diff --git a/Makefile b/Makefile
index d338d64..bf5aea1 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-VER := 0.4.8p1
+VER := 0.4.8p2
 
 all:
 	make -C router
@@ -59,6 +59,11 @@ FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/www/content/Articles/wor
 FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/www/content/pages/mydw.md"
 FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/www/content/pages/about.md"
 FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/www/content/images"
+FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/applications/metasploit.desktop"
+FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/applications/burpsuite.desktop"
+FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/applications/thc-tips-and-tricks.desktop"
+FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/icons/metasploit.svg"
+FILES_GUEST += "segfault-$(VER)/guest/fs-root/usr/share/icons/thc-logo.jpg"
 
 FILES_MASTER += "segfault-$(VER)/master/Dockerfile"
 FILES_MASTER += "segfault-$(VER)/master/Makefile"
diff --git a/guest/Dockerfile b/guest/Dockerfile
index 8de412a..de8f390 100644
--- a/guest/Dockerfile
+++ b/guest/Dockerfile
@@ -612,10 +612,12 @@ RUN /pkg-install.sh HACK ghbin shadow1ng/fscan 'fscan_%arch:x86_64=amd64:aarch64
 	&& /pkg-install.sh HACK bash -c '{ curl -sf https://gobinaries.com/gwen001/gitlab-subdomains | PREFIX=/usr/bin sh; }' \
 	&& /pkg-install.sh HACK bash -c '{ curl -sf https://gobinaries.com/gwen001/github-endpoints | PREFIX=/usr/bin sh; }'
 RUN /pkg-install.sh GUI apt-get install -y --no-install-recommends \
+		hexchat \
 		i3 \
 		jupyter \
 		pavucontrol \
 		pulseaudio \
+		telegram-desktop \
 		tigervnc-tools \
 	&& /pkg-install.sh GUI npm install -g carbonyl
 RUN /pkg-install.sh WEB apt-get install -y --no-install-recommends \
@@ -701,14 +703,15 @@ RUN /pkg-install.sh    HACK ghbin wader/fq '_linux_%arch:x86_64=amd64:aarch64=ar
 	&& /pkg-install.sh HACK bin https://raw.githubusercontent.com/trustedsec/hardcidr/master/hardCIDR.sh hardcidr \
 	&& /pkg-install.sh HACK ghbin hahwul/dalfox  '_linux_%arch:x86_64=amd64:aarch64=arm64%' dalfox
 RUN /pkg-install.sh NET bin https://github.com/hackerschoice/binary/raw/main/gsocket/latest/gsocket_latest_all.deb   `# x86_64 only` \
-	&& /pkg-install.sh NET ghbin shadowsocks/shadowsocks-rust '%arch%.*linux.musl.tar.xz$' \
-	&& /pkg-install.sh NET ghbin ginuerzh/gost  'linux-%arch:x86_64=amd64:aarch64=armv8%.*gz$' gost \
-	&& /pkg-install.sh NET ghbin tulir/gomuks 'linux-%arch:x86_64=amd64:aarch64=arm64%' gomuks \
-	&& /pkg-install.sh NET ghbin maxmind/mmdbinspect 'linux_amd64.tar.gz$' mmdbinspect       `# x86_64 only` \
-	&& /pkg-install.sh NET ghbin KaranGauswami/socks-to-http-proxy 'sthp-linux' sthp         `# x86_64 only` \
-	&& /pkg-install.sh NET ghbin schollz/croc 'Linux-%arch:x86_64=64bit:aarch64=ARM64%.deb' \
-	&& /pkg-install.sh NET ghbin vi/websocat '%arch%.*linux-musl' websocat \
-	&& /pkg-install.sh NET ghbin ViRb3/wgcf  'linux_%arch:x86_64=amd64:aarch64=arm64%$' wgcf \
+	&& /pkg-install.sh NET ghbin shadowsocks/shadowsocks-rust      '%arch%.*linux.musl.tar.xz$' \
+	&& /pkg-install.sh NET ghbin ginuerzh/gost                     'linux-%arch:x86_64=amd64:aarch64=armv8%.*gz$' gost                          \
+	&& /pkg-install.sh NET ghbin tulir/gomuks                      'linux-%arch:x86_64=amd64:aarch64=arm64%'      gomuks                        \
+	&& /pkg-install.sh NET ghbin Snawoot/hola-proxy                'linux-%arch:x86_64=amd64:aarch64=arm64%'      hola-proxy                    \
+	&& /pkg-install.sh NET ghbin maxmind/mmdbinspect               'linux_amd64.tar.gz$'                          mmdbinspect   `# x86_64 only` \
+	&& /pkg-install.sh NET ghbin KaranGauswami/socks-to-http-proxy 'sthp-linux'                                   sthp          `# x86_64 only` \
+	&& /pkg-install.sh NET ghbin schollz/croc                      'Linux-%arch:x86_64=64bit:aarch64=ARM64%.deb'                                \
+	&& /pkg-install.sh NET ghbin vi/websocat                       '%arch%.*linux-musl'                           websocat                      \
+	&& /pkg-install.sh NET ghbin ViRb3/wgcf                        'linux_%arch:x86_64=amd64:aarch64=arm64%$'     wgcf                          \
 	&& /pkg-install.sh NET apt-get install -y --no-install-recommends \
 		hping3 \
 		ipcalc ipcalc-ng \
diff --git a/guest/fs-root/etc/shellrc b/guest/fs-root/etc/shellrc
index f8dd3ff..553edbf 100644
--- a/guest/fs-root/etc/shellrc
+++ b/guest/fs-root/etc/shellrc
@@ -8,6 +8,7 @@ alias l='ls -Alh'
 alias lt='ls -Alhrt'
 alias lss='ls -AlhrS'
 alias xterm='xterm-dark'
+alias psg='ps alxwww | grep -i -E'
 
