FuzzingLabs and Sui Foundation Partner to Enhance Smart Contract Security

FuzzingLabs and Sui Foundation Partner to Enhance Smart Contract Security

FuzzingLabs and Sui Foundation Partner to Enhance Sui Smart Contract Security Introduction We are thrilled to announce an exciting partnership between FuzzingLabs and the Sui Foundation. Our collaboration is set to bring a revolutionary tool to the world of blockchain – a specialized fuzzer designed for Sui smart contracts, sui-fuzzer. This collaboration marks a significant…

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports!

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports!

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports! How to become an Ethereum/Solidity smart contract auditor? Where to start? How to improve your smart contract auditing process? Which tool to use? The paper analyzed in this video: “Demystifying Exploitable Bugs in Smart Contracts” is a compilation of all the findings…

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge – Blockchain Security #5

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge – Blockchain Security #5

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge – Blockchain Security In this video, I will show the basis of running and customizing Foundry/Forge to fuzz an Ethereum smart contract in Solidity. I will also mention “Invariant testing” implementation in Foundry fuzzing compare to Echidna.https://youtu.be/2bTmB3cwhxs You will get access of the complete tutorial with source code, cheat sheet…

A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022]

A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022]

A Journey Into Fuzzing WebAssembly Virtual Machines [BlackHat USA 2022] Abstract Since the MVP release in 2017, WebAssembly evolve gradually, bringing new adepts and new VM implementations over time. It’s now possible to run WebAssembly modules over every modern browser, in some blockchain, or using a standalone VM. In the same way that multiple JavaScript…

State of the Art of Ethereum Smart Contract Fuzzing in 2022 [EthCC5]

State of the Art of Ethereum Smart Contract Fuzzing in 2022 [EthCC5]

State of the Art of Ethereum Smart Contract Fuzzing in 2022 [EthCC5] Fuzzing is known as one of the most efficient techniques to find bugs in software. Sadly, when dealing with Ethereum smart contracts, the number of fuzzers and documentation available is really limited. During this talk, we will explain why fuzz testing EVM smart…

Introduction to V8 JavaScript Engine Grammar-based Fuzzing

Introduction to V8 JavaScript Engine Grammar-based Fuzzing

Introduction to V8 JavaScript Engine Grammar-based Fuzzing with Dharma In this short hands-on workshop, we will attack the V8 JavaScript Engine using grammar-based fuzzing. First, I will show how to download a version of V8 already compiled with addressSanitizer (ASAN). Then, I will introduce how to write a Dharma grammar and finally, we will use…

Solidity/Ethereum Smart Contract Audit using Slither – Blockchain Security #4

Solidity/Ethereum Smart Contract Audit using Slither – Blockchain Security #4

Solidity/Ethereum Smart Contract Audit using SlitherBlockchain Security In this video, I will show how to audit and find vulnerabilities inside an Ethereum smart contract written in Solidity using Slither, one of the best EVM smart contract analysis tools. https://youtu.be/s3FL5caAy5w You will get access of the complete tutorial with source code, cheat sheet and or complete…

Top 4 books to learn Web Browser Security in 2022

Top 4 books to learn Web Browser Security in 2022

Top 4 books to learn Web Browser Security in 2022 Today, I discuss my favorite books if you are looking to learn more about Web Browser internals and Browser security. The Tangled Web – link High-Performance Browser Networking – link / online The Browser Hacker’s Handbook – link The Google Chrome Comic – link https://youtu.be/UTLFkKnAsiA…

Rust Fuzzing using cargo-libafl (LibAFL-based fuzzer)

Rust Fuzzing using cargo-libafl (LibAFL-based fuzzer)

Fuzzing Rust using cargo-libafl (LibAFL-based fuzzer) In this video, we are testing cargo-libafl, the new LibAFL-based fuzzer for Rust fuzzing. This new cargo utility is a replacement for (and a fork of) cargo-fuzz to use a LibAFL-based fuzzer instead of libfuzzer. Let’s see how it performs compare to libfuzzer. https://youtu.be/0gpGA80DA0s NOTES You will get access…

Beaconfuzz – A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery

Beaconfuzz – A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery

Beaconfuzz – A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery @ OffensiveCon 2022 Abstract This talk is about our journey and step-by-step process into fuzzing Ethereum 2.0 implementations software. We will start with a brief introduction to Ethereum 2.0 specification and ecosystem. Then, we will explain the architecture of this type of software…