet. This works on the command prompt, but does not on Start or the Run Box.
You can run applets with elevated privileges by starting them from an elevated command prompt. Hold down Ctrl and Shift on the keyboard when you launch the Command Prompt to do so.
The canonical names used above may be used to reference these items in the Group Policy.

Notes for CPL applets:

Color is not available by default but is available for free from Microsoft. Download from MajorGeeks.

WinColor.exe must be run from the C:\Program Files\Pro Imaging Powertoys\Microsoft Color Control Panel Applet for Windows XP folder.

Device Manager here being commonly used is not a true Control Panel applet in Windows XP. See How to Open Windows XP Device Manager for more information.

The Mail applet is only available if a version of Microsoft Office Outlook is installed.

Control mlcfg32.cpl command must be run from the C:\Programs Files\Microsoft Office\OfficeXX folder, replacing OfficeXX with the folder pertaining to the Microsoft Office version you have installed.

ODBC Data Source Administrator was removed from Control Panel after Windows XP but is still available from Administrative Tools.

In Windows 8, 7, and Vista, task scheduling is performed by Task Scheduler which is not directly accessible from Control Panel. However, executing this command in those versions of Windows will forward to Task Scheduler.

Software Explorers is the name for the Control Panel applet for Windows Defender, available for free here as part of Microsoft Security Essentials.

Msascui.exe must be run from the C:\Program Files\Windows Defender folder.

control sapi.cpl command must be run from the C:\Program Files\Common Files\Microsoft Shared\Speech folder.

Windows Defender is available in Windows XP but the Control Panel applet is instead called Software Explorers.

Windows Update is also used in Windows XP but only via the Windows Update website, not via a Control Panel applet like in later versions of Windows.

Bthprops.cpl in (Win 8) opens Devices in PC Settings which will list any Bluetooth Devices. In Windows 7, bthprops.cpl opens athe Bluetooth Devices list under Devices and Printers. In Windows Vista, bthprops.cpl opens a true Control Panel applet called Bluetooth Devices.

Create a GodMode Folder granting access to extra Control Panel features. Create new foldare and name it: God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}

Deprecated Canonical Names

Microsoft.BackupAndRestoreCenter/Microsoft.BackupAndRestore — Removed in Windows 8
Microsoft.CardSpace — Removed in Windows 8
Microsoft.DesktopGadgets Removed in Windows 8
Microsoft.GetProgramsOnline — Removed in Windows 7
Microsoft.PeopleNearMe — Removed in Windows 8.1
Microsoft.PerformanceInformationAndTools –Removed in Windows 8.1
Microsoft.WindowsSidebarProperties — Removed in Windows 8
Microsoft.WindowsSideShow — Removed in Windows 8.1

Tools

WebTools and web services

List of handy Webtools, websites and links.