 function dmesg {
 	[[ ! -t 1 ]] && { command curl -s sf/dmesg/ -dnocolor=1; return; }
diff --git a/guest/fs-root/sf/bin/sf-setup.sh b/guest/fs-root/sf/bin/sf-setup.sh
index 1d9e9cf..40997d0 100755
--- a/guest/fs-root/sf/bin/sf-setup.sh
+++ b/guest/fs-root/sf/bin/sf-setup.sh
@@ -1,6 +1,6 @@
 #! /bin/bash
 
-# Called when guest instance is booting up (created) and before
+# Called when guest container is booting up (created) and before
 # the user shell is spawned.
 # Called within sf-guest context.
 
@@ -8,7 +8,7 @@
 # - Execute /sec/usr/etc/rc.local
 
 # NOTE: Possible that /sec/root etc already exists (old SECRET used after
-# earlier instance exited) - in which case do nothing.
+# earlier container exited) - in which case do nothing.
 
 CR="\e[1;31m" # red
 CN="\e[0m"    # none
@@ -82,6 +82,17 @@ xmkdir()
 	mkdir -p "$1"
 }
 
+xln()
+{
+	[[ -e "$2" ]] && return
+	ln -s "$1" "$2"
+}
+
+xln_app()
+{
+	xln "/usr/share/applications/$1" "/root/Desktop/$1"
+}
+
 link_etc()
 {
 	[[ ! -d /sec/usr/etc ]] && mkdir -p /sec/usr/etc
@@ -124,6 +135,19 @@ setup()
 	xmkdir /sec/usr/sbin
 	xmkdir /sec/usr/share/cheatsheets/personal
 
+	# Create default Icons for SFUI
+	xmkdir /root/Desktop
+	xln_app debian-xterm.desktop
+	xln_app brave-browser.desktop
+	xln_app org.telegram.desktop.desktop
+	xln_app io.github.Hexchat.desktop
+	# xln_app pidgin.desktop
+	xln_app libreoffice-writer.desktop
+	xln_app libreoffice-draw.desktop
+	xln_app code.desktop
+	xln_app metasploit.desktop
+	xln_app burpsuite.desktop
+
 	# Copy Pelican www
 	[[ ! -d /sec/www ]] && {
 		cp -a /usr/share/www /sec
diff --git a/guest/fs-root/sf/bin/startxvnc b/guest/fs-root/sf/bin/startxvnc
index 2b1608a..e02db38 100755
--- a/guest/fs-root/sf/bin/startxvnc
+++ b/guest/fs-root/sf/bin/startxvnc
@@ -22,7 +22,7 @@ VNC_OPTS+=("-forever")
 VNC_OPTS+=("-localhost")
 #VNC_OPTS+=("-wirecopyrect" "-scrollcopyrect")
 #VNC_OPTS+=("-nopw")
-VNC_OPTS+=("-afteraccept" "pidof xterm || { DISPLAY=:10 xterm-dark & }")
+VNC_OPTS+=("-afteraccept" "pidof xterm || { DISPLAY=:10 xterm-dark -geometry 120x25+250+50 & }")
 VNC_PASSWDFILE="${HOME}/.vnc/passwd"
 
 mk_vncpass()
@@ -85,4 +85,4 @@ echo -e "Keep this shell open and log in again using:
     ${CDC}ssh -L5900:0:5900 -o 'SetEnv SECRET=${SF_SEC}' root@${SF_FQDN}${CN}
 
