BHIS | Getting Started in Blockchain Security and Smart Contract Auditing | Beau Bullock
HTML-код
- Опубликовано: 7 июл 2024
- Join us in the Black Hills InfoSec Discord server here: / discord to keep the security conversation going!
Learn breaching the cloud with Beau Bullock from Antisyphon
Training: www.antisyphontraining.com/br...
0:00:00 - PreShow Banter™ - Beau Has a Fan Club
0:32:39 - FEATURE PRESENTATION: Getting Started in Blockchain Security and Smart Contract Auditing
0:36:39 - Roadmap
0:37:51 - Why Blockchain Security
0:39:21 - Growing Use Cases for Blockchain
0:43:23 - Blockchain Elements That Need Securing
0:49:00 - What Are Smart Contracts
0:51:22 - EVM : Ethereum Virtual Machine
0:54:00 - Solidity
0:59:55 - Smart Contract Vulns
1:04:00 - - Reentrancy
1:05:54 - - Front-Running
1:07:41 - - Inter Overflow and Underflow
1:09:15 - - Denial-of-Service
1:10:43 - - Access Control
1:12:46 - - Timestamp Dependence
1:15:23 - Case Studies - Uranium Finance Hack
1:17:26 - - Poly Network Hack
1:21:07 - - Cream Finance Hack
1:24:42 - DEMO: Live Exploit
1:35:44 - Exploit Recap
1:36:14 - Security Tools - VS Code + Solidity Visual Developer
1:37:08 - - Slither
1:37:26 - - Mythril & MythX
1:37:57 - Get-Started Resources
1:39:03 - Bug Bounties
1:39:19 - Key Takeaways
1:40:29 - This is the End - Q & A
Description: In this Black Hills Information Security (BHIS) webcast, we'll use case studies about recent blockchain hacks to introduce the underlying issues that occur in writing/engineering smart contracts that have ultimately lead to the loss of millions of dollars to attackers.
Slides:s1hb.sharepoint.com/Content&C...
BlockchainHAX QuickStart Guide
• start.blockchainhax.com
Follow me on Twitter
• Beau Bullock - @dafthack
CoinSec Podcast - Weekly show about blockchain security
• coinsecpodcast.com • @coinsecpodcast
• CoinSec Podcast Discord: / discord
Black Hills Infosec Socials
Twitter: / bhinfosecurity
Mastodon: infosec.exchange/@blackhillsi...
LinkedIn: / antisyphon-training
Discord: / discord
Black Hills Infosec Shirts & Hoodies
spearphish-general-store.mysh...
Black Hills Infosec Services
Active SOC: www.blackhillsinfosec.com/ser...
Penetration Testing: www.blackhillsinfosec.com/ser...
Incident Response: www.blackhillsinfosec.com/ser...
Backdoors & Breaches - Incident Response Card Game
Backdoors & Breaches: www.backdoorsandbreaches.com/
Play B&B Online: play.backdoorsandbreaches.com/
Antisyphon Training
Pay What You Can: www.antisyphontraining.com/pa...
Live Training: www.antisyphontraining.com/co...
On Demand Training: www.antisyphontraining.com/on...
Educational Infosec Content
Black Hills Infosec Blogs: www.blackhillsinfosec.com/blog/
Wild West Hackin' Fest RUclips: / wildwesthackinfest
Active Countermeasures RUclips: / activecountermeasures
Antisyphon Training RUclips: / antisyphontraining
Join us at the annual information security conference in Deadwood, SD (in-person and virtually) - Wild West Hackin' Fest: wildwesthackinfest.com/
#bhis #infosec
This was exactly what I was looking for as I want to focus on blockchain offensive security. Super helpful 💯
Glad it was helpful!
I'm already on the smart contract rabbit hole, and this is great fuel for the fire!
Hey Caleb, howdy? and how far have you come along in your SC rabbit hole?
Great content - thanks a lot for sharing your knowledge!
Loved it! It was such a pleasure to watch, succinct and very well done! Please make more of these
Before this video ,i just know that cypto is based on blockchain but now i know what blockchain is .Thanks for the video ❤️.
thank you for sharing !
Great Content Guys! Currently Writing a Master's Dissertation on Some of the Smart Contract Vulnerabilities and this has helped alot!
Hey Kay, have you finished writing the dissertation project?
Thanks for sharing. Please keep sharing stuff like this.
We have another Getting Started webcast about Pentesting, this Thursday!
Awesome content
man, you guys have the coolest t-shirts (and great talk!)
Thanks for the shoutout guys !😂😎
So helpful
Gold!
Been waiting for this since the webcast ended.😂
8 more times...
More like 7 lol
really very good and informative session...it's definitely super super helpful.
🤣camera focusing issue was miserable though...
Yea we know. sigh. We'll get him a new camera eventually. :)
I’ll b there soon
Thanks for the info. I want to get into blockchain security but have no cyber background. How should I approach?
Can someone tell me name of a website which is solely dedicated to blockchain security and has smart contract boxes just like in hack the box or is their a website which has regular updates on ctfs and bug bounty for blockchain 🤔.
Interesting
Hi, do you know where to start the technical part of block chains ?
You can jump into Beau's new CoinSec Podcast discord to ask this question. It just launched! : discord.gg/EdUFBtR9nz
How do i get the Cybersecurity guys channel
get this guy to talk about Solana smart contracts vulns pls
Hi sir, I need help with a project in the Blockchain security field, which is about implementing SQL injection and XSS on a decentralized application, if you have any idea or you know anyone that can help and guide me please let me know, many thanks
Great content guys. I am in Toronto Canada and looking to get into blockchain technology/developer. Would love to connect with Black Hills. What’s the best way to join the community?
Join the InfoSec Knowledge Sharing Community Discord: discord.gg/bhis
@@BlackHillsInformationSecurity thank you! Can’t wait to connect