Beaconfuzz – A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery

Beaconfuzz – A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery

Beaconfuzz – A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery @ OffensiveCon 2022 Abstract This talk is about our journey and step-by-step process into fuzzing Ethereum 2.0 implementations software. We will start with a brief introduction to Ethereum 2.0 specification and ecosystem. Then, we will explain the architecture of this type of software…

Top 6 books to learn Linux Kernel internals in 2022

Top 6 books to learn Linux Kernel internals in 2022

Top 5 books to learn Reverse Engineering Today, I will like to show you my TOP 5 books to start learning Reversing. Those books are definitely a must-read for everyone that wants to improve their skills in reverse engineering! Reversing: Secrets of Reverse Engineering – link Practical Reverse Engineering – link The IDA Pro Book,…

Top 5 books to learn Reverse Engineering in 2022

Top 5 books to learn Reverse Engineering in 2022

Top 5 books to learn Reverse Engineering Today, I will like to show you my TOP 5 books to start learning Reversing. Those books are definitely a must-read for everyone that wants to improve their skills in reverse engineering! Reversing: Secrets of Reverse Engineering – link Practical Reverse Engineering – link The IDA Pro Book,…

Top 6 Books to learn the Rust Programming Language in 2022

Top 6 Books to learn the Rust Programming Language in 2022

Top 6 Books to learn RustThe Rust Programming Language in 2022 In this video, I’m sharing with you my favorite books to learn Rust whatever if you’re a beginner or an advanced/experimented user! Some of those resources are fully available online for free and are real game-changers in your journey to learn the rust programming…

Ethereum Smart Contract Analysis & Solidity Audit using Mythril – Blockchain Security #2

Ethereum Smart Contract Analysis & Solidity Audit using Mythril – Blockchain Security #2

Ethereum Smart Contracts Analysis & Solidity Audit using Mythril Following last week’s video, I will show how to audit and find vulnerability inside an Ethereum smart contracts written in Solidity using Mythril, one of the best EVM smart contracts analysis tools. https://youtu.be/fhOMTYkw8FM NOTES etherstore.sol Running Mythril on `etherstore.sol` You will get access of the complete tutorial…

Fuzzing Ethereum Smart Contract using Echidna – Blockchain Security #1

Fuzzing Ethereum Smart Contract using Echidna – Blockchain Security #1

Fuzzing Ethereum Smart Contract using EchidnaBlockchain Security In this video about Blockchain Security, I will show how to find vulnerability inside an Ethereum smart contract written in Solidity using Echidna, one of the only Ethereum smart contract fuzzer. https://youtu.be/EA8_9x4D3Vk NOTES Get started with echidna: Echidna interface Get started with echidna: Echidna invariants Targeted Solidity Smart…

Top 5 Best Fuzzing & Vulnerability Research TIPS/ADVICE

Top 5 Best Fuzzing & Vulnerability Research TIPS/ADVICE

Top 5 Best Fuzzing & Vulnerability Research TIPS/ADVICE Today I’m giving you my top 5 best tips and advice if you’re starting with fuzzing and vulnerability research. I hope you will appreciate and you can discover more about my courses here. Thank You, Patrick Ventuzelo / @Pat_Ventuzelo Twitter Linkedin-in Github FREE Courses & Training Enter your…

Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1

Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1

Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1 In this video, I’m fuzzing a local HTTP server using the most famous and best web fuzzers wfuzz and ffuf. The goal is to give you some quick tutorials, compare the speed between them and explain why we have…

Can we find Log4Shell with Java Fuzzing? 🔥 (CVE-2021-44228 – Log4j RCE)

Can we find Log4Shell with Java Fuzzing? 🔥 (CVE-2021-44228 – Log4j RCE)

Can we find Log4Shell with Java Fuzzing? 🔥(CVE-2021-44228 – Log4j RCE) In this video, I’m trying to find the famous java Log4Shell RCE (CVE-2021-44228) using fuzzing. I’m targeting apache log4j2 version 2.14.1 and I’m using Jazzer, the Java fuzzer developed by Code Intelligence. I will show and give you everything to reproduce the same at…