Journey into Building Security Tools for Cairo/Starknet Smart Contracts [EthCC6]

Journey into Building Security Tools for Cairo/Starknet Smart Contracts [EthCC6]

Journey into Building Security Tools for Cairo/Starknet Smart Contracts [EthCC6] During this talk, we will explain the challenges we faced the past year while building two open-source security tools: cairo-fuzzer and Thoth, our complete Cairo/StarkNet analysis framework. Direct download: link You will get access of the complete tutorial with source code, cheat sheet and or…

Cryptocurrency & NFT OSINT: Introduction to Web3/Ethereum Profiling & Deanonymization [LeHack OSINT village 2023]

Cryptocurrency & NFT OSINT: Introduction to Web3/Ethereum Profiling & Deanonymization [LeHack OSINT village 2023]

Cryptocurrency & NFT OSINT: Introduction to Web3/Ethereum Profiling & Deanonymization This talk unravels the intricacies of blockchain, cryptocurrencies, and NFTs from an Open Source Intelligence (OSINT) perspective. We’ll demystify how these technologies operate and explore relevant OSINT techniques. Delving into real-world use cases, we’ll highlight how OSINT can help profile public personalities, identify victims of…

GPT-4 for Bug Bounty, Audit & Pentesting?? He actually found some 0-days

GPT-4 for Bug Bounty, Audit & Pentesting?? He actually found some 0-days

Chatgpt GPT-4 for Bug Bounty, Audit & Pentesting?? He actually found some 0-days I gave some snippets of code (where I already found bugs) to OpenAI GPT-4 and I ask him to find vulnerabilities for me. It’s mind-blowing, it even found some 0 days. You will get access of the complete tutorial with source code, cheat…

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports!

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports!

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports! How to become an Ethereum/Solidity smart contract auditor? Where to start? How to improve your smart contract auditing process? Which tool to use? The paper analyzed in this video: “Demystifying Exploitable Bugs in Smart Contracts” is a compilation of all the findings…

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge – Blockchain Security #5

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge – Blockchain Security #5

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge – Blockchain Security In this video, I will show the basis of running and customizing Foundry/Forge to fuzz an Ethereum smart contract in Solidity. I will also mention “Invariant testing” implementation in Foundry fuzzing compare to Echidna.https://youtu.be/2bTmB3cwhxs You will get access of the complete tutorial with source code, cheat sheet…

🤯 Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking

🤯 Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking

🤯 Mind-Blowing examples of OpenAI ChatGPT for Security, Infosec & Hacking It’s just mind-blowing! it’s so impressive that this AI is able to answer such complex subjects as exploitation, reversing, decompilation, etc. The is a huge potential for us in the future to go even faster into learning IT security and hacking by being helped…

thoth, Cairo/starknet bytecode analyzer [StarkNetCC 2022 – Lisbon]

thoth, Cairo/starknet bytecode analyzer [StarkNetCC 2022 – Lisbon]

thoth, Cairo/starknet bytecode analyzer [StarkNetCC 2022 – Lisbon] Thoth (pronounced “taut” or “toss”) is a Cairo/Starknet analyzer, disassembler & decompiler written in Python 3. Thoth’s features also include the generation of the call graph, the control-flow graph (CFG) and the data-flow graph for a given Cairo/Starknet compilation artifact. Those slides come from our talk a…

Ziion: Discovery of this New Kali Linux for Blockchain Security

Ziion: Discovery of this New Kali Linux for Blockchain Security

Ziion: Kali Linux for Blockchain Security Today, I’m presenting Ziion, a “Kali Linux” like VM for blockchain security engineers made by Halborn. It’s a dedicated virtual machine that contains a bunch of security tools like static analyzer, fuzzer, analyzer, etc. for various blockchain protocols and smart contract languages such as Ethereum, Solidity, EVM, Rust, Go,…

A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022]

A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022]

A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022] Abstract Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. It’s now possible to run WebAssembly modules over every modern browser, in some blockchain, or using a standalone VM. In the same way that multiple JavaScript…

Starknet/Cairo Contract Reverse Engineering, Disassembly & Analysis with Thoth

Starknet/Cairo Contract Reverse Engineering, Disassembly & Analysis with Thoth

Starknet/Cairo Contract Reverse Engineering, Disassembly & Analysis with Thoth In this video, I will show how to reverse, disassemble, decompile and analyze Cairo smart contracts deployed on Starknet using Thoth, our Fuzzinglabs’s Cairo/Starknet bytecode analyzer, disassembler & decompiler. https://youtu.be/T0KvG8Zps6I You will get access of the complete tutorial with source code, cheat sheet and or complete…