heyosjabout
playbooks

scripts & tools.

when a problem repeats, i script it. when the script is useful, it lands here with setup, commands, and troubleshooting.

open latest
allemailhomelabnetworking

  1. Email Threat Analysis: Reviewing Attachments Safely

    2/4/2026

    A static only workflow for extracting, hashing, and inspecting email attachments without opening them.

    playbooksemailemail-threat-analysisincident-responseforensicsattachments

  2. Email Threat Analysis: Rapid .eml Triage Commands for Analysts

    1/11/2026

    Shell commands to run when triaging a downloaded .eml file, with explanations of what each command and flag does.

    playbooksemailemail-threat-analysisincident-responseforensics

  3. Honey‑Pi: Home Honeypot → Azure Log Analytics

    9/13/2025

    Spin up a Raspberry Pi honeypot (OpenCanary), ship events to Azure Log Analytics with Fluent Bit, and verify it end‑to‑end.

    playbookssecurityhomelabnetworkingazureraspberry-pirepo

  4. Parse Email Headers Fast (hoptrace)

    8/24/2025

    Turn jumbled headers into a readable hop trail with SPF/DKIM/DMARC snapshots — evidence only.

    playbooksemaildeliverabilitysec-toolsrepo

  5. Free the Port: Diagnose and Kill Local Listeners (whoport)

    8/18/2025

    When port 3000 is 'already in use', here’s the fast way to identify and free it on macOS, Linux, or Windows.

    playbooksnetworkingdev-toolsrepo

  6. Email Auth: DNS-Only Audit

    8/16/2025

    Tiny Python CLI to quickly check SPF, DMARC, MTA-STS, TLS-RPT, and optional DKIM selectors.

    email securityspfdmarcdkimmta-ststls-rptplaybookrepo