Forwarded from Geek girl 👩💻
This page contains all the resources related to application security and penetration testing shared by Harsh Bothra.👀
این صفحه شامل تمام منابع مربوط به امنیت برنامه و تست نفوذ است که توسط هارش بوترا به اشتراک گذاشته شده است.👀
https://resources.harshbothra.tech/
●▬۩❁ @geeekgirls ❁۩▬●
این صفحه شامل تمام منابع مربوط به امنیت برنامه و تست نفوذ است که توسط هارش بوترا به اشتراک گذاشته شده است.👀
https://resources.harshbothra.tech/
●▬۩❁ @geeekgirls ❁۩▬●
Forwarded from YourAnonS0u1 (S0u1)
README.txt
4.6 KB
How you can help with the protest in #OpIran #Anonymous
Want to get up to speed with Modern Solidity? Then check out @ethchris' remote presentation for #SmartCon, which covers IR pipeline, errors and encoding, immutable, user defined value types, generics, standard lib and reference checking! #xp
📺: youtu.be/j8esg5KHMv0?li…
📺: youtu.be/j8esg5KHMv0?li…
YouTube
SmartCon 2022 Day 2 Presentations
This video features a limited collection of SmartCon 2022 Day 2 presentations from prominent industry leaders.
Featured Speakers:
1:52 Balaji Srinivasan, Angel Investor and Former CTO of Coinbase
21:47 Stani Kulechov, Founder and CEO of Aave
46:06 Christian…
Featured Speakers:
1:52 Balaji Srinivasan, Angel Investor and Former CTO of Coinbase
21:47 Stani Kulechov, Founder and CEO of Aave
46:06 Christian…
For your comfort, now in a readable format 😊
https://officercia.mirror.xyz/wSvKI5p91-GYcun1aAyMMjNbpkgKnp7qIxVIqc1sXZk
#blockchain #security
https://officercia.mirror.xyz/wSvKI5p91-GYcun1aAyMMjNbpkgKnp7qIxVIqc1sXZk
#blockchain #security
officercia.mirror.xyz
What you should do if you think someone has stolen your crypto-assets?
If my tips will help you please consider donating me, - I share only ultra rare knowledge!
🔥1
Search engines for cyber security engineer
https://www.dehashed.com/
https://securitytrails.com/
https://dorksearch.com/
https://www.exploit-db.com/
https://wwe.zoomeye.org/
https://grayhatwarfare.com/
https://polyswarm.network/
https://fofa.so/
https://leakix.net/
https://dnsdumpster.com/
https://fullhunt.io/
https://otx.alienvault.com/
https://www.onyphe.io/
https://grep.app/
https://urlscan.io/
https://vulners.com/
https://archive.org/web/
https://www.shodan.io/
https://app.netlas.io/responses/
https://crt.sh/
https://www.wigle.net/
https://publicwww.com/
https://app.binaryedge.io/services/query
https://viz.greynoise.io/
https://hunter.io/
https://censys.io/
https://intelx.io/
https://packetstormsecurity.com/
https://searchcode.com/
https://www.dehashed.com/
https://securitytrails.com/
https://dorksearch.com/
https://www.exploit-db.com/
https://wwe.zoomeye.org/
https://grayhatwarfare.com/
https://polyswarm.network/
https://fofa.so/
https://leakix.net/
https://dnsdumpster.com/
https://fullhunt.io/
https://otx.alienvault.com/
https://www.onyphe.io/
https://grep.app/
https://urlscan.io/
https://vulners.com/
https://archive.org/web/
https://www.shodan.io/
https://app.netlas.io/responses/
https://crt.sh/
https://www.wigle.net/
https://publicwww.com/
https://app.binaryedge.io/services/query
https://viz.greynoise.io/
https://hunter.io/
https://censys.io/
https://intelx.io/
https://packetstormsecurity.com/
https://searchcode.com/
Securitytrails
SecurityTrails | SecurityTrails: Data Security, Threat Hunting, and Attack Surface Management Solutions for Security Teams
SecurityTrails enables you to explore complete current and historical data for any internet assets. IP & DNS history, domain, SSL and Open Port intelligence made easy
lets eat merkle tree through these resources:
https://github.com/openblockchains/awesome-blockchains
https://github.com/miguelmota/merkletreejs
https://github.com/miguelmota/merkletreejs-solidity
https://github.com/openblockchains/awesome-blockchains
https://github.com/openblockchains/awesome-blockchains
https://github.com/miguelmota/merkletreejs
https://github.com/miguelmota/merkletreejs-solidity
https://github.com/openblockchains/awesome-blockchains
GitHub
GitHub - openblockchains/awesome-blockchains: A collection about awesome blockchains - open distributed public databases w/ crypto…
A collection about awesome blockchains - open distributed public databases w/ crypto hashes incl. git ;-). Blockchains are the new tulips :tulip::tulip::tulip:. Distributed is the new centralized....
