Smacaud @Smacaud1 Twitter profile

Pinned Tweet

Smacaud

@Smacaud1

6 months

This resource will save you hours on learning EVM Worth checking out!

2

15

116

Last Seen Profiles

@CTakayana

@laith8ksa

@FuraFuraRC

@Neide_Taubate

@MaciejOpielski

@bokeplokalmalam

@stw_pdg

@tofu_gamess

@mc_orinz

@AdriaRaex

@mmateeco

@AvalisCat

@P1xelFN

@stw_pdg

@Silentk88225236

@CYBERFUN_TECH

@TerriersTravis

@baderjy

@ptt_gamza_cos

@Faces3sixty

@notepad_ab

@Jeff_Rewritten

@Shrishanth17

@8871_m

@Darla1234767937

@Nazliyildiz020

@l_urbano

@sramirez101

@ss6933506915899

@XtaleZine

@wfcbr

@87dgF5R541jEN7m

@iowaspeedway

@treasure__tum

@Jame15143James

@kure_kemal

Smacaud

@Smacaud1

7 months

If you're lazy, but still want to understand how storage work in EVM.....All you need is this 👇

1

31

162

Smacaud

@Smacaud1

11 months

Celebrity Auditors: So i made $100K this month from Auditing alone. Junior Auditors: Wow, freaking cool (smashing likes and repost button, asking in comment section and DM with "how can i get started? "can you share resources" "Please help") Celebrity Auditors: (shares

8

9

116

Smacaud

@Smacaud1

9 months

A MUST READ !!! Not sure, i've ever come across something like this Best explanation on Security risks deploying smart contracts from Ethereum to Arbitrum Gold mine 🔥 for solidity developer and auditors Security issues analyzed include; • Abnormal operation of the

3

24

112

Smacaud

@Smacaud1

10 months

Too many people are trying to be better at security audits Going through videos, blogpost and old reports all day all night but only few are reading Research Papers I've gathered some for you, covering Liquidations, Oracle and more Let's dive in... a 🧵

4

25

110

Smacaud

@Smacaud1

9 months

If you're just breaking into smart contract auditing, listen carefully, auditing is all about 90% practising and 10% learning Learn to manage your time and not be caught jumping around shiny 'resources' So you understand solidity, can you write tests? have you learnt common

3

8

98

Smacaud

@Smacaud1

7 months

You don’t want to miss this!

6

18

102

Smacaud

@Smacaud1

10 months

How did I just find out that someone already built a custom GPT with all things foundry I've tested it out and all i can say is this is really amazing and super helpful with writing POC tests One of the great tool that should be in your Arsenal while auditing Great work by

3

23

101

Smacaud

@Smacaud1

8 months

Congratulations to anyone who started learning Solidity this year You're surely going to find this cheat sheet super helpful

6

22

94

Smacaud

@Smacaud1

11 months

Writing PoC from scratch can be somewhat hard and time consuming ....I totally get it. And this why I've put together 5 Best Foundry PoC Templates for you. No more starting from scratch! Let's dive right in!🧵

2

22

89

Smacaud

@Smacaud1

6 months

Everybody is looking for Alpha but only few are reading Research papers Here is a good read on "Cross-Chain Bridging Architectural Design Flaws and Mitigations" You don’t want to miss it !

3

8

91

Smacaud

@Smacaud1

7 months

The Ultimate Guide to Smart Contracts Testing

3

14

89

Smacaud

@Smacaud1

7 months

Simple explanation of how Liquidations works

3

13

84

Smacaud

@Smacaud1

9 months

Want to be ahead of smart contract auditing? Then you don’t want to miss this ! Here is a comprehensive lists of smart contract vulnerabilities; - Reentrancy (ERC721, ERC1155, ERC777) 🔄 - Sandwich attacks (front-running/back-running) 🍞 - Flash loan attacks (oracle

5

22

84

Smacaud

@Smacaud1

11 months

"Foundry is really hard man...shit"- says a poor guy who wants to learn Foundry but starts with Invariant Testing. Don't be like him... I've prepared for you a Step-By-Step Beginner guide to Foundry....a 🧵 Do me a favor; - Repost for others to see - Follow for more

8

20

78

Smacaud

@Smacaud1

8 months

A lot of people are still finding it hard with this web3 security thing Especially not knowing where to turn to when it comes to learning I get it and this is why I compiled various resources on what you need to be a top talent while starting from scratch No bluffing,

15

32

70

Smacaud

@Smacaud1

7 months

Here's the ULTIMATE guide for MEV ...saving you hours of search for resources to learn from Worth checking out!