Description	URL	Usage	Rated
Centralops	https://centralops.net/co/	DNS, Whois	5
DigWebInterface	https://www.digwebinterface.com	Dig, Dns, Domain	5
Domain tools	https://www.robtex.com/	DNS, Whois	5
Domain tools	http://www.viewdns.info	DNS	5
Domain tools	http://FixYourIP.com	DNS	4
Domain tools	http://mega-check.com	DNS	4
Domain tools	https://www.whatismyip.com/	Multi Lookup, Whois, BL, ports, headers	4
Domain Toolkit	https://w3dt.net/	DNS, Network tool	4
MX Toolbox; Supertool	https://mxtoolbox.com/SuperTool.aspx	dns, tcp, https, blacklist, smtp, trace, etc	1
Domain Toolkit	http://www.intodns.com	DNS, Multi reports	4
SPF query	https://www.kitterman.com/spf/validate.html	SPF query
Toolkit	https://www.webmaster-toolkit.com/	DNS	3
Toolkit	https://bgp.he.net	BGP toolkit	3
Pingability	http://pingability.com	Monitor and downtime	3
Hex colours	https://www.color-hex.com/	Colours	4
What is my IP	https://www.whatismyip.com/reverse-dns-lookup/	Reverse DNS Lookup Tool	4
DNS Checker	https://dnschecker.org/	Dnschecker, multilocation	5
DNSWatch	https://www.dnswatch.info/	Domain Dossier	4
Luxsci	https://luxsci.com/smtp-tls-checker	Email Domain check	5
Emailstuff	https://emailstuff.org/	DNS, Email, dmarc	5
DNS	https://dns.google.com/query?name=google.com&type=TXT&dnssec=true	Google DNS checker	4
DNS Spy	https://dnsspy.io/	DNSspy , Monitor, validate and verify	4
Whois	https://www.whois.com/whois/	Whois lookup	4
Geolocation	https://www.iplocation.net/	Location – Geolocation IP checker	4
Domain DKIM	https://tools.wordtothewise.com/dkim/check/	Dkim checks	4
Domain DKIM	https://www.mail-tester.com/spf-dkim-check	SPF, DKIM	4
Domain DKIM	https://dmarcian.com/dmarc-inspector/	DKIM, Dmarc Inspect	4
Domain Dmarc	https://www.dmarcanalyzer.com/spf/checker/	SPF, DKIM, Dmarc Analyzer	4
Debouncer	https://www.debouncer.com/blacklistlookup?attempt=1	Email Blacklist checks	4
Mail Blacklist	http://mail-blacklist-checker.online-domain-tools.com/	Email Blacklist checks	4
Spamcop	https://www.spamcop.net/bl.shtml	Email Blacklist checks	3
SSL Certificate Tools	https://www.sslshopper.com/ssl-certificate-tools.html	SSL Certificate Tools	4
SSL Labs full SSL review	https://www.ssllabs.com/ssltest/	SSL validator and ciphers	5
Digicert	https://www.digicert.com/help/	Digicert Website SSL Diagnostics;	4
Digicert	https://ssltools.digicert.com/checker/	SSL Security and SSL/CSR checker;	4
SSL and Chrome,	https://www.websecurity.symantec.com/support/ssl-checker	Chrome distrust check, for Chrome 70+	4
Geocert	https://www.geocerts.com/ssl-checker	SSL checker	4
SSL, Email, TLS , multiple checks	https://www.checktls.com/	SSL checker	4
Free tools, basic SSL/CSR checks	https://www.clickssl.net/ssl-tools	SSL checker	4
SSL tools	https://www.mrdomain.com/products/ssl/tools/	SSL tools	4
SSL For Free – Completely free!	https://www.sslforfree.com/	SSL certs	5
Free SSL generation; Check SSL/CSR	https://confirm.globessl.com/ssl-checker.html	SSL certs	4
Analyze Responce Headers	https://securityheaders.com/	Headers	5
Analyze Responce Headers	http://securityheaders.io	Headers	5
HTTP Header Checker	https://tools.keycdn.com/curl	Header Checker	5
Message Headers	https://toolbox.googleapps.com/apps/messageheader/	Message Headers	5
Message Header Analyzer	https://testconnectivity.microsoft.com/MHA/Pages/mha.aspx	Header	5
Message Header Analyzer	https://mxtoolbox.com/EmailHeaders.aspx	Header	5
WorldTimeBuddy	https://www.worldtimebuddy.com/	Time Difference	5
Time.is	https://time.is/	Live clock	3
Virustotal – Virus Checks	https://www.virustotal.com/	virus analysis	5
