vladimir

Replaying Bugs With Certora: Sorra Finance

In this blog post we’re going to deep dive into the Sorra Finance hack, find the root cause of the bug and create a certora rule which could’ve prevented the exploit.

Read more…

vladimir

Research: ERC20 Self Transfer

Overview

In this blog post we’re going to:
1. Understand how ERC20 self transfer vulnerability works in smart contracts
2. Create a semgrep rule for finding such contracts
3. Scan https://github.com/tintinweb/smart-contract-sanctuary to better understand how many contracts exist with such bug

Read more…

vladimir

How to create your own Uniswap

In this tutorial we’re going to build a very basic decentralized exchange (DEX) like Uniswap or PancakeSwap.

Read more…

vladimir

How to create your own ERC721 NFT collection and publish it on Opensea

In this tutorial we’re going to create our own ERC721 NFT collection and publish it on the Opensea marketplace.

Read more…

vladimir

HTB Validation writeup

In this tutorial we will get root access for the Validation machine from Hack The Box.

Read more…

vladimir

Web penetration testing

In this tutorial we’re going to define base steps for web penetration testing and find vulnerabilities in DVWA.

Read more…

vladimir

Network penetration testing

In this tutorial we’re going to identify running services on the target server and try to exploit them.

Read more…

vladimir

Passive information gathering

The 1st step of any penetration test is gathering information about the target company. In this tutorial we will go through all the steps required for passive information gathering.

Read more…

vladimir

Android reverse engineering

Hello everybody. In this tutorial we’re going to reverse engineer a vulnerable android app, find all vulnerabilities and create a report. 

Read more…

vladimir

Your first Ethereum smart contract

In this tutorial we are going to write a smart contact in Solidity language that can prove file ownership.

Read more…