1

10

74

Smacaud

@Smacaud1

10 months

Stop scrolling if you have no idea of how Maker DAO works

2

7

67

Smacaud

@Smacaud1

11 months

Junior Auditor: (Discovers 4 active @code4rena Contests with different Pool Prizes: A- $30K, B- $80k, C-$100k, D- $55K) Junior Auditor: wow, there is so much money to be made right now (quicky opens Twitter and post "Guys if you're not on C4 right now you're wasting your time,

5

10

72

Smacaud

@Smacaud1

9 months

No questions asked, if you're a Solidity developer, here are 32 common Smart Contract Vulnerabilities you should be familiar with in 2024; ⚬ Insufficient Gas Griefing ⚬ Reentrancy ⚬ Integer Overflow and Underflow ⚬ Timestamp Dependence ⚬ Authorization Through tx.origin ⚬

2

11

73

Smacaud

@Smacaud1

10 months

Wow, just stumbled upon this amazing Repo on ZK – had no idea it existed! Here is what it got; 🌱 Beginners Introduction to ZK 📰 100+ Articles on ZK 📚 Tutorials, Videos and Books 🎤 Conferences and Workshops 🛠️ Tools and more Kindly Repost 🔄

GitHub - odradev/awesome-zero-knowledge: A curated list of Zero Knowledge links, mostly focusing on...

A curated list of Zero Knowledge links, mostly focusing on blockchain. - odradev/awesome-zero-knowledge

github.com

0

20

65

Smacaud

@Smacaud1

7 months

I wish I had come across this sooner

3

7

70

Smacaud

@Smacaud1

8 months

I found one of the best illustration guide on vulnerable spots to look for while writing or auditing staking contracts Check it out👇

2

14

66

Smacaud

@Smacaud1

6 months

Very few people do ERC-4626 Vaults properly without rounding directions vulnerabilities This checklist will save you hours on the right rounding directions for each function; deposit(uint256 assets) - Round Down ⬇ mint(uint256 shares) - Round Up ⬆ withdraw(uint256 assets)

1

9

69

Smacaud

@Smacaud1

9 months

Most people think auditing smart contracts is just checking for pitfalls in Solidity but that's not true Auditing requires understanding of; - Game Theory - Mathematics - Economics - Computer Science - Distributed System - System Thinking When you hear people say auditing is

5

4

66

Smacaud

@Smacaud1

8 months

Most people suck at writing PoC (foundry) and this not that they don't know the basics but because they practice less and won't stop wondering why they still struggle with it The below resources will help you practice common vulnerabilities, real life bugs & defi contracts 👇

3

10

56

Smacaud

@Smacaud1

9 months

Too many people are trying to be better at security audits Going through videos, blogpost and old reports all day all night but only few are reading Research Papers I've gathered some for you, covering Automated Market Makers (AMMs) Let's dive in... a 🧵

1

12

60

Smacaud

@Smacaud1

7 months

Here's best explainer on how to avoid Storage Collisions upgrading proxy contract

1

10

58

Smacaud

@Smacaud1

8 months

Most people suck at writing tests (foundry) But the secret to great tests is Cheatcodes Here are 10 Cheatcodes + Bonus that will instantly 10x your skills (with examples):

2

8

55

Smacaud

@Smacaud1

10 months

Never gets old Here is an analysis of vulnerabilities across the different layers of Ethereum; 🎯 Ethereum Application Layer 🌐 Ethereum Data Layer ⚖️ Ethereum Consensus Layer 🛜 Ethereum Network Layer 📭 Ethereum Environment

1

13

57

Smacaud

@Smacaud1

9 months

Not many really understand what Formal Verification does We are all used to auditing manually thinking that is where it all ends In this thread 🧵, I'll be briefly explaining all you need to know about Formal Verification.

1

7

56

Smacaud

@Smacaud1

6 months

How did I just find out this beautiful explainer for 1/64 Rule? Worth checking out !

