Paul Seekamp

Big news! I started @CoastlineCyber, a boutique cyber security consulting firm dedicated to strengthening your organization's security posture. 💪

My wife bought this AI calorie tracker. You take a pic of your food and it counts calories/macros. I reverse engineered it, made a newer robust version and fixed every complaint from customers. All while sitting at my daughter's gymnastics practice. caltrack.hardware-tracker.workers.dev

@thedawgyg @mrgc41637186182 WebGPU and vulkan stuff doesn't like the VMs. Need Metal. I think I have about 6 DoS. I have submitted 2 of them, but they filed them as bugs, so I won't submit the rest. If you want to feed me the info for the windows stuff. I can test on mine. Can collab on that.

i havent even filed mine that are likely to be 'bugs'. I have like 50+ ways to crash tabs from check/dcheck assertions and all. i have a USe After Free that i need windows to get evidence for and all, but i dont know how to use windows, so i am hesitant to wipe one of my servers and put windows on it (cant do it from VM sadly)

Submitted the full RCE to Chrome VRP 2 weeks ago and still not a single response... Someone wanna poke them with a stick for me? I don't wanna ping them again and bug them lol

@thedawgyg @mrgc41637186182 Yea, probably too late now. Got a bunch of dups too. Most of what's left are just bugs.

@nullenc0de @mrgc41637186182 yea that would have been awesome. i dont think we would be allowed to combine them now since they are seperate reports and we would likely get in trouble sharing info before patch released lol

@thedawgyg @mrgc41637186182 Damn, I submitted 2 sandbox escapes 2 weeks ago. Should have collaborated.

It was in the renderer process, so its not the top of the line RCE since I didnt have sandbox escape. I was expecting $55,000 from Google for the bounty, but since they only paid $11,000 (and havent replied for 2 weeks after giving a real RCE exploit) I will likely look to sell to brokers or something

@khendarian Maybe I'll trust it more after it is retrained on how RAID works. 😂

@nullenc0de The AI is your friend. Trust The AI.

I just gave Claude code access to an old qnap I haven't turned on in like 4 years. It noticed it was running RAID 0 and it suggested running RAID 5. When I asked it how it plans to convert to RAID 5 without any data loss, it assured me no backup is required. 💀

@erkinyvz Yea. I feel like we are in it for the love of the game now.

@nullenc0de I got 4 non-dup crits/highs waiting program triage. It kills the spirit a little bit.

Bug bounty SLAs are not a thing anymore it seems.

Im trying to find a good website that lets me set price alerts on GPUs and RAM. This looks good. prices.xricbuzz.com Any others?

Interesting... This site now scans the internet checking subdomain dns records. I have scheduled scans for my top 3 bug bounty domains for changes in DNS records so I can be the first to report. Subscription pays for itself! Cool portal too: domain-security-board.defendflow.xyz

Sir Reginald Buys The Options is scary good.

Ollama now has Anthropic API compatibility. 🦙 This enables tools like Claude Code to be used with open-source models. 😍 Get started and learn more 👇👇👇

Sir Reginald Buys The Options made a 322% profit today on his second trade of existence: Here is his plan for next week...

Sir Reginald Buys the Options is trying out some Options plays with Opus 4.5 as the brain. Reginald owns 1 call of the following: Time to get the popcorn🍿 out and see what it does.

Let's start 2026 with a major Responder update! It now supports: - CLDAP ping pong to SMB auth. - SNMPv3 authentication and hashes. - New rogue Kerberos server forcing AS-REQ when receiving TGS-REQ + support for Kerberos type 17/18 hashes. - IMAP support for NTLM authentication. - SMTP support for AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5 NTLM authentication. - DCE-RPC server now supports SAMR, SRVSVC, WKSSVC, WINREG, SVCCTL, ATSVC, DNSSERVER - DNS server now supports SOA, MX, SRV, ANY, etc -> SOA -> Appear as the authoritative DNS server -> MX poisoning → Email client connects to rogue SMTP/IMAP → capture credentials -> SRV poisoning → Domain services connect to rogue SMB/LDAP/Kerberos → capture NTLM/AS-REQ - LDAP GSSAPI, GSS-SPNEGO, NTLM, DIGEST-MD5 git pull or git clone github.com/lgandx/Respond… Happy new year to everyone!

Chatgpt has a habit of saying no to me.

@HackingDave My son just got the new street fighter for Christmas. Muscle memory from 1996 destroyed him and his siblings.

I have beaten my entire family currently undefeated on old school games 😂😂😂 they are so mad

Why make an expense report in 5 minutes. When you can spend 2 hours coding Playwright to download your receipts and submit your expense report for you.

@Tw1sm [Tool] github.com/zyn3rgy/RelayI… [Blog] specterops.io/blog/2025/11/2…