To be sorted

• @NerdPyle Very important bookmark, IT peeps: https://docs.microsoft.com/en-us/previous-versions/windows/ … It's the archive all Win7/8, Windows Server 2012/2008/2003/R2, etc. info previously in TechNet. That legacy content isn't searchable from Google or Bing. It is searchable on the archive pages tho. https://twitter.com/NerdPyle/status/974789080700481536

• @Wired_Pulse Do you use PowerShell and enjoy DFIR? Well try your hand at the over 90 challenges in PoSh Hunter, the Threat Hunting with PowerShell CTF. Each challenge was developed with realistic scenarios in mind that anyone in this field would or could encounter. http://www.posh-hunter.underthewire.tech https://twitter.com/Wired_Pulse/status/976947830282694656

• @jamonholmgren My 13 year old son accidentally installed a Windows malware instead of downloading a game. I helped him (mostly) clean it up and then sent him to @SwiftOnSecurity's http://decentsecurity.com to get an education. "Everyone can be secure." https://twitter.com/jamonholmgren/status/976304971275628544

• @Oddvarmoe I often/still find Group Policy Preferences passwords when I do my pentests. To check if you have this present in your domain you can run this command: findstr /S /I cpassword \\sysvol<FQDN>\policies*.xml | A great write-up here by @PyroTek3 https://adsecurity.org/?p=2288 https://twitter.com/Oddvarmoe/status/974216632821264384

• @Evil_Mog Pro Tip: iPXE https://ipxe.org/ is a useful pentest tool, mainly because its DHCP client is super handy for discovering WDS parameters or pretending to be a phone or or or, its like a tfp, pxe, dhcp swiss army knife https://twitter.com/Evil_Mog/status/975594593767981056

• A great repository created by @mubix on how to get your start in InfoSec! http://bit.ly/2FG9NWe (via @indi303) https://gist.github.com/mubix/5737a066c8845d25721ec4bf3139fd31 https://twitter.com/securityerrata/status/952943963941437440

• David Longenecker ‏@dnlongen Well huh. Chrome has a nifty undocumented trick that makes proxying so much more useful when testing sites using HSTS or pinned certs: where the security warning screen doesn't give you an option to ignore, type "badidea" to continue anyway. #toolbox https://twitter.com/dnlongen/status/943148446181097472 | Looks like the bypass keyword has changed to "thisisunsafe" in the latest dev versions -- hat tip @kevcody

• @ImperialCondon SMB is a critical protocol for network analysts to understand, check out @anotherinfosec's Intro to SMB for Network Analysts https://401trg.pw/an-introduction-to-smb-for-network-security-analysts/ https://twitter.com/ImperialCondon/status/943598589170794496

• @B1N2H3X For those posting on @hacks4pancakes santa thread - DFIR jobs can be found here: http://aboutdfir.com/jobs/ . Forensics Wiki is seeking input http://forensicswiki.org/wiki/Category:Articles_that_need_to_be_expanded … DFIR resources: http://thisweekin4n6.com , http://aboutdfir.com , http://www.dfir.training/ https://twitter.com/B1N2H3X/status/944435053551149056

• @blackroomsec Neat site. https://explainshell.com/ https://twitter.com/blackroomsec/status/944448131235811328

• @WebBreacher Did you know that the CIA released a free PDF on how to analyze #osint? Well, it wasn't JUST for OSINT. It discusses bias and how to keep an open mind when performing analyses. Worth a download and read. PDF is here: https://sec487.info/e3 https://twitter.com/WebBreacher/status/944771908981219329

• @codewarz_ninja What should you give your friend(s) for X-mas? You should tell them about https://codewarz.ninja and give them 169 programming challenges to solve! https://twitter.com/codewarz_ninja/status/945095158349037569

• @RFInfoSec SDRTrunk: A cross-platform java application for decoding, monitoring, recording and streaming trunked mobile and related radio protocols using Software Defined Radios (SDR) https://github.com/DSheirer/sdrtrunk https://twitter.com/RFInfoSec/status/945230435147223041

• @Hackers_toolbox Twitter Geolocation OSINT Tool: Geotweet https://n0where.net/twitter-geolocation-osint … #InfoSec #CyberSecurity #Security https://twitter.com/Hackers_toolbox/status/945282325885186050

• @kfalconspb infosec Advent Challenge #14 - syslog intrusion analysis http://malwarejake.blogspot.com/2017/12/infosec-advent-challenge-14-syslog.html … #ifh We've posted the 14th challenge in the "Infosec Advent" series. This one is a Linux server intrusion case. You get syslog and auth.log. Unfortunately that's all that w… https://www.infosecadvent.com . https://twitter.com/kfalconspb/status/945610253898575872

• @binitamshah A Practical Guide to (Correctly) Troubleshooting with Traceroute : https://www.nanog.org/meetings/nanog45/presentations/Sunday/RAS_traceroute_N45.pdf … (pdf) https://twitter.com/binitamshah/status/945616833826058240

• Rob Fuller @mubix http://LetMeOutOfYour.Net is back online. It's an egress testing tool that you can hit via UDP, HTTP, HTTPS, or SSH on any port via IPv6 or IPv4 and you will always get back w00tw00t for verifiable responses.

• Scott Bollinger @kfalconspb Top 5 Blogs of 2017 – Build and run your first Docker Windows Server container https://blog.docker.com/2017/12/top-5-blogs-of-2017-build-and-run-your-first-docker-windows-server-container/ … #ifh As 2017 comes to a close, we looked back at the top five blogs that were most popular with our readers. For those of you that have yet to set up your first Docker Windows… https://twitter.com/kfalconspb/status/945866921152479232