2

6

55

Smacaud

@Smacaud1

8 months

I can’t get enough of this illustration guide for Arbitrum transaction flow It’s all you need

2

9

56

Smacaud

@Smacaud1

11 months

Junior Auditor (On a new month): Oh yea man, it's a new month..I need to set BIG goals and go get the fucking bag 💰 Poor rookie opens his twitter and then post his Goals for the month; - making $100k this month or nothing - Reporting 500 H and 400 Medium bugs - Growing my

8

4

53

Smacaud

@Smacaud1

7 months

If you want to be a great solidity developer, learning how to write smart contracts alone won't get you far but studying vulnerabilities that cause exploits Below are popular vulnerabilities you must know: • Reentrancy (ERC721, ERC1155, ERC777) 🔄 • Sandwich attacks

2

15

55

Smacaud

@Smacaud1

7 months

Research papers are not something you should completely ignore because they are great source of hidden Alpha which you can never go wrong with Here are few papers on fuzzing, oracle manipulation and more....🧵

3

9

52

Smacaud

@Smacaud1

10 months

Want to go from $0 to $100k per month doing security audits ? pretty much achievable if you put in the work don't let anyone tell you otherwise But don't you try to consume every resource you come across. Picking up Solidity today, jumping on Rust tomorrow ! Grinding all

0

9

57

Smacaud

@Smacaud1

7 months

This paper 'Demystifying Exploitable Bugs in Smart Contracts' is one of a kind If you want deep insights on smart contract vulnerabilities, then this is a MUST read for you! Check the post below for link 👇

2

10

51

Smacaud

@Smacaud1

6 months

Never miss any NFT contracts vulnerabilities ! Check out this Paper 👇

3

16

55

Smacaud

@Smacaud1

8 months

This is arguably the best explanation you can ever find on security risks associated with deploying of smart contracts on the Arbitrum Network. It's all you need Check next post for link 👇

1

9

54

Smacaud

@Smacaud1

9 months

If you have no dev background and limited time, but want to get started with smart contract auditing, this is for you – pay attention! A clear roadmap is all you need, not 50 YouTube channels, 30 GitHub repos, 20 Medium blogs, and the like What is essential for you to learn as

1

6

52

Smacaud

@Smacaud1

9 months

Success comes from doing the work No such thing as overnight success To 10X your skills in 2024 then; • Learn daily👨‍💻 • Be active on X🌐 • Read latest blogs📰 • Read research papers📝 • Practise writing PoCs👨‍💻 • Develop attacker's mindset 🥷🏼 • Share what you learn in

4

7

49

Smacaud

@Smacaud1

9 months

@RyanSAdams ETH..the ultra sound money

21

4

52

Smacaud

@Smacaud1

10 months

This repo will save you hours on learning solidity Worth checking it out !

2

12

50

Smacaud

@Smacaud1

8 months

POCs is insanely useful to validate your findings but most people struggle to write one Here are 5 best Foundry POC templates to get you started A thread 🧵

2

10

52

Smacaud

@Smacaud1

6 months

If you're lazy but still want to learn Solidity Check this out👇

3

14

49

Smacaud

@Smacaud1

7 months

The ERC404 seems interesting to me for two reasons: 1. The fact that it doesn't exist in the official EIPS, hence the name (404 - Not found). 2. It brings about new concepts by claiming to combine aspects of ERC20 and ERC721 tokens to enable native liquidity and

5

9

49

Smacaud

@Smacaud1

10 months

Too many people are trying to be better at security audits Going through videos, blogpost and old reports all day all night but only few are reading Research Papers I've gathered some for you, covering only stablecoins Let's dive in... a 🧵

2

10

51

Smacaud

@Smacaud1

6 months

If you work on staking contracts, then you should watch out for these vulnerable spots.

2

14

60

Smacaud

@Smacaud1

7 months

If I died tomorrow, this single resource is a compilation of everything I'd want you to know about EVM Check it out, you won't regret it !

The EVM Handbook | Notion

A curated list of EVM resources for aspiring shadowy super coders.

noxx3xxon.notion.site

1

17

45

Smacaud

@Smacaud1

10 months

Why is nobody talking about this? I came across an interesting post today by @OpenZeppelin which i was about to write something related to Essentially on some of the known measures taken in response to exploits in the space Pure Alpha in this article for everyone Really

3

10

45

Smacaud

@Smacaud1

9 months

The Top 10 Mistakes Junior Auditor Make ⚠️Make sure you avoid them in 2024 BONUS: How To Instantly Fix Them A THREAD .....🧵 I'd appreciate a repost and follow 🙏

1

7

46

Smacaud

@Smacaud1

7 months

Many still feel hunting bugs on @immunefi is only for the 10/10 And would rather stick to doing contests or solo audit Thinking it's so difficult and impossible to do Here are some resources on how you can easily get started today....🧵

1

5

48

Smacaud

@Smacaud1

8 months

I can't seem to get enough of this paper If you're looking to know what to look out for while writing/auditing NFT contracts This is just what you need!

