Julien Klepatch – Live Training #7 – Smart Contract Security #2

What’s the highest paid talent within the Blockchain business?
Security.
As a wise contract safety specialist, you may earn as much as 250k USD / yr.

Yep.

A whole bunch of hundreds of thousands have been misplaced to good contract hacks.
If you happen to can write secure good contracts, it is value a LOT of cash.

And within the safety area of interest, good contract audits is what pays essentially the most.
Blockchain firms pay lots of of 1000’s of {dollars} for a single good contract audit.

In a wise contract audit, there are 2 elements:

• Discovering safety vulnerabilities
• Presenting your findings in a report

The mindset to have is completely different than for a developer who attempt to write a secure good contract.
As a wise contract auditor, you set your self within the sneakers of a hacker and attempt to exploit safety vulnerability, if any.

On this coaching, you’ll be taught from an expert safety specialist the way to do good contract audits.
After this coaching, it is possible for you to to do your personal good contract audits and cost prime {dollars} for it!

LIVE EVENT

When is the coaching?

• July twentieth, 11pm UTC+8
• If you happen to can not entry the dwell occasion, you’ll nonetheless be capable to entry the recording after

PART I: OFFENSIVE SECURITY IN SMART CONTRACTS

• The Mindset of a Pentester
• Kinds of Scan:
  • Guide Scanning
  • Static Evaluation
  • Dynamic Evaluation

PART II: AUDIT METHODOLOGY

• Black Field
• Gray Field
• White Field
• How one can write a report and danger evaluation

Get instantly obtain Julien Klepatch – Live Training #7 – Smart Contract Security #2

PART III: DETECT CRITICAL ENDPOINTS IN SMART CONTRACTS

• Solograph
• Vital Capabilities Signature

PART VI: THE SWC REGISTER (SMART CONTRACT WEAKNESS CLASSIFICATION)

PART V: EXPLOIT SOLIDITY VULNERABILITIES

• Detect and Exploit Re-Entrancy Assaults
• Detect and Exploit Integer overflow/underflow
• Detect Denial of Service
• Power Sending Ether
• Bypass the Tx.Origin Authentication

PART VI: STATIC ANALYSIS

• Use Slither to detect Solidity points

PART VII: DYNAMIC ANALYSIS

• MythX
• Manticore

PRE-REQUISITES

• Fundamentals of NodeJS
• Fundamentals of the command line
• Ethereum
• Solidity
• ERC20
• Truffle
• Required software program:
  • Code editor (ex: Visible Studio Code)
  • A terminal (for Home windows customers, you should use the bash emulation of git for home windows)
  • NodeJS
  • Truffle
• Works on Home windows 8/10, current variations of Ubuntu & MacOS

Your Teacher

Souhail Mssassi

Founding father of ShellBoxes and CRISIS, with greater than 6 years of expertise in cybersecurity as an offensive Security Engineer specialised in software safety, cryptography and safety of decentralized functions he assisted a number of organizations in enhancing their very own cybersecurity technique.He’s additionally an Offensive Security Engineer in Halborn the Elite Cybersecurity for Blockchain Firms.

And as an Teacher and a Speaker he introduced Security lectures in universities and Conferences.

Just lately researching on Formal Verification within the cybersecurity Discipline.

[+] @E-mail: [email protected]

[+] @LinkedIn: https://www.linkedin.com/in/mssassi/