Dogfooding MEA Against My Zero-Cost Homelab (And the Troubleshooting Hell Along the Way

By RUGERO Tesla (@404Saint).

It’s Wednesday, and if you’re trying to maintain a consistent writing streak, the worst thing that can happen isn't a lack of ideas—it's equipment failure. My mouse died right in the middle of a deep-dive protocol breakdown session. By the time I sorted a replacement, my weekly timeline was completely shot.

Instead of forcing a massive architectural breakdown against a ticking clock, I decided to do something more chaotic: dogfood my own open-source security tool.

A while back, I released MEA (Modbus Exposure Analyzer), a passive behavioral analysis tool designed to fingerprint Modbus devices, calculate register entropy, and determine if an exposed internet facing asset is a real physical PLC or a simulator/honeypot.

I decided to point MEA directly at my local zero-cost industrial homelab (built inside Docker with OpenPLC and Fuxa HMI) to see if my own code could accurately spot its own creator's simulated environment.