2

8

47

Smacaud

@Smacaud1

9 months

Junior Auditor (On a new month): It's a new month..I need to set BIG goals and make $100k or die trying! Poor guy opens 𝕏 and shares his goals for the month; - Completing Patrick and Johnny Courses - Making $100k or die trying! - Growing my X account from 10 to 1K

4

44

Smacaud

@Smacaud1

10 months

I don't think people understand that in a world filled with so much opportunities Instead of trying so hard participating at contests only to end up with 2, 3, 4 figures $$$ You can explore other means and even earn more $$$; 🏗️Be a Builder - Build AI tools @audit_wizard -

3

7

44

Smacaud

@Smacaud1

6 months

If you're just starting smart contract auditing, listen up! Below is common smart contract vulnerabilities you should learn about; - Reentrancy (ERC721, ERC1155, ERC777) 🔄 - Sandwich attacks (front-running/back-running) 🍞 - Flash loan attacks (oracle manipulation) ⚡ - Block

4

14

45

Smacaud

@Smacaud1

10 months

Why is nobody talking about this tool? And just like it's name EIP-ERC starter kit If you're looking to understand any ERC standards don't sweat it, this is all you need ! Dune wizard @andrewhong5297 did a great job with this categorizing them all into Four(4) Parts; -

1

7

45

Smacaud

@Smacaud1

7 months

If you're looking to understand Zero Knowledge deeply, don't sweat it Here's an Awesome Zero Knowledge Repo that contains all the resources you need; ⊹ Beginners Introduction to ZK ⊹ 100+ Articles on ZK ⊹ Tools ⊹ Podcasts ⊹ Workshops ⊹ Community ⊹ YouTube videos

5

15

48

Smacaud

@Smacaud1

6 months

All you need to understand Ethereum Block Architecture is this 👇

2

7

42

Smacaud

@Smacaud1

8 months

If you're working on a protocol using Chainlink as price oracle, this is for you ! Here are the common vulnerabilities you seriously need to look out for; ➢ Not Checking For Stale Prices ➢ Not Checking For Down L2 Sequencer ➢ Same Heartbeat Used For Multiple Price Feeds

1

6

44

Smacaud

@Smacaud1

9 months

@OlimpioCrypto @KyberNetwork

0

41

Smacaud

@Smacaud1

1 year

Resources to Grind for the weekend 1. EVM Limitations & Assembly Auditing

Auditor’s Advice: EVM Limitations & Assembly Auditing Tips | Part 3/3

We continue our series of educational articles and today we’ll look at some specific tips for auditing during the development of smart…

blog.pessimistic.io

1

7

45

Smacaud

@Smacaud1

11 months

After my first year in Security Audits: - I made over $680k - Audited 115 codebases - Found Over 140 Highs 250 Medium Vulnerabilities These were the words of @IAm0x52 after his first year in Security Auditing. Unlike some Top Auditors with 15 years experience in Software

4

2

42

Smacaud

@Smacaud1

9 months

If you're a solidity developer who is just getting started at learning Invariant Testing(fuzz) in Foundry Don't sweat it...not something impossible to learn Here are Beginner friendly best resources you can learn from in 2024...a 🧵 I'd appreciate a repost, so others can see

2

8

38

Smacaud

@Smacaud1

9 months

If you're a Solidity developer looking to dive deeper into Defi and understand how lending and borrowing concepts works, this is all you need! With explanations using popular Defi protocols like; • Aave • Compound • Euler You will get to understand; ➢ Lending Pools

2

11

40

Smacaud

@Smacaud1

9 months

Stop scrolling if you're struggling with understanding Transaction flows in Arbitrum Found this to be the best explainer i've ever come across - An extract from recent article by @chainlight on "Risks of Cex confirmation numbers....." Check next post for link 👇

4

40

Smacaud

@Smacaud1

8 months

Flashloan attacks are super deadly known to many but understood by only a few They come in different forms such as; • Flashloan Governance attacks • Flashloan Oracle attacks • Flashloan Reentrancy attacks In this thread, i will be explaining how they work + mitigations

2

11

42

Smacaud

@Smacaud1

7 months

If you ever wonder on how to survive doing security audits, worry no more! Here is what you should do in 2024: • Learn daily👨‍💻 • Be active on X🌐 • Read latest blogs📰 • Read research papers📝 • Practise writing PoCs👨‍💻 • Develop attacker's mindset 🥷🏼 • Share what you

