Ethereum Smart Contracts Analysis & Solidity Audit using Mythril Following last week’s video, I will show how to audit and find vulnerability inside an Ethereum smart contracts written in Solidity using Mythril, one of the best EVM smart contracts analysis tools. https://youtu.be/fhOMTYkw8FM NOTES etherstore.sol Running Mythril on `etherstore.sol` You will get access of the complete tutorial…
Fuzzing Ethereum Smart Contract using EchidnaBlockchain Security In this video about Blockchain Security, I will show how to find vulnerability inside an Ethereum smart contract written in Solidity using Echidna, one of the only Ethereum smart contract fuzzer. https://youtu.be/EA8_9x4D3Vk NOTES Get started with echidna: Echidna interface Get started with echidna: Echidna invariants Targeted Solidity Smart…
Top 5 Best Fuzzing & Vulnerability Research TIPS/ADVICE Today I’m giving you my top 5 best tips and advice if you’re starting with fuzzing and vulnerability research. I hope you will appreciate and you can discover more about my courses here. Thank You, Patrick Ventuzelo / @Pat_Ventuzelo Twitter Linkedin-in Github FREE Courses & Training Enter your…
Wfuzz VS ffuf – Who is the faster web fuzzer for bug bounty? Web Security #1 In this video, I’m fuzzing a local HTTP server using the most famous and best web fuzzers wfuzz and ffuf. The goal is to give you some quick tutorials, compare the speed between them and explain why we have…
Learn more about Android Hacking & Security Top books to learn Android Hacking & Security Today, I will like to show which books I used to learn about Android Hacking and Android Security. Most of them are a bit old but not completely deprecated hopefully. Android Hacker’s Handbook – link Android Security Internals – link…
Can we find Log4Shell with Java Fuzzing? 🔥(CVE-2021-44228 – Log4j RCE) In this video, I’m trying to find the famous java Log4Shell RCE (CVE-2021-44228) using fuzzing. I’m targeting apache log4j2 version 2.14.1 and I’m using Jazzer, the Java fuzzer developed by Code Intelligence. I will show and give you everything to reproduce the same at…
Analysis of Mozilla NSS BigSig Vulnerability & Fuzzing issues(CVE-2021-43527) Today I will like to discuss the Mozilla NSS BigSig vulnerability found recently by @taviso from Google Project Zero. Inside its blogpost, Tavis Ormandy detailed the vulnerability and mentioned some really good points about why this bug was not found using fuzzing by OSS-fuzz. It’s a…
Fuzzing with Scapy: Introduction to Network Protocol Fuzzing In this video, I’m showing how to use Scapy python for network protocol fuzzing. We will first start with a DNS python fuzzing script against dpkt python library. Finally, we will see how what a crash looks like since dpkt will generate an exception after TCP fuzzing. https://youtu.be/yrmPRYSEdg0 You will get access of…
Fuzzing Browsers DOM using FreeDom grammar-based fuzzer In this video, I will first explain how to download Chrome ASAN build. Then, I’ll detail what is DOM (Document Object Model) and how it is used by web browsers. I’ll use the FreeDom grammar-based fuzzer to generate some HTML files and create a simple script to process…
Fuzzing Firefox using In-process Fuzzing with Frida As asked by a lot of you, today’s blogpost is about browser security. First I will show how to download easily Firefox compiled with AddressSanitizer (ASAN). Then, I will show how to use Frida to list all modules and exports of Firefox. I will show some other interesting…
| Cookie | Duration | Description |
|---|---|---|
| cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
| cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
| cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
| cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
| cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
| viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |