Sim4n6 @ Security Bug Focus 🐞's Avatar

Sim4n6 @ Security Bug Focus 🐞

@securitybugfocus.com.bsky.social

A bug squasherπŸ—œοΈin spirit 🐞

101 Followers  |  162 Following  |  94 Posts  |  Joined: 16.10.2023  |  1.9837

Latest posts by securitybugfocus.com on Bluesky

What are we supposed to say in the reply?! πŸ˜…

04.08.2025 17:52 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Nice one

02.08.2025 11:37 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Arbitrary File overwrite... Interesting one

30.07.2025 09:30 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

A code review approach and two bypasses or more

26.07.2025 08:34 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

This time πŸ˜…

19.07.2025 13:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

The link πŸ”— is working

19.07.2025 13:30 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

We are super excited to share that we acquired the Shift Plugin (shiftplugin.com) and we are making it free to Caido paid users πŸš€

Shift is a smart AI companion for your hacking. It can craft payloads, Match&Replace rules, HTTPQL queries, etc.

All details here: caido.io/blog/2025-07...

16.07.2025 16:47 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

Scary beast .. !

16.07.2025 16:34 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Bypass of Wildcard Allowlist which leads to Full SSRF - CrowdStream - Bugcrowd Bugcrowd's bug bounty and vulnerability disclosure platform connects the global security researcher community with your business. Crowdsourced security testing, a better approach! Run your bug bounty ...

300$ for a Jira full read SSRF... What a waste of time and skill! #BugBounty

bugcrowd.com/disclosures/...

15.07.2025 03:41 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Link πŸ”— broken

11.07.2025 20:27 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

To level up my #BugBounty game I use #Scribe, it Ai generates a steps to follow screenshots basedd on a recording www.scribehow.com/lp/home?via=a

29.06.2025 22:08 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Amazing 🐺

27.06.2025 12:29 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Double Dash, Double Trouble: A Subtle SQL Injection Flaw Can a simple dash character introduce a security risk? Discover how SQL line comments can open the door to unexpected injection vulnerabilities in several PostgreSQL client libraries!

SQL Injection despite using prepared statements? 🧐

Turns out that SQL syntax can be ambiguous! Learn how this has led to vulnerabilities in several popular PostgreSQL client libraries:

www.sonarsource.com/blog/double-...

#appsec #security #vulnerability

10.06.2025 15:20 β€” πŸ‘ 7    πŸ” 2    πŸ’¬ 0    πŸ“Œ 1
Post image

Changed my mind...

08.06.2025 18:11 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

A nice and a sunny day 🌞

08.06.2025 12:01 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Exorcised :-D LOVE IT

07.06.2025 06:40 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

it's due to a Caido workflow and you are proxying ... naaa nvm

06.06.2025 16:56 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
a man in a hoodie is standing in front of a group of people . ALT: a man in a hoodie is standing in front of a group of people .

"Please provide your professional email address to subscribe"

... sure , @wearehackerone.com

follow me for more free bypasses 😎

24.05.2025 18:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

DM requires to have already been following back...

20.05.2025 21:20 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

How about go.bsky.app/GD7hKPX

19.05.2025 04:36 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

It looks to me like a call for war 😁

14.05.2025 13:50 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Stream

14.05.2025 06:16 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Address bar autocomplete suggestions in Firefox | Firefox Help When you type into the address bar, Firefox suggests pages you've bookmarked, tagged, visited before or have open in tabs. Learn more.

TIL it's possible to search among opened Firefox tabs by prefixing your search with "%" 🀯

As a keyboard maximalist, the workflow should be "Ctrl-T + %search criteria + up/down + Enter" πŸ¦₯

support.mozilla.org/en-US/kb/add...

12.05.2025 09:20 β€” πŸ‘ 21    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0

Impressive what we can quickly fire with AI

11.05.2025 14:19 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

There should be a recaptcha kind of way to confirm not ai writti'g being

09.05.2025 07:53 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I have great respect for the unknown and occasional vulnerability researcher who emerges from time to time with a killer discovery...

07.05.2025 19:53 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
a close up of a man making a funny face with his eyes wide open . ALT: a close up of a man making a funny face with his eyes wide open .
06.05.2025 08:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Thank you

01.05.2025 12:20 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Suppose I hit an open port, like the ssh version msg, is that enough to showcase the impact? Would it be port scanning only?

01.05.2025 11:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

You mean that those screenshots are enough to showcase the impact on h1? ❓

01.05.2025 11:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

@securitybugfocus.com is following 20 prominent accounts