security Archives - ryzhak's tech blog

vladimir

May 23, 2025

Replaying Bugs With Certora: Sorra Finance

In this blog post we’re going to deep dive into the Sorra Finance hack, find the root cause of the bug and create a certora rule which could’ve prevented the exploit.

vladimir

May 13, 2025

Research: ERC20 Self Transfer

Overview

In this blog post we’re going to:
1. Understand how ERC20 self transfer vulnerability works in smart contracts
2. Create a semgrep rule for finding such contracts
3. Scan https://github.com/tintinweb/smart-contract-sanctuary to better understand how many contracts exist with such bug

vladimir

September 23, 2021

HTB Validation writeup

In this tutorial we will get root access for the Validation machine from Hack The Box.

vladimir

September 21, 2021

Web penetration testing

In this tutorial we’re going to define base steps for web penetration testing and find vulnerabilities in DVWA.

vladimir

September 11, 2021

Network penetration testing

In this tutorial we’re going to identify running services on the target server and try to exploit them.

vladimir

September 7, 2021

Passive information gathering

The 1st step of any penetration test is gathering information about the target company. In this tutorial we will go through all the steps required for passive information gathering.

vladimir

September 1, 2021

Android reverse engineering

Hello everybody. In this tutorial we’re going to reverse engineer a vulnerable android app, find all vulnerabilities and create a report.