 Then use your favourite VNC client and connect to ${CB}${CUL}127.0.0.1:5900${CN}.
-${CDY}DO NOT EXIT THIS SHELL${CN}: Exiting this shell will terminate the GUI session."
\ No newline at end of file
+${CDY}DO NOT EXIT THIS SHELL${CN}: Exiting this shell will terminate the GUI session."
diff --git a/guest/fs-root/usr/share/applications/burpsuite.desktop b/guest/fs-root/usr/share/applications/burpsuite.desktop
new file mode 100644
index 0000000..b09dea9
--- /dev/null
+++ b/guest/fs-root/usr/share/applications/burpsuite.desktop
@@ -0,0 +1,11 @@
+[Desktop Entry]
+Name=burpsuite
+Encoding=UTF-8
+#Exec=sh -c "java -jar /usr/bin/burpsuite"
+Exec=burpsuite
+Icon=/usr/share/icons/Flat-Remix-Blue-Dark/apps/scalable/burp.svg
+StartupNotify=false
+Terminal=false
+Type=Application
+Categories=03-webapp-analysis;03-06-web-application-proxies;
+X-Kali-Package=burpsuite
diff --git a/guest/fs-root/usr/share/applications/metasploit.desktop b/guest/fs-root/usr/share/applications/metasploit.desktop
new file mode 100644
index 0000000..884082a
--- /dev/null
+++ b/guest/fs-root/usr/share/applications/metasploit.desktop
@@ -0,0 +1,11 @@
+[Desktop Entry]
+Name=Metasploit
+Comment=Metasploit msfconsole
+Exec=xterm-dark msfconsole
+Terminal=false
+Type=Application
+#Encoding=UTF-8
+Icon=metasploit
+Categories=Utility;Network;
+Keywords=metasploit;hacking;security;network;msfconsole
+#StartupWMClass=XTerm
diff --git a/guest/fs-root/usr/share/applications/thc-tips-and-tricks.desktop b/guest/fs-root/usr/share/applications/thc-tips-and-tricks.desktop
new file mode 100644
index 0000000..8532e98
--- /dev/null
+++ b/guest/fs-root/usr/share/applications/thc-tips-and-tricks.desktop
@@ -0,0 +1,11 @@
+[Desktop Entry]
+Name=Tips & Tricks
+Comment=Tips & Tricks / Cheat Sheet
+Exec=brave-browser --new-window 'https://github.com/hackerschoice/thc-tips-tricks-hacks-cheat-sheet'
+Terminal=false
+Type=Application
+#Encoding=UTF-8
+Icon=/usr/share/icons/thc-logo.jpg
+Categories=Utility;Network;
+Keywords=hacking;security;network;cheat
+#StartupWMClass=XTerm
diff --git a/guest/fs-root/usr/share/icons/metasploit.svg b/guest/fs-root/usr/share/icons/metasploit.svg
new file mode 100644
index 0000000..005251a
--- /dev/null
+++ b/guest/fs-root/usr/share/icons/metasploit.svg
@@ -0,0 +1 @@
+<svg width="512" height="512" version="1.1" viewBox="0 0 135.47 135.47" xmlns="http://www.w3.org/2000/svg"><g transform="matrix(1.0444 0 0 1.0444 -3.204 -171.71)"><path d="m23.221 176.09v66.222c0 9.4651 9.3645 22.539 18.943 28.972l26.082 17.517 25.813-17.517c9.5475-6.4791 18.943-19.507 18.943-28.972v-66.222c-29.665-8.7742-59.61-8.1596-89.78 0z" fill="#265ab1"/><path d="m29.924 186.24v55.775c0 7.972 10.945 19.391 15.955 24.402v-56.446l14.748 13.274v23.597h14.212v-23.597l14.748-13.274v56.446c5.0103-5.0103 15.955-16.43 15.955-24.402v-55.775h-15.151l-22.658 21.586-22.659-21.586z" opacity=".3"/><path d="m29.924 183.6v55.775c0 7.972 10.945 19.391 15.955 24.402v-56.446l14.748 13.274v23.597h14.212v-23.597l14.748-13.274v56.446c5.0103-5.0103 15.955-16.43 15.955-24.402v-55.775h-15.151l-22.658 21.586-22.659-21.586z" fill="#fff"/><path transform="matrix(.26458 0 0 .26458 0 161.53)" d="m256.72 31.008c-56.563 0.29037-113.37 8.5802-170.38 24v10c114.03-30.84 227.21-33.163 339.33 0v-10c-56.06-16.581-112.38-24.29-168.95-24z" fill="#fff" opacity=".2"/><path transform="matrix(.26458 0 0 .26458 0 161.53)" d="m86.336 295.29v10c0 35.774 35.393 85.186 71.596 109.5l98.576 66.205 97.561-66.205c36.085-24.488 71.596-73.726 71.596-109.5v-10c0 35.774-35.511 85.012-71.596 109.5l-97.561 66.205-98.576-66.205c-36.202-24.314-71.596-73.726-71.596-109.5z" opacity=".3"/><path d="m67.923 169.74c-0.01826 1e-4 -0.03652 4.2e-4 -0.05478 5.2e-4v119.06l25.812-17.517c9.5475-6.4791 18.943-19.506 18.943-28.971v-66.222c-14.832-4.3871-29.735-6.4268-44.701-6.35z" opacity=".2"/></g></svg>
diff --git a/guest/fs-root/usr/share/icons/thc-logo.jpg b/guest/fs-root/usr/share/icons/thc-logo.jpg
new file mode 100644
index 0000000..2410773
Binary files /dev/null and b/guest/fs-root/usr/share/icons/thc-logo.jpg differ
diff --git a/guest/setup.sh b/guest/setup.sh
index a8fc4b6..937c6db 100755
--- a/guest/setup.sh
+++ b/guest/setup.sh
@@ -93,6 +93,7 @@ set +e
 # Non-Fatal. WARN but continue if any of the following commands fail
 sed 's/^TorAddress.*/TorAddress 172.20.0.111/' -i /etc/tor/torsocks.conf || WARN "Failed /etc/tor/torsocks.conf"
 sed 's/^worker_processes.*/worker_processes 2;/' -i /etc/nginx/nginx.conf || WARN "Failed /etc/nginx/nginx.conf"
+sed 's/^Exec.*/Exec=xterm-dark/' -i /usr/share/applications/debian-xterm.desktop
 
