Gn fam 🙌 In six parts of this thread I will tell you exactly how I investigate cypto hacks and secuity incidents, and describe methodolgy ⬇️
1/6
Usually in blockchain investigation I use tools first for manual analysis such as tenderly.co, ethtective.com, breadcrumbs.app, 9000.hal.xyz, dune.xyz, nansen.ai, , bloxy.info.
Usually in blockchain investigation I use tools first for manual analysis such as tenderly.co, ethtective.com, breadcrumbs.app, 9000.hal.xyz, dune.xyz, nansen.ai, , bloxy.info.
2/6
I seen also a rather unusual method - the use of #VR, which will empower the first step: ethresear.ch/t/open-source-…
I seen also a rather unusual method - the use of #VR, which will empower the first step: ethresear.ch/t/open-source-…
3/6
Second, I try to set clusters to check them through @chainalysis or amlbot.com (investigation regime only).
Second, I try to set clusters to check them through @chainalysis or amlbot.com (investigation regime only).
4/6
As a third step, I check contracts/addresses through the impersonator, the unrekt.net or revoke.cash checker and other tools. As an example, tutela.xyz github.com/TutelaLabs tool can help in tacking funds behind @TornadoCash
As a third step, I check contracts/addresses through the impersonator, the unrekt.net or revoke.cash checker and other tools. As an example, tutela.xyz github.com/TutelaLabs tool can help in tacking funds behind @TornadoCash
5/6
I do not forget to write everything down in @MaltegoHQ and make a mindmap - it's very important not to get confused with the data.
👉maltego.com/blog/top-osint…
I do not forget to write everything down in @MaltegoHQ and make a mindmap - it's very important not to get confused with the data.
👉maltego.com/blog/top-osint…
6/6
When investigating an incident, it is also important to conduct a classic #OSINT investigation, for example, if we are investigating a hack - it is necessary to check messages from chats, interview employees and eyewitnesses. Sometimes this yields data.
When investigating an incident, it is also important to conduct a classic #OSINT investigation, for example, if we are investigating a hack - it is necessary to check messages from chats, interview employees and eyewitnesses. Sometimes this yields data.
Check out this awesome article 👉1337pwn.com/how-to-investi…
Also do not forget that it is important either to find the identity of the hacker, or to find a reliable cluster of address (eg, CEX) to then request information through official channels. I didn't consider options like honeypot for this thread, though. Wish you luck 😎
• • •
Missing some Tweet in this thread? You can try to
force a refresh
