I have some very backlogged projects Iโve decided to just release to get them out of my backlog. This one is related to the Digital Ally ThermoVu DTM-600, which is a Uniview/OEM OET-213H-NB-style facial recognition and thermal access-control device. This release is the majority of my notes, tools, findings, and research artifacts from looking at … Continue reading Digital Ally ThermoVu DTM-600 / Uniview LAPI Security Research Release
Tag: Ethical Hacking
AutoPro and 3rd Party Carplay/Android Auto Dongle Security Research
I have some very backlogged projects I've decided to just release to get them out of my backlog. The first one is related to aftermarket Apple CarPlay and Android Auto dongles. This release is the majority of my notes, tools, findings, and research artifacts from looking at the Mayton/AutoPro-style dongle ecosystem. It includes documentation, test … Continue reading AutoPro and 3rd Party Carplay/Android Auto Dongle Security Research
Agent Ready Armor (ARA) Teaser
Agent Ready Armor (ARA) โ a runtime substrate for AI agents. Containment for what agents do, provenance for what they produce. Built for the demands of offensive security, applicable to any agentic deployment. Second in the Ready Armor Suite, after BRA. Control in Depth.
Releasing Battle Ready Armor Slim โ AI as force-multiplier, not autopilot
The default in most "AI security" tools today is that the model runs the engagement. Battle Ready Armor takes the opposite position: the operator drives, the AI is advisory, and the framework holds the line mechanically โthrough approval tokens, scope checks, and on-disk anonymization that survive any model swap. Slim is the free tier, out today.
AutoProber – Automated PCB Probing for hardware hackers
AutoProber is the hardware hacker's flying probe automation stack for giving your agent everything it needs to go from "there's a new target on the plate" to probing individual pins.
Formalizing my Flock Safety Security Research.
My Flock Safety independent security research has reached the point where it felt necessary to compile it all into a formal white paper and statement. Moving forward, all vulnerabilities will be added first to this white paper during the responsible disclosure embargo.
Addition to the $150 Private LTE Network
The first addition, a awesome 4G LTE router that runs a flavor of OpenWRT, anti-forensics blue merle plugin and supports CBRS bands (aka the $150 private LTE network). First documented case of this being supported!
Setting up your own 4G LTE Network (<$150) for your Embedded System & IoT Hacking Lab via Open5GS + CBRS eNodeB on Ubuntu 24.04
Step by Step instructions to setting up your own private LTE network for cheap, great for home labs, hacking and penetration testing.
Button Presses to Wireless RCE: Shell on Flock Safety’s License Plate Cameras Over Wi-Fi
A combination of reused default passwords, hidden triggers, and completely unauthenticated APIs results in reliable wireless RCE, data disclosure, and device control in the field on Flock Safety's License Plate Readers.
Fly-By – Device 2: The Falcon/Sparrow – Gated Wireless RCE, Camera Feed, DoS, Information Disclosure and More
Covering the next batch of disclosures in regards to my Flock Safety security research.









