Technical leadership requires more than directing tasks—it demands the careful management of two-way communication. A leader serves as the bridge between strategic intent from above and operational reality from below. That responsibility means presenting information in a clear and digestible way, without omitting what is beneficial, so both sides remain aligned in their respective roles. One effective approach is shielding: a strategy where the leader anticipates reactions, filters complexity, and ensures that both technical practitioners and senior leadership receive accurate, balanced communication. Shielding is not passive—it requires consistent effort, empathy, and accountability. While demanding, it is the most reliable way to build and maintain trust, ensuring that decisions are informed, practitioners are represented fairly, and leadership remains confident in execution.
Tag: Hacking
Deriving the Most Value from Technical Team Meetings
Remote technical team meetings often miss the mark. Movie hours and “most interesting finding” contests sound engaging but tend to create low value, or worse, feed imposter syndrome. Through years of leading offensive security teams, I’ve found two approaches that actually build cohesion: continuous passive support through shared learning, and structured mid-depth discussions that surface perspectives without putting people on the spot.
Industry Standard Penetration Testing Reports Lack Two Key Enhancements
Penetration testing has traditionally been treated as a point in time exercise centered on identifying and exploiting vulnerabilities. While severity charts and baseline reporting are standard, they often fall short in giving executives the context required for strategic decision making. This article introduces two powerful yet straightforward enhancements, remediation effort mapping and threat model context graphs. Both of these elevate reports into holistic snapshots of an organization’s security posture. By reframing deliverables in this way, penetration testing shifts from a checklist of vulnerabilities and exploits, to a source of leadership insight, enabling more informed, timely, and impactful decisions.
Unbricking and Flashing the Yardstick One
Bricked your Yardstick One? This step-by-step guide shows how to recover it using its cousin, the GreatFET, by erasing, flashing, and verifying full Sub 1 GHz sniffer functionality.
Grounded Flight – Device 2: Root Shell on Flock Safety’s Falcon/Sparrow Automated License Plate Reader
All research was performed against a unit I owned and we did not and do not have any intention of disrupting any existing infrastructure. All disclosures are intended for research purposes only, on devices the researcher owns. Onto the next! In case you missed the previous two posts; where I went over what Flock Safety … Continue reading Grounded Flight – Device 2: Root Shell on Flock Safety’s Falcon/Sparrow Automated License Plate Reader
Plucked and Rooted – Device 1: Debug Shell on Flock Safety’s Raven Gunshot Detection System
All research was performed against a unit I owned and we did not and do not have any intention of disrupting any existing infrastructure. All disclosures are intended for research purposes only, on devices the researcher owns. Well with an introduction to the organization, their services and devices and some other information out of the … Continue reading Plucked and Rooted – Device 1: Debug Shell on Flock Safety’s Raven Gunshot Detection System
Bird Hunting Season – Security Research on Flock Safety’s Anti-Crime Systems
All research was performed against a unit I owned and we did not and do not have any intention of disrupting any existing infrastructure. All disclosures are intended for research purposes only, on devices the researcher owns. This is a introduction and overview post to give some background on the organization and their devices before … Continue reading Bird Hunting Season – Security Research on Flock Safety’s Anti-Crime Systems
The quickest and simplest guide to spinning up a powerful local AI stack. Part 4 – Transcription via Whisper
So it turns out that OpenWeb-UI comes with a form of whisper integration out of the box. So I'm going to cover what changes you should make to make it better, and then I'll include a bonus of a n8n + docker-compose you can use to run a whisper-server + n8n test workflow for it. … Continue reading The quickest and simplest guide to spinning up a powerful local AI stack. Part 4 – Transcription via Whisper
The quickest and simplest guide to spinning up a powerful local AI stack. Part 3 – Image Generation via Stable Diffusion
So as this is the first part that integrates things that aren't included out of the box, I'm going to build these parts out separately and then at the end I'll release my full docker-compose.yml which will have all the pieces. With that in mind, lets get started. First you should go to your users … Continue reading The quickest and simplest guide to spinning up a powerful local AI stack. Part 3 – Image Generation via Stable Diffusion
Sniffing V2X/DSRC with LibreSDR B210/B220 AD9361 on Linux
Continuing with the last post, here's how to conifgure the LibreSDR B210/B220 to sniff V2X/DSRC traffic. First lets install some dependencies: sudo apt install gnuradio gnuradio-dev cmake libsndfile1 libsndfile1-dev Next lets follow this awesome GitHub Repo's instructions Now within GNURadio Companion open the following: /opt/gr-iee802-11/examples/wifi_phy_hier.gcr Now run it then exit GNURadio and reopen it. Now … Continue reading Sniffing V2X/DSRC with LibreSDR B210/B220 AD9361 on Linux