heyosjabout
playbooks

scripts & tools.

when a problem repeats, i script it. when the script is useful, it lands here with setup, commands, and troubleshooting.

open latest
allemailhomelabnetworking

  1. Email Threat Analysis: Reviewing Attachments Safely

    2/4/2026

    A static only workflow for extracting, hashing, and inspecting email attachments without opening them.

    playbooksemailemail-threat-analysisincident-responseforensicsattachments

  2. Email Threat Analysis: Rapid .eml Triage Commands for Analysts

    1/11/2026

    Shell commands to run when triaging a downloaded .eml file, with explanations of what each command and flag does.

    playbooksemailemail-threat-analysisincident-responseforensics

  3. Parse Email Headers Fast (hoptrace)

    8/24/2025

    Turn jumbled headers into a readable hop trail with SPF/DKIM/DMARC snapshots — evidence only.

    playbooksemaildeliverabilitysec-toolsrepo

  4. Email Auth: DNS-Only Audit

    8/16/2025

    Tiny Python CLI to quickly check SPF, DMARC, MTA-STS, TLS-RPT, and optional DKIM selectors.

    email securityspfdmarcdkimmta-ststls-rptplaybookrepo