5

4

43

Smacaud

@Smacaud1

9 months

If you want to learn more about Vulnerabilities on different Ethereum layers Check this out 👇

1

4

39

Smacaud

@Smacaud1

9 months

Most people think a mutex lock (nonreentrant modifier) is all you need to prevent Reentrancy But that's actually not the case as Cross-contract Reentrancy can still be exploited In this thread🧵, i will be explaining how it works and ways to prevent it

2

7

42

Smacaud

@Smacaud1

10 months

@twobitidiot CZ never stole users funds...Period!!! I trust him more than I trust the US regulators

2

40

Smacaud

@Smacaud1

7 months

I will never recover from learning about this amazing Tool It's your best bet to test any smart contracts using ERC20 tokens for potential exploits Worth checking out !!!

GitHub - zeroknots/brokentoken: Foundry Test Suit to test weird ERC20 behavior

Foundry Test Suit to test weird ERC20 behavior. Contribute to zeroknots/brokentoken development by creating an account on GitHub.

github.com

0

12

39

Smacaud

@Smacaud1

10 months

During a gold rush, sell shovels If Security Auditing is the Gold rush then selling shovels and stoves has to be; - Gas Optimization as a Service - Writing Testing (Invariant, unit, Fuzz) as a Service - Doing Formal Verification as a service - Building Auditing tools -

3

4

40

Smacaud

@Smacaud1

7 months

@WatcherGuru

0

34

Smacaud

@Smacaud1

9 months

Too many people are trying to get better at security audits Going through videos, blogpost and old reports all day all night but only few are reading Research Papers I've gathered fantastic ones on Smart Contract Vulnerabilities I'm sure you're going to enjoy this..a🧵

1

5

39

Smacaud

@Smacaud1

11 months

I made it a goal to earn at least $20,000 it was impossible. But I’m stubborn. Incredibly stubborn. I worked really hard earned almost $40, 000 These were the words of @zzykxx , the on-chain entomologist, in 2022 who is just getting started with security audits. Starting

3

4

39

Smacaud

@Smacaud1

11 months

In Security Audits, your advantage lies in seeing what others don't...Attacker's Mindset Remember the guy who won $26k recently just from a single report on @sherlockdefi ? How is that even possible? you may ask He simply reported a Critical Vulnerability with one of

4

8

41

Smacaud

@Smacaud1

11 months

Be Kind to Yourself, Don't Compare, Don't Expect Too Fast, and Don't Worry..... This was the advice of @Shanon40439853 who recently made $1M reporting a Critical Bug in @Balancer Currently, he has made over $3,000,000 Wait..3 what? Three Million Dollars All from just

1

5

37

Smacaud

@Smacaud1

11 months

Celebrity Auditor(who made over $100k/month): You see, in this space don't go after money, go for knowledge then money will come Junior Auditor:(Smashes like button) yessss, he is right...the money will come at just the right time Poor guy who is still struggling to pay his

7

5

36

Smacaud

@Smacaud1

9 months

@Mudit__Gupta All of his demands are just so unrealistic

0

2

38

Smacaud

@Smacaud1

11 months

Don't miss it If you're just starting out with security audits, X is a good source of Alpha And here are some active(post almost daily) accounts to follow; 📺 Educators: @PatrickAlphaC @RealJohnnyTime @0xOwenThurm @TheBlockChainer 🔍 Top Solo Auditors @pashovkrum

9

8

38

Smacaud

@Smacaud1

10 months

Here are my stack as a security researcher in 2023: - OS → Windows. - Code Editor→ Vscode - Extension → Solidity Visual Developer - Browser → Brave - Wallet → Metamask - Testing → Foundry - Report findings → Solodit - AI tool → ChatGpt What is in

6

2

37

Smacaud

@Smacaud1

7 months

If you're just getting your head around security opportunities in Solana related Dapps Here is an Awesome resources with all you need to know about Solana 👇 Your future self will absolutely thank you for picking it up !

GitHub - hokage-candidates/awesome-solana: A curated list of awesome Solana protocols, repos &...

