Where OSINT, Hacking, Penetration Testing, Privacy, Piracy, Information Security, Cyber Security and Law are a lifestyle.
How I took a security researchers initial discovery and found another 63 instances of Flock Safety Camera Feeds and Debug Web Service exposed unauthenticated to the internet. Also learn how it ended up being exposed to the internet and how to ensure it doesn't happen to you.
A TensorFlow Lite harness I threw together for some security research in regards to my long going Bird Hunting Season project!
The first addition, a awesome 4G LTE router that runs a flavor of OpenWRT, anti-forensics blue merle plugin and supports CBRS bands (aka the $150 private LTE network). First documented case of this being supported!
Step by Step instructions to setting up your own private LTE network for cheap, great for home labs, hacking and penetration testing.
Covering the next batch of disclosures in regards to my Flock Safety security research.
Covering the newest and likely rarest of Fock's Devices I've had the chance to get my hands on. In this case, it's a (edge) Compute Box. Much newer harder then the other stuff and its own huge set of challenges. Come see how little I've explored this device and how to get root on it so you can start diving in too!
I will keep this article brief as I still owe a full disclosure article walking through what was covered in my Phrack Article 'Roadside to Everyone (R2E) Phase 1: Physical & Local Vulnerabilities in (C)V2X RSUs' LINK. This will include more pictures, some deeper explanations of the vulnerabilities, etc. For now I just wanted to … Continue reading Roadside to Everyone – Intelligent Traffic Systems (ITS) Research – Kapsch TrafficCom AG (C)V2X Roadside Units (RSU)
Technical leadership requires more than directing tasksโit demands the careful management of two-way communication. A leader serves as the bridge between strategic intent from above and operational reality from below. That responsibility means presenting information in a clear and digestible way, without omitting what is beneficial, so both sides remain aligned in their respective roles. One effective approach is shielding: a strategy where the leader anticipates reactions, filters complexity, and ensures that both technical practitioners and senior leadership receive accurate, balanced communication. Shielding is not passiveโit requires consistent effort, empathy, and accountability. While demanding, it is the most reliable way to build and maintain trust, ensuring that decisions are informed, practitioners are represented fairly, and leadership remains confident in execution.
Remote technical team meetings often miss the mark. Movie hours and โmost interesting findingโ contests sound engaging but tend to create low value, or worse, feed imposter syndrome. Through years of leading offensive security teams, Iโve found two approaches that actually build cohesion: continuous passive support through shared learning, and structured mid-depth discussions that surface perspectives without putting people on the spot.
Penetration testing has traditionally been treated as a point in time exercise centered on identifying and exploiting vulnerabilities. While severity charts and baseline reporting are standard, they often fall short in giving executives the context required for strategic decision making. This article introduces two powerful yet straightforward enhancements, remediation effort mapping and threat model context graphs. Both of these elevate reports into holistic snapshots of an organizationโs security posture. By reframing deliverables in this way, penetration testing shifts from a checklist of vulnerabilities and exploits, to a source of leadership insight, enabling more informed, timely, and impactful decisions.