Paul Seekamp

5.5K posts

Paul Seekamp banner
Paul Seekamp

Paul Seekamp

@nullenc0de

I spend a significant amount of time reading security stuff. Co-Founder/Partner @CoastlineCyber https://t.co/ZQT5L8q2RO

ɴ̵̢̧̮̮̹̖̳͍̳̣̻̰̯̜̰̰̭̑̌̊̿̀̾͑̆̀̈́ Katılım Ocak 2012
632 Takip Edilen17.5K Takipçiler
Sabitlenmiş Tweet
Paul Seekamp
Paul Seekamp@nullenc0de·
Big news! I started @CoastlineCyber, a boutique cyber security consulting firm dedicated to strengthening your organization's security posture. 💪
Paul Seekamp tweet media
English
1
5
32
16.6K
Paul Seekamp
Paul Seekamp@nullenc0de·
I don’t know if this condition has a name, but every time I make a sandwich on a sub roll, I have to speak to everyone around me in a thick New York accent. Regular sandwiches? No issue at all. Only sub rolls trigger it.
English
1
0
2
998
Simone Margaritelli
Simone Margaritelli@evilsocket·
@0xInuarashi it depends which side of the echo chamber you are at I guess! for some, it's realizing there's an entire planet of people who don't care about AI
English
3
0
9
710
Paul Seekamp
Paul Seekamp@nullenc0de·
@ClaudeDevs I still burned through my weeks' worth of tokens about 3 days. Have never done that before with the Max plan.
English
0
0
0
32
ClaudeDevs
ClaudeDevs@ClaudeDevs·
We've raised Claude Platform API rate limits for all users and simplified the tiers, which are no longer based on API spend. The latest Sonnet and Haiku models now provide 5x higher rate limits at the highest tier.
ClaudeDevs tweet media
English
230
325
5.4K
642.1K
dawgyg - WoH
dawgyg - WoH@thedawgyg·
Oo all of my reports fixed this week just got moved from Bounty under review to Bounty: Reviewing and its green now... maybe some bounties coming from Apple?! xD 🤞🤞
English
4
0
121
7.4K
Paul Seekamp
Paul Seekamp@nullenc0de·
@vysecurity @Random_Robbie I was using GLM 5.1 in my pipeline. But onboarding people caused issues. 1) The price to give free test scans was getting expensive. 2) It caused some rate limiting issues that I didn't expect. I moved to open weight model with existing harness and the triager thrashed. Fixing.
English
0
0
0
75
Vincent Yiu
Vincent Yiu@vysecurity·
Qwen3.7-Max and Qwen3.7-Plus is solid when used for vulnerability pipeline and validation tasks. Found vulnerabilities in a bug bounty program and managed to self-validate and identify false positives. Managed to one shot a "Provide a recon overview of target company". Can also use Qwen3.7-Plus' vision model to self iterate and review slide deck design and diagrams and re-iterate and perfect any imperfections! Managed to also take a photo of a business card while at a conference, ask the agent using Qwen3.7-Plus to lookup and research the person and company for insights.
English
1
1
15
3.5K
Paul Seekamp
Paul Seekamp@nullenc0de·
I've onboarded a small group of users so far, and the response has been incredible, over 400 DMs and 200 comments! While I’d love to grant access to everyone immediately, my current LLM can't handle that volume just yet, so my next step is scaling up.
English
4
0
20
2.7K
Paul Seekamp
Paul Seekamp@nullenc0de·
@julie_bush Haha. The didnt find vulns. Some people have historically been "aggressive" with their subdomain enumeration. Mine didn't quite live up to their expectations so we met in the middle.
English
1
0
1
37
Julie Bush
Julie Bush@julie_bush·
@nullenc0de so you’re saying the bug hunter has bugs of its own huh? quite the irony
English
1
0
1
36
Paul Seekamp
Paul Seekamp@nullenc0de·
I am at the point where my bug bounty findings are 100% agentic. I am just pasting in the scope and letting the agent run. It can do full external tests for all kinds of environments. A few people already have access, but if you want to try it, comment/DM. ​How does it work? 👇
Paul Seekamp tweet media
English
220
20
386
35.1K
Paul Seekamp
Paul Seekamp@nullenc0de·
I also wired in asynchronous out-of-band polling to catch blind vulns (SSRF/RCE), strict route-aware guardrails to prevent unsafe credential spraying, and a dual-model "Skeptic" pipeline that cross-validates every finding to kill false positives before they ever reach the report.
English
5
1
8
2.9K
Paul Seekamp
Paul Seekamp@nullenc0de·
What really makes it interesting is the cognitive loop. The agent scores its own confidence after every action, forcing itself to mutate payloads or pivot to new attack classes to avoid infinite loops.
English
2
1
10
3.1K