Web3

Web3 Security Library

A lot of you ask me about the Web3 content. I will be publishing some videos about it soon but in the meantime, check out the repo where the Immunefi team gather all the resources about guides, tools, bugfix reviews and everything else about Web3 security....

Web3 learning corner #6 – a $120,000 clickjacking

Capture the Ether I continued to solve tasks from Capture the Ether CTF. I completed the Public Key task which was rather easy - about retrieving a public key from an existing blockchain transaction. The Fuzzy Identity took me much longer than it should. It was quite...

Smart contract security checklist

I haven’t fully gotten into the world of smart contracts security yet but I already see how costly mistakes are here. In this Stack Exchange thread, there’s a checklist for smart contract developers. It is surely not complete but a good starting point....

Web3 learning corner #4

In the last two weeks, I didn’t do anything practical related to learning web3. It’s mostly due to me preparing a new BBRE Pemium website. But I watched two videos in this time. Advanced Smart Contract Hacking One was a presentation from RSA Conference 2019 about...

Break into smart contract hacking

I don’t know how about you but when I see bounties of $100k, $500k or a million bucks, I can’t counteract thinking about learning smart contract hacking. However, now is not the time for me - I want to stabilise a bit with the web stuff before jumping to something...

Web3 learning corner #3 – preparing a BBRE video

Solidity, Blockchain, and Smart Contract Course – Beginner to Expert Python Tutorial At the moment, I am at 9h 50m of the solidity course on freeCodeCamp , just before the chapter about NFTs. I rather fast-forwarded through the Defi & Aave lessons but I will watch...

Finding web2 bugs on NFT websites

When I think about hacking NFTs, hacking smart contracts is what comes to my mind. But it’s not necessarily the case. Zseano doesn’t know how to hack smart contracts yet but he has decided to test a few NFT websites and approach them with his extensive knowledge about...