Playbooks

Scenario & Walkthroughs

Pick the situation you are seeing, collect proof, then choose narrow defensive action.

Library

Choose a guide

Filter later by app, difficulty, problem type, and persona.

Playbook

Unknown Process Talking To The Internet

Use WireTuna to identify the app, destination, protocol, meaning, and packet evidence before you decide whether to escalate.

Beginner8 minWireTuna

Open guide

Playbook

Map A Chatty Device

Use NetView's graph, MAC hover, source grouping, packet counts, IP search, and export tools to identify the device and preserve a snapshot.

Beginner7 minNetView

Open guide

Playbook

Diagnose A Bad Connection

Use NetEye continuous ping for latency, loss, jitter, and uptime, then traceroute to identify slow or timing-out hops.

Operator10 minNetEye

Open guide

Playbook

Bot Scans And Brute Force Attacks

Use HoneyMesh traps for Behavior-Based Detection, confirm JA4-first context, then escalate to Kernel-Level Blocking with eBPF/XDP only after allowlist review.

Advanced12 minHoneyMesh

Open guide

Playbook

Protect Sensitive Files

Use IronClad Vault to import files, assign classification levels, manage users, and keep the Megakey safe.

Beginner9 minIronClad Vault

Open guide

Playbook

Direct Encrypted File Exchange

Use P2P Chat host/client roles, matching encryption, an out-of-band shared key, and the p2pchat_files transfer boundary.

Beginner7 minP2P Chat

Open guide