A curated list of awesome Solana protocols, repos & community tools - hokage-candidates/awesome-solana

github.com

0

14

36

Smacaud

@Smacaud1

9 months

@dingalingts Monkey boys getting exploited again 🤦‍♂️

0

35

Smacaud

@Smacaud1

10 months

If you're looking for an idea of vulnerabilities to look for while auditing, this Repo is the best way to go

GitHub - OpenCoreCH/smart-contract-auditing-heuristics: Heuristics for smart contract auditors

Heuristics for smart contract auditors. Contribute to OpenCoreCH/smart-contract-auditing-heuristics development by creating an account on GitHub.

github.com

0

16

38

Smacaud

@Smacaud1

9 months

Improve yourself as a Security Researcher: • Learn daily👨‍💻 • Be active on X🌐 • Read latest blogs📰 • Practise writing PoCs👨‍💻 • Read research papers📝 • Develop attacker's mindset 🥷🏼 • Share what you learn in public👪 • Teach others 👨‍🏫 • Learn from others ✍ • Join

2

11

38

Smacaud

@Smacaud1

11 months

Celebrity Auditor: There is so much opportunity in this space. If you're just starting out 'audit like crazy' Junior Auditor: Oh man, i need to get serious and put more time grinding harder...want to start making $100k/month too. Poor guy didn't waste so much time becoming a

6

2

36

Smacaud

@Smacaud1

10 months

If I died tomorrow, here's everything I'd want you to know about Security audits as a Junior Auditor - Security audits is a responsibility and not a get rich schemes, if you want to get rich quick go trade shitcoins and others - You don't become good at auditing overnight, it

1

7

40

Smacaud

@Smacaud1

9 months

Getting started with Solidity can seem really hard especially if you have no dev background I found a cheat sheet explaining the fundamentals of Solidity, all you need to know Check it out ! 👇

0

5

37

Smacaud

@Smacaud1

8 months

The fear of approaching a codebase is what scare most people away from auditing ....thinking it's all too complex to comprehend If you find yourself in this situation, Just check out this General Review Approach (link below) It surely will get you going

1

10

36

Smacaud

@Smacaud1

9 months

If you're auditing Staking contracts and struggling to know what to look for, this is for you! Here are some of the common weak spots you should watch out for...might lead you to uncover bugs; ➢ Can rewards be delayed in payout, or claimed too early? ➢ Can rewards be

1

5

37

Smacaud

@Smacaud1

8 months

If you're ever auditing a protocol using @openzeppelin contracts package, you might want to check if the version used has a publicly known vulnerabilities You can find the list here; it comes in handy (Check next post for link)👇

3

10

38

Smacaud

@Smacaud1

9 months

If you're auditing Upgradeable contracts, Pay attention! Here are some of the common weak spots you should watch out for...might lead you to uncover bugs ➢ Is there a constructor ? (should not have one) ➢ Is the modifier initializer added on “initialization()” function

3

4

38

Smacaud

@Smacaud1

7 months

All your struggle with understanding how vulnerabilities work can be solved using this repo. It offers a curated collection of Foundry tests replicating exploits, bug bounty reports, and more. Check it out 👇

GitHub - coinspect/learn-evm-attacks: Learn and contribute by exploring blockchain attacks in...

Learn and contribute by exploring blockchain attacks in detail. Maintained by Coinspect smart contract audit team, renowned for their top-tier smart contract audit services. - coinspect/learn-evm-a...

github.com

0

15

35

Smacaud

@Smacaud1

9 months

One of the things I wish I knew when i was starting out with smart contract auditing is understanding the codebase of popularly forked protocols. Almost all the projects i audited in the past were forks of these protocols. So you don't make same mistake, here are protocols you

2

8

37

Smacaud

@Smacaud1

7 months

Fuzz tests isn't what you should despise at all Fast forward to this year – we've got lot of projects popping up left and right Many without fuzz tests thereby increasing the risks of nasty exploits I've gathered Top 5 Github Repos for Fuzz tests (learn and practice) ...a 🧵

2

8

36

Smacaud

@Smacaud1

9 months

If only every Auditors realize that; • Not making anywhere near 100k per month • Not getting any leads for private audits • Not finding any bugs in public contests • Getting your findings escalated and rejected • Putting all the hard work but nothing to show for it

0

3

37

Smacaud

@Smacaud1

9 months

If you're looking to investigate exploits in NFTs contracts and avoid them, this is for you! The common ones are; • Risky Mutable Proxy • ERC-721 Reentrancy • Unlimited Minting • Missing Requirements • Public Burn Explore full details in the next post 👇

3

4

35

Smacaud

@Smacaud1

10 months

If you're auditing contracts that interact with WETH, listen up! Here are some of the things you need to pay attention to 👇 --------- 🌐 WETH addresses differs by chain and as such it should never be hardcoded (Ethereum WETH address differs from that of Polygon). 🌐 WETH

3

4

36