heyosjabout
notes

latest: PDF Phishing Triage

Field Notes

Short technical write-ups, working notes, and reference material from active investigations and research.

allazurecryptodfiremail securitynetworking

PDF Phishing Triage

2/21/20263 min read

Static-first checklist to quickly classify phishing PDFs, extract redirects, and identify exploit indicators.

PCAP Analysis Using tshark For Some Malware

1/2/20262 min read

Dabbling with light malware analysis. Starting with investigating the PCAP file

Honey-Pi Notes: Turning a Spare Raspberry Pi into a Cloud DFIR Beacon

9/13/20253 min read

Why I turned an idle Raspberry Pi into a honeypot that ships to Azure Log Analytics, plus the tiny set of commands/aliases I’ll actually use.