Live Training #7 - Smart Contract Security #2

Learn to create smart contract audits

FOR CRYPTO PAYMENTS:
» READ THIS

What is the highest paid skill in the Blockchain industry?
Security.
As a smart contract security specialist, you can earn up to 250k USD / year.

Yep.

Hundreds of millions have been lost to smart contract hacks.
If you can write safe smart contracts, it's worth a LOT of money.

And in the security niche, smart contract audits is what pays the most.
Blockchain companies pay hundreds of thousands of dollars for a single smart contract audit.

In a smart contract audit, there are 2 components:

  • Finding security vulnerabilities
  • Presenting your findings in a report

The mindset to have is different than for a developer who try to write a safe smart contract.
As a smart contract auditor, you put yourself in the shoes of a hacker and try to exploit security vulnerability, if any.

In this training, you will learn from a professional security specialist how to do smart contract audits.
After this training, you will be able to do your own smart contract audits and charge top dollars for it!



LIVE EVENT

When is the training?

  • July 20th, 11pm UTC+8
  • If you cannot access the live event, you will still be able to access the recording after

PART I: OFFENSIVE SECURITY IN SMART CONTRACTS

  • The Mindset of a Pentester
  • Types of Scan:
    • Manual Scanning
    • Static Analysis
    • Dynamic Analysis

PART II: AUDIT METHODOLOGY

  • Black Box
  • Grey Box
  • White Box
  • How to write a report and risk assessment

PART III: DETECT CRITICAL ENDPOINTS IN SMART CONTRACTS

  • Solograph
  • Critical Functions Signature

PART VI: THE SWC REGISTER (SMART CONTRACT WEAKNESS CLASSIFICATION)

PART V: EXPLOIT SOLIDITY VULNERABILITIES

  • Detect and Exploit Re-Entrancy Attacks
  • Detect and Exploit Integer overflow/underflow
  • Detect Denial of Service
  • Force Sending Ether
  • Bypass the Tx.Origin Authentication

PART VI: STATIC ANALYSIS

  • Use Slither to detect Solidity issues

PART VII: DYNAMIC ANALYSIS

  • MythX
  • Manticore

PRE-REQUISITES

  • Basics of NodeJS
  • Basics of the command line
  • Ethereum
  • Solidity
  • ERC20
  • Truffle
  • Required software:
    • Code editor (ex: Visual Studio Code)
    • A terminal (for Windows users, you can use the bash emulation of git for windows)
    • NodeJS
    • Truffle
  • Works on Windows 8/10, recent versions of Ubuntu & MacOS

Your Instructor


Souhail Mssassi
Souhail Mssassi

Founder of ShellBoxes and CRISIS, with more than 6 years of experience in cybersecurity as an offensive Security Engineer specialized in application security, cryptography and security of decentralized applications he assisted several organizations in improving their own cybersecurity strategy.He is also an Offensive Security Engineer in Halborn the