MetaDefender Cloud	https://metadefender.opswat.com/	Virus check	4
Jotti	https://virusscan.jotti.org/	Virus check	4
Fortiguard	https://www.fortiguard.com/faq/onlinescanner	Virus Scanner Online	4
Kasperski	https://virusdesk.kaspersky.com/	Virus File checker	4
Https redirects	http://www.redirect-checker.org/	Redirect Status checks	5
Robots	https://en.ryte.com/free-tools/robots-txt/	Robots.txt check	4
Robots examples	https://developers.google.com/search/reference/robots_txt	Robots check	4
Robots	http://www.robotstxt.org/robotstxt.html	Robots check	4
Robbots Twitter	https://developer.twitter.com/en/docs/tweets/optimize-with-cards/guides/troubleshooting-cards#twitterbot	Robots check	4
SSL Security Test	https://www.immuniweb.com/ssl/	Security, SSL test	4
Crypto checks	https://discovery.cryptosense.com/	Security, Cryptography checks	4
Amazon AWS	http://aws.amazon.com/	AWS	5
Cloud Portal	https://portal.azure.com/	Azure Portal	4
MS Cloud , Azure	https://account.windowsazure.com	Azure Account Center	4
MS Cloud, AAD	https://aad.portal.azure.com/	AAD admin center	4
MS Cloud, Azure	https://Portal.azure.com/#@mytenantname.onmicrosoft.com	Access to a tenant AAD	4
MS Cloud, Portal	https://portal.office.com/login	O365 Portal	4
MS Cloud, O365	https://login.microsoftonline.com/	O365 login	4
MS Cloud, OWA	https://outlook.office.com/owa/	Office Web App (OWA)	4
MS Cloud, Onedrive	https://onedrive.live.com/	OneDrive	4
MS Cloud, MSD admin	https://port.crm11.dynamics.com/G/Applications/Index.aspx	OLD Microsoft 365 admin center (pre H2/2019)	4
MS Cloud, O365 admin	https://admin.microsoft.com/AdminPortal/Home	NEW Microsoft 365 admin center	4
MS Cloud, MSD	https://home.dynamics.com/	MS Dynamics	4
MS Cloud, MSD admin	https://admin.powerplatform.microsoft.com	PowerPlatform (MSD)	4
MS Cloud, PowerBI	https://powerbi.microsoft.com	PowerBI	4
MS Cloud, Help	https://docs.microsoft.com	MS Help	4
Atlassian	https://example.atlassian.net/browse/PROJECT-123	Atlassian, Modern view	4
Atlassian	https://example.atlassian.net/browse/PROJECT-123?oldIssueView=true	Atlassian, Legacy view	4
MS Dynamics	https://admin.dynamics.com/environments	Modern View	4
MS Dynamics	https://port.crm11.dynamics.com/G/Applications/Index.aspx	Legacy View, for admins	4
Domains Registrars	http://namecheap.com/	Registrar, cheap, bitpay	5
Domains Registrars	https://www.gandi.net	Registrar, many tLDs	4
Domains Registrars	https://godaddy.com/	Registrar, auctions too	3
Domains Registrars	https://www.netim.com/	Registrar, auctions	3
Domains Registrars	https://www.name.com/	Registrar	3
Domains Registrars	https://www.101domain.com/	Registrar, many tLDs	3
Domains Registrars	https://sedo.com/	Domain Auctions	4
Domains Registrars	https://www.expireddomains.net/	Expired domains grab	5
Crypto News	https://www.coindesk.com/	Coindesk	5
Crypto news	https://www.bitcoin.com/	Bitcoin.com	3
Crypto news	https://cointelegraph.com/tags/bitcoin	CoinTelegraph	5
Crypto news	https://www.ccn.com/	CCN	4
Crypto news	https://bitcoinist.com/	Bitcoinist
Crypto news	https://www.newsbtc.com/	NewsBTC	4
Crypto news	https://ethereumworldnews.com/	Crypto news	4
Crypto news	https://www.dailyfx.com/bitcoin	Daily FX	3
Crypto news	https://masterthecrypto.com/		3
Crypto news	https://coinmarketcap.com/	Market Capitalisation	5
Crypto Stats	https://coin360.com/	Market Cap and wedges	5
Crypto Stats	https://bitinfocharts.com/	Crypto Charts	4
Crypto Stats	https://bitcointicker.co	Ticker stats	4
Crypto Stats	https://www.blockchain.com/en/stats	BitcoinStats	4
Crypto Stats	https://coin.dance/stats	Coin Dance, graphs and chart	5
