Initial commit — camhak.seteclabs.io site source

Long-form Camhak research report. 20 findings, 3 CVEs, 4 sanitized
screenshots. Single-page HTML with terminal CRT aesthetic extending
seteclabs.io. Sensitive specifics redacted; unredacted artifact pack
held for CISA / UBIA coordination only.

Generated by the cam-mitm toolkit at SetecLabs/cam-mitm.

README.md

@@ -0,0 +1,28 @@
+# camhak.seteclabs.io
+
+Source for **[camhak.seteclabs.io](https://camhak.seteclabs.io)** — a Setec Labs original research report on the Javiscam 2604 / UBox / UBIA IP camera.
+
+20 findings, 3 verified CVEs (CVE-2025-12636, CVE-2021-28372, CVE-2023-6322 chain), 4 screenshots, and a Phase 2 hardware-teardown plan. Sanitized for public release; the unredacted artifact pack is available to CISA coordinators and UBIA security contacts on request.
+
+## Layout
+
+- `index.html` — single-page long-form report
+- `style.css` — extends [seteclabs.io/style.css](https://seteclabs.io/style.css) with the report-specific aesthetic (terminal CRT, glitch hero, decrypt reveals, pulsing severity badges, custom cursor)
+- `boot.js` — typewriter boot sequence, scroll reveals, live UTC clock, periodic hero glitch
+- `img/` — four screenshots (one redacted)
+
+## Source
+
+The toolkit that produced this report is at [SetecLabs/cam-mitm](https://repo.seteclabs.io/SetecLabs/cam-mitm). The generic templated framework is [SetecLabs/setec-mitm](https://repo.seteclabs.io/SetecLabs/setec-mitm).
+
+## Deploy
+
+```
+rsync -avz --delete ./ root@<server>:/var/www/camhak.seteclabs.io/
+```
+
+Behind nginx with a Let's Encrypt cert. See the parent server config for details.
+
+## License
+
+The site content (text, layout) is **CC-BY-4.0**. The toolkit it documents is MIT (see cam-mitm).