 # Move "$1" to "$1".orig and link "$1" -> "$1"-hook
 mk_hook()
diff --git a/host/fs-root/bin/segfaultsh b/host/fs-root/bin/segfaultsh
index de5d52d..c7c8da5 100755
--- a/host/fs-root/bin/segfaultsh
+++ b/host/fs-root/bin/segfaultsh
@@ -449,7 +449,7 @@ print_goodbye()
 		echo -e "\
 ${CDY}@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
 @@@   ${CDG}** GET MORE MEMORY, SPEED, STORAGE AND NO RESTRICTIONS **${CDY}   @@@
-@@@           ${CDR}${CUL}https://www.thc.org/segfault/youcheapfuck${CN}${CDY}           @@@
+@@@             ${CDR}${CUL}https://www.thc.org/segfault/free${CN}${CDY}                 @@@
 @@@             ${CB}${CUL}https://www.thc.org/segfault/upgrade${CN}${CDY}              @@@
 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@${CN}"
 
@@ -475,7 +475,7 @@ print_to_many_servers()
 --> ${CDY}You ($YOUR_IP) already have ${SF_LIMIT_SERVER_BY_IP} servers running.${CN}
 --> Log in to your already running servers before creating any more new servers.
 --> Read ${CB}${CUL}https://www.thc.org/segfault/faq/#reconnect${CN}
---> Read ${CB}${CUL}https://www.thc.org/segfault/youcheapfuck${CN}
+--> Read ${CB}${CUL}https://www.thc.org/segfault/free${CN}
 --> Contact us on Telegram: ${CW}https://t.me/thcorg${CN}"
 }
 
@@ -728,7 +728,7 @@ RX=${SF_MAXIN:-unlimited}
 SYN_BURST=${SF_USER_SYN_BURST}
 SYN_RATE=${SF_USER_SYN_LIMIT}/sec
 SERVERS=${SF_LIMIT_SERVER_BY_IP}
-GREETINGS=${SF_SYSCOP_MSG}" "/config/self-for-guest/lg-${LID}/limits"
+GREETINGS='${SF_SYSCOP_MSG}'" "/config/self-for-guest/lg-${LID}/limits"
 }
 
 check_banned()
@@ -822,7 +822,7 @@ print_relay_notice()
 --> You (${CDY}$YOUR_IP${CN}) are trying to connect from a Relay.
 --> Log in from Relays is available for ${CG}VALUED${CN} users only.
 --> To log in from Relays please ask us for an ACCESS TOKEN.
---> Read ${CB}${CUL}https://www.thc.org/segfault/youcheapfuck${CN}
+--> Read ${CB}${CUL}https://www.thc.org/segfault/free${CN}
 --> Contact us on Telegram: ${CW}https://t.me/thcorg${CN}"
 	sleep 5
 }
diff --git a/sfbin/rportfw.sh b/sfbin/rportfw.sh
index f243766..192a5b7 100755
--- a/sfbin/rportfw.sh
+++ b/sfbin/rportfw.sh
@@ -15,7 +15,7 @@ ipbydev()
 	_ip="${_ip#*inet }"
 	_ip="${_ip%%/*}"
 	[[ -n $_ip ]] && { echo "$_ip"; return; }
-	echo -e >&2 "IP for dev '${1}' not found. Using $2"
+	echo -e >&2 "IP for dev '${1}' not found. Using ${2:-ERROR}"
 	echo "${2:?}"
 }