Crypto Stats	https://www.cryptocompare.com/	CryptoCompare	5
Crypto Stats	https://btc.com/stats	Most private search engine	3
Crypto Stats	https://blockchair.com/compare	Blockchair	3
Crypto Stats	https://charts.bitcoin.com/btc/	Price charts	5
Crypto fun	https://dickline.info/	McAfee predicton tool to $1mil	4
Crypto fun	https://99bitcoins.com/bitcoin-obituaries/	Bitcoin Ongoing Obituaries	5
Crypto Excahnges	https://www.coinbase.com	Coinbase	3
Crypto Excahnges	https://shapeshift.io/#/coins	Crypto excanging	5
Crypto Excahnges	https://www.bitmex.com	Bitmex	5
Crypto Excahnges	https://www.binance.com/en	Binance	5
Crypto Excahnges	https://www.kraken.com/	Kraken	4
Crypto Excahnges	https://www.etoro.com/markets/btc/stats	Etoro, social trading	4
Crypto Excahnges	https://www.etoro.com/markets/btc	Etoro – Social Trading Exchange (no crypto cashout)	4
Crypto Excahnges	https://international.bittrex.com/	Bittrex	3
Crypto Twitter	https://twitter.com/hashtag/bitcoin	#bitcoin	3
Crypto Twitter	https://twitter.com/hashtag/crypto	#crypto	3
Crypto Twitter	https://twitter.com/coinmetrics Coinmetrics.com	Twitter chanel	3
WebPageTest, performance	https://www.webpagetest.org/	multi tests	3
Crypto DataMish, stats	http://datamish.com	crypto info	3
Crypto Whale Alerts	https://whale-alert.io/	crypto alerts, big transfers and moves	3
Anonymous files upload	https://anonfile.com	anon uploads	5
Anonymous files upload	https://openload.cc/	anon uploads
Anonymous files upload	https://bayfiles.com/	anon uploads	4
Anonymous image upload	https://unsee.cc/	anon images, with expiry date	5
Email Validator	https://verifalia.com/validate-email	validate email inbox	3
Email Validator	https://www.textmagic.com/free-tools/email-validation-tool	validate email inbox	4
Email Server check	https://ssl-tools.net/mailservers	Secure Email, Starttls	4
Can I use?	https://caniuse.com/	TLS. browser support	4
Wiki of TLS	https://en.wikipedia.org/wiki/Transport_Layer_Security#Web_browsers	TLS, browser support	5
Have I been pawned	https://haveibeenpwned.com/	Secure email check	5
Ghostproject	https://ghostproject.fr/	Secure email check	3
check your email	https://spycloud.com/	Secure email check	4
leak database	https://leakprobe.net/	Secure email check	4
Latest email Leaks	https://hacked-emails.com/latest/	Secure email check	4
Hacked passwords	https://scatteredsecrets.com/	Secure email check	4
Hacked emails	https://breachalarm.com/	Secure email check	4
Dehashed, emails	https://www.dehashed.com/	Secure email check	4
Strip HTML tags	https://www.browserling.com/tools/html-strip	HTML tags remove	3
Exif view remove	https://www.verexif.com/	EXIF remover	3
Full emji list	https://htmlstrip.com/full-emoji-list	Full emji list	2
Hash decrypt	https://hashkiller.co.uk/	HashKiller.co.uk is a hash lookup service	4
Hex binary convert	https://md5decrypt.net/en/Conversion-tools/	Hex binary convert	3
MD crypt decrypt	https://md5decrypt.net/	MD crypt decrypt	3
Hash crypt decrypt	https://md5hashing.net/	hash dehash	3
MathTools	https://onlinemathtools.com/	math utilities and tools	4
TechURLs news aggregator.	https://techurls.com/	News Headlines, technology	3
Math URLs news aggregator.	https://mathurls.com/	News Headlines, Maths	3
Financial URLs news aggregator.	https://finurls.com/	News Headlines, Finance	3
TLD-list	https://tld-list.com/	Tld, compare, domains	5
Ping	https://pingtool.org/	Domain Tools	3
dpi resolution	https://www.sven.de/dpi/	Screen pixel resolution	4
dpi resolution	https://www.pixelcalculator.com/	Screen pixel resolution	4
Aspect ratio	https://aspectrat.io/	Ratios	2

Portable Executables and some Installables

Recommended List of useful Online and Offline tools

Description	URL	Usage	Cost	Rating
SoftetherVPN poject	https://www.softether.org/	Installable	free	5
MS Office	https://products.office.com/	Installable	paid	5
Foxit Advanced PDF Editor 3.05	https://www.foxitsoftware.com/blog/foxit-delivers-advanced-pdf-editor-3-0/	Installable	paid	5
ShareX, screencapture and more	https://getsharex.com/	Installable	free	4
XCA - SSL Management tool, SSL ,CSR, RSA, DSA, PFX, PEM	https://hohnstaedt.de/xca/	Installable	free	5
10+ Essential IP tools for Admins. DNS Audit, Network, WMI	https://www.adremsoft.com/netcrunch.tools/	Installable	free	2
Total Commander	https://www.ghisler.com/	Portable	free	5
ABBYY 14 – OCR Project	https://www.abbyy.com/en-gb/finereader/	Installable	paid	5
Autoruns, WMI and auto startup	https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns	Portable	free	5
Cryping, command line extended ping	http://www.cryer.co.uk/downloads/cryping	Portable	free	2
CurrentPorts	https://www.nirsoft.net/utils/cports.html	Portable	free	5
Daphne - system tool	http://www.drk.com.ar/daphne.php	Portable	free	3
Easy Robocopy	http://www.tribblesoft.com/home-page/easy-robocopy/	Portable	free	5
ProcessExplorer	https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer	Portable	free	5
ProcessMonitor	https://docs.microsoft.com/en-us/sysinternals/downloads/procmon	Portable	free	5
FastStone, image viewer and editor	https://www.faststone.org/	Portable	free	5
qBittorrent , Best Bittorrent client	https://www.qbittorrent.org/	Portable	free	5
Terminals, RDP manager and network tools	https://github.com/terminals-Origin/Terminals	Portable	free	5
TCP View	https://docs.microsoft.com/en-us/sysinternals/downloads/tcpview	Portable	free	3
WinCDEmu – ISO emulator	https://wincdemu.sysprogs.org/	Portable	free	5
CleanMemory	https://www.pcwintech.com/cleanmem	Portable	free	4
Teracopy, better copying	https://www.codesector.com/teracopy	Portable	free	3
IIS Crypto - IIS Crypto, manage protocols, ciphers, hashes	https://www.nartac.com/	Portable	free	4
RegexBuddy4	https://www.regexbuddy.com/	Portable	free	5
BareGrep (also BareTail)	https://www.baremetalsoft.com/baregrep/	Portable	free	2
WinDirStats	https://windirstat.net/	Portable	free	2
SageLinks, SymLinks, HardLinks	https://github.com/raspopov/SageLinks/releases	Portable	free	3
NTFSViewLinks, SymLinks, Hardlinks, etc	https://www.nirsoft.net/utils/ntfs_links_view.html	Portable	free	3
Lastpass, passwords	https://www.lastpass.com/	Installable	free	5
Enpass, passwords	https://www.enpass.io/	Portable	free	4
Keepass, password safe, opensource	https://keepass.info/	Portable	free	3
BeCyPDFMetaEdit, edit pdf metadata	https://becypdfmetaedit.jaleco.com/	Portable	free	4
Notepad++	https://notepad-plus-plus.org/	Portable	free	5
Evernote	https://evernote.com/	Installable	free	5
NixNote	http://nixnote.org/	Portable	free	3
MobaXterm, Linux terminal SSL client	https://mobaxterm.mobatek.net/	Installable	free	5
Putty, Linux terminal. SSH client	https://www.putty.org/	Portable	free	3
Hash Manager, change any file hash	http://imristo.com/hash-manager-change-the-hash-of-any-file/	Portable	free	5
Gimp, image editor	https://www.gimp.org/	Portable	free	3
HeidiSQL, SQL client	https://www.heidisql.com/	Portable	free	3
pgAdmin, postgress client	https://www.pgadmin.org/	Installable	free	5
OpenSSL	https://www.openssl.org/	Installable	free	3
Sumatra, PDF reader	https://www.sumatrapdfreader.org/free-pdf-reader.html	Portable	free	3
TextCrawler	https://www.digitalvolcano.co.uk/textcrawler.html	Portable	free	4
WildRename, wildcard rename utility	https://www.cylog.org/utilities/wildrename.jsp	Portable	free	3
WildReplace, wildcard replace utility	https://www.cylog.org/utilities/wildreplace.jsp	Portable	free	3
WinDJViewer, djv viewer	https://windjview.sourceforge.io/	Portable	free	3
GIT for windows, SSH terminal for Win	https://git-scm.com/download/win	Installable	free	5
FileMenuTools, edit explorer menus	https://www.lopesoft.com/index.php/en/products/filemenutools	Installable	free	3
Mozilla Firefox, browser	http://mozilla.org/	Installable	free	3
Chrome, browser	https://www.google.com/chrome/	Installable	free	3
Opera, browser	https://www.opera.com/	Installable	free	3
MouseEmu, emulate mouse with keyboard	http://rhdesigns.browseto.org/mouseemulator.html	Installable	free	5
Autohotkeys. Key emulator	https://www.autohotkey.com/	Installable	free	4
NeatMouse, emulate mouse with keyboard	https://neatdecisions.com/products/neatmouse/	Installabel	free	3
Babun, Windows shell you will love (Discontinued)	https://babun.github.io/	Installable	free	3
Calibre, Ebook management	https://calibre-ebook.com/	Installable (can be portable)	free	5
Clavie, keyborad shortcuts	http://utilfr42.free.fr/util/Clavier.php	Portable	free	3
Angry IP scanner, IP range scan	https://angryip.org/	Portable	free	3
PingInfoView, advanced ping tool	https://www.nirsoft.net/utils/multiple_ping_tool.html	Portable	free	5
Advanced IP Scanner, network LAN scanner	http://www.advanced-ip-scanner.com/	Installable	free	3