👍1
The Dangers of Token Integration
https://youtube.com/watch?v=6GaCt_lM_ak&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=1
Strategies for Secure Access Controls
https://youtube.com/watch?v=GjGzxmWZ5vA&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=2
The Dangers of Price Oracles in Smart Contracts
https://youtube.com/watch?v=YGO7nzpXCeA&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=3
Strategies for Secure Governance with Smart Contracts
https://youtube.com/watch?v=GbDAmMdmh8Q&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=4
#web3sec
https://youtube.com/watch?v=6GaCt_lM_ak&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=1
Strategies for Secure Access Controls
https://youtube.com/watch?v=GjGzxmWZ5vA&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=2
The Dangers of Price Oracles in Smart Contracts
https://youtube.com/watch?v=YGO7nzpXCeA&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=3
Strategies for Secure Governance with Smart Contracts
https://youtube.com/watch?v=GbDAmMdmh8Q&list=PLdJRkA9gCKOONBSlcifqLig_ZTyG_YLqz&index=4
#web3sec
YouTube
The Dangers of Token Integration
Even the most popular tokens can be deceiving, so understanding risks and common pitfalls when integrating them is fundamental in Ethereum’s composable world. In this session we will cover many edge cases that developers should consider when integrating tokens…
How to prepare for a security review
https://blog.trailofbits.com/2018/04/06/how-to-prepare-for-a-security-audit/
Smart contract optimization (along with security)
https://medium.com/coinmonks/8-ways-of-reducing-the-gas-consumption-of-your-smart-contracts-9a506b339c0a
https://blog.trailofbits.com/2018/04/06/how-to-prepare-for-a-security-audit/
Smart contract optimization (along with security)
https://medium.com/coinmonks/8-ways-of-reducing-the-gas-consumption-of-your-smart-contracts-9a506b339c0a
The Trail of Bits Blog
How to prepare for a security review
You’ve just approved a security review of your codebase. Do you: Send a copy of the repository and wait for the report, or Take the extra effort to set the project up for success? By the end of the review, the difference between these answers will lead to…
🔥1
Read-only Reentrancy vulnerability
https://youtube.com/watch?v=0fgGTRlsDxI
https://youtube.com/watch?v=0fgGTRlsDxI
YouTube
Read Only Reentrancy | Hack Solidity (0.8)
Example of read only reentrancy hack in Solidity
0:00 - Intro
0:55 - Initialize Foundry
1:16 - Code Hack contract
4:01 - Curve remove_liquidity function
8:31 - Write test
9:57 - Execute test
11:15 - Code Target contract
14:44 - Update Hack contract
17:21…
0:00 - Intro
0:55 - Initialize Foundry
1:16 - Code Hack contract
4:01 - Curve remove_liquidity function
8:31 - Write test
9:57 - Execute test
11:15 - Code Target contract
14:44 - Update Hack contract
17:21…
👍2
⚙️Connect Missing Dots with Secureum
Secureum Solidity 101 https://secureum.substack.com/p/solidity-101?s=r
Secureum Solidity 201 https://secureum.substack.com/p/solidity-201?s=r
⚙️Gas Optimizations
Aggregated Tricks by pcaversaccio and Harikrishnan Mulackal https://forum.openzeppelin.com/t/a-collection-of-gas-optimisation-tricks/19966/6
#web3 #web3sec #development #javascript
Secureum Solidity 101 https://secureum.substack.com/p/solidity-101?s=r
Secureum Solidity 201 https://secureum.substack.com/p/solidity-201?s=r
⚙️Gas Optimizations
Aggregated Tricks by pcaversaccio and Harikrishnan Mulackal https://forum.openzeppelin.com/t/a-collection-of-gas-optimisation-tricks/19966/6
#web3 #web3sec #development #javascript
Secureum
Solidity 101
101 key aspects of Solidity
Upgradeable Contracts
⚙️Smart Contract Programmer - Upgradeable Contracts
https://youtube.com/watch?v=JgSj7IiE4jA&t=157s
⚙️Smart Contract Programmer - Risks of Upgradeable
Contracts
https://youtube.com/watch?v=XmxfB5JOt1Q&t=3s
⚙️Smart Contract Programmer - Upgradeable Contracts
https://youtube.com/watch?v=JgSj7IiE4jA&t=157s
⚙️Smart Contract Programmer - Risks of Upgradeable
Contracts
https://youtube.com/watch?v=XmxfB5JOt1Q&t=3s
YouTube
Open Zeppelin Upgradeable Contracts
This video walks throught an simple example of transparent upgradeable contract using HardHat, ethers.js and Open Zeppelin.
0:00 - Overview
1:44 - Project setup
4:28 - Deploy Box V1 script
7:10 - Execute deploy script
8:29 - Verify Box V1 on Etherscan
9:48…
0:00 - Overview
1:44 - Project setup
4:28 - Deploy Box V1 script
7:10 - Execute deploy script
8:29 - Verify Box V1 on Etherscan
9:48…
anon, not sure u know about it but there is a maximum limit on how many transactions an account can make. The theoretical allowed limit, based on EIP-2681, for an account nonce is 2**64-2:
https://eips.ethereum.org/EIPS/eip-2681. After that, the EVM implementations like Geth would revert.
https://eips.ethereum.org/EIPS/eip-2681. After that, the EVM implementations like Geth would revert.
🤯1
Detecting nondeterministic payment bugs in #Ethereum smart contracts - Good Read! 🧐
https://t.co/D2Kf7L62cz https://t.co/kdd3YzfqpZ
https://t.co/D2Kf7L62cz https://t.co/kdd3YzfqpZ
ResearchGate
[PDF] Detecting nondeterministic payment bugs in Ethereum smart contracts
PDF | The term “smart contracts” has become ubiquitous to describe an enormous number of programs uploaded to the popular Ethereum blockchain system.... | Find, read and cite all the research you need on ResearchGate
It's extremely easy to create a "spoof" token to trick users into thinking a real token has been transferred.
In fact, it only took 16 lines of code to create this fake USDT token below.
Here's how spoof tokens work and how you can avoid being fooled going forward 🧵: https://twitter.com/0xCygaar/status/1592248453970952192
In fact, it only took 16 lines of code to create this fake USDT token below.
Here's how spoof tokens work and how you can avoid being fooled going forward 🧵: https://twitter.com/0xCygaar/status/1592248453970952192