{3}
Apart from the awesome website, he also creates YouTube videos on various Solidity/Security/DeFi topics.
It's worth checking it out! youtube.com/channel/UCJWh7โฆ
Apart from learning the language, it's also essential knowing the application landscape and what the hell is DeFi ๐ฑ
{4}
DeFi apps are one of the most popular Ethereum based applications.
Knowing what they are and how they work will help you with finding bugs.
One of the best resources to learn more about the topic is @finematics
They always post something interesting and they make most of their audit reports public.
Reading such audit report is a knowledge mineโ๏ธ๐ฏ๏ธ
{7}
Having a dev/test env is a must for bug hunter
It's worth learning the basics of @HardhatHQ
and @BrownieEth
. Without them you won't go far with writing your own PoC.
Get familiar with Web3.js/Web3.py packages to be able to query Ethereum easily and manipulate transactions
{8}
Some of the interesting security tools that can help you and improve your workflow are
{11}
Armed with the knowledge and practice you are now prepared to start submitting bugs on bug bounty platforms like @immunefi.
If you want to know how to properly write your bug report (and you should!) Immunefi got you covered with the following article.๐ฅท
{12}
Another great article explaining how to get started with block hacking by @morphean_sec . I Highly recommend you read it(โญ๏ธโญ๏ธโญ๏ธโญ๏ธโญ๏ธ)
{13}
I hope I you found the thread helpful to you and you will start making first steps towards Web3 Security.
{14/14}
If you like the article, please retweet๐ the first tweet, and if you have any other interesting links๐ or suggestions, please leave a comment๐.
โข โข โข
Missing some Tweet in this thread? You can try to
force a refresh
I made a cybersecurity/ethical hacking roadmap๐ฅฐ
Feel free to download/save and use it!
โ๐งต
The Ultimate Hacker's Roadmap 1/ Basic Computer Skills - Computer skills refer to the knowledge and abilities required to operate computers and related technology.
2/ Basic Networking Skills - Networking skills are one of the most important talents to have if you want to be an ethical hacker.
`bat` is `cat` with syntax highlighting for a large number of programming and markup languages , line numbers and supports paging which is very handy when viewing a long file. github.com/sharkdp/bat
1. Kali Linux๐
I hand over the award to Kali Linux for the best Linux distro I've had an amazing experience with. I love Kali Linux because it's specifically geared towards what I love, that is Penetration Testing.
2. Manjaro
Manjaro is a user-friendly and open-source Arch-based Linux OS. It is very easy to install, unlike Arch Linux which you have to do a lot of work to get it up and running. Manjaro takes all of the hassles out of installing Arch.
Replace your Dated ๐งLinux Command Line Utilities with These Modern Alternatives.
Thread๐งตโ
1. exa
A modern replacement for ls with coloring written in Rust. github.com/ogham/exa
2. btop++
Modern replacement for top written in C+. Btop++ is a resource monitor that shows usage and stats for processor, memory, disks, network, and processes github.com/aristocratos/bโฆ
The Linux๐ง commands you should NEVER use.
โ ๏ธDisclaimer: Don't RUN these commands.
A thread๐งต๐
1. Recursive Deletion๐๐๏ธ
This is one of the most dangerous commands. Once this command is run, it deletes all the content of the root directory forcefully and recursively. Thus, all your directories and sub-directories will be deleted and the data will be lost.
2. Fork Bomb๐ด๐ฃ
My personal best๐, this is a simple bash recursive function which once executed creates copies of itself which in turn creates another set of copies of itself. This consumes the CPU time and memory. Thus, it runs recursively until the system freezes.