I have some very backlogged projects Iโve decided to just release to get them out of my backlog. This one is related to the Digital Ally ThermoVu DTM-600, which is a Uniview/OEM OET-213H-NB-style facial recognition and thermal access-control device. This release is the majority of my notes, tools, findings, and research artifacts from looking at … Continue reading Digital Ally ThermoVu DTM-600 / Uniview LAPI Security Research Release
Tag: Penetration Testing
AutoPro and 3rd Party Carplay/Android Auto Dongle Security Research
I have some very backlogged projects I've decided to just release to get them out of my backlog. The first one is related to aftermarket Apple CarPlay and Android Auto dongles. This release is the majority of my notes, tools, findings, and research artifacts from looking at the Mayton/AutoPro-style dongle ecosystem. It includes documentation, test … Continue reading AutoPro and 3rd Party Carplay/Android Auto Dongle Security Research
Agent Ready Armor (ARA) Teaser
Agent Ready Armor (ARA) โ a runtime substrate for AI agents. Containment for what agents do, provenance for what they produce. Built for the demands of offensive security, applicable to any agentic deployment. Second in the Ready Armor Suite, after BRA. Control in Depth.
Arctic Base
Arctic Base is a single place per project where your AI coding agent can drop approval forms, share files both ways, render markdown for review, drive a persistent task list, and wait for you to respond โ without bloating your chat context or forcing you to copy-paste.
Releasing Battle Ready Armor Slim โ AI as force-multiplier, not autopilot
The default in most "AI security" tools today is that the model runs the engagement. Battle Ready Armor takes the opposite position: the operator drives, the AI is advisory, and the framework holds the line mechanically โthrough approval tokens, scope checks, and on-disk anonymization that survive any model swap. Slim is the free tier, out today.
AutoProber – Automated PCB Probing for hardware hackers
AutoProber is the hardware hacker's flying probe automation stack for giving your agent everything it needs to go from "there's a new target on the plate" to probing individual pins.
Addition to the $150 Private LTE Network
The first addition, a awesome 4G LTE router that runs a flavor of OpenWRT, anti-forensics blue merle plugin and supports CBRS bands (aka the $150 private LTE network). First documented case of this being supported!
Setting up your own 4G LTE Network (<$150) for your Embedded System & IoT Hacking Lab via Open5GS + CBRS eNodeB on Ubuntu 24.04
Step by Step instructions to setting up your own private LTE network for cheap, great for home labs, hacking and penetration testing.
Fly-By – Device 2: The Falcon/Sparrow – Gated Wireless RCE, Camera Feed, DoS, Information Disclosure and More
Covering the next batch of disclosures in regards to my Flock Safety security research.
Industry Standard Penetration Testing Reports Lack Two Key Enhancements
Penetration testing has traditionally been treated as a point in time exercise centered on identifying and exploiting vulnerabilities. While severity charts and baseline reporting are standard, they often fall short in giving executives the context required for strategic decision making. This article introduces two powerful yet straightforward enhancements, remediation effort mapping and threat model context graphs. Both of these elevate reports into holistic snapshots of an organizationโs security posture. By reframing deliverables in this way, penetration testing shifts from a checklist of vulnerabilities and exploits, to a source of leadership insight, enabling more informed, timely, and impactful decisions.








