Penetration testing has traditionally been treated as a point in time exercise centered on identifying and exploiting vulnerabilities. While severity charts and baseline reporting are standard, they often fall short in giving executives the context required for strategic decision making. This article introduces two powerful yet straightforward enhancements, remediation effort mapping and threat model context graphs. Both of these elevate reports into holistic snapshots of an organization’s security posture. By reframing deliverables in this way, penetration testing shifts from a checklist of vulnerabilities and exploits, to a source of leadership insight, enabling more informed, timely, and impactful decisions.
Trap Shooter – Flock Safety Sniffer & Alarm
Custom firmware for the M5NanoC6 (ESP32-C6) that sniffs and then alerts you of nearby Flock Safety devices. Will be integrated into a exploit tool releasing on 09/27/25 for Flock Safety devices!
GainSec in the Middle!
Implementation of Man-in-the-Middle (MiTM) Router / Access Point (AP). Great for embedded, IoT, hardware or similar penetration tests, hacks or research. Creates all interfaces and configurations on the fly, integrates other functionality to make TLS stripping, Android use or Burp Suite use more streamlined.
Unbricking and Flashing the Yardstick One
Bricked your Yardstick One? This step-by-step guide shows how to recover it using its cousin, the GreatFET, by erasing, flashing, and verifying full Sub 1 GHz sniffer functionality.
Grounded Flight – Device 2: Root Shell on Flock Safety’s Falcon/Sparrow Automated License Plate Reader
All research was performed against a unit I owned and we did not and do not have any intention of disrupting any existing infrastructure. All disclosures are intended for research purposes only, on devices the researcher owns. Onto the next! In case you missed the previous two posts; where I went over what Flock Safety … Continue reading Grounded Flight – Device 2: Root Shell on Flock Safety’s Falcon/Sparrow Automated License Plate Reader
Plucked and Rooted – Device 1: Debug Shell on Flock Safety’s Raven Gunshot Detection System
All research was performed against a unit I owned and we did not and do not have any intention of disrupting any existing infrastructure. All disclosures are intended for research purposes only, on devices the researcher owns. Well with an introduction to the organization, their services and devices and some other information out of the … Continue reading Plucked and Rooted – Device 1: Debug Shell on Flock Safety’s Raven Gunshot Detection System
Bird Hunting Season – Security Research on Flock Safety’s Anti-Crime Systems
All research was performed against a unit I owned and we did not and do not have any intention of disrupting any existing infrastructure. All disclosures are intended for research purposes only, on devices the researcher owns. This is a introduction and overview post to give some background on the organization and their devices before … Continue reading Bird Hunting Season – Security Research on Flock Safety’s Anti-Crime Systems
The quickest and simplest guide to spinning up a powerful local AI stack. Part 7 – Current Stack – Docker Deploy
Going to keep this post extremely brief. I have published the current stack and how to spin it up yourself on my GitHub. Next Part will be implementing Local Agentic RAG with Crawl4AI! Check out the repo HERE
The quickest and simplest guide to spinning up a powerful local AI stack. Part 6 – Open-WebUI To Crawl4AI – Chat
Step by Step instructions on how to Integrate Crawl4AI as a tool within Open-WebUI to be used by any model.
The quickest and simplest guide to spinning up a powerful local AI stack. Part 5 – Open-WebUI To Crawl4AI – Local Files
Implementing a Open-WebUI Function to parse user input for URLs, pass them to Crawl4AI, parse its output and save it into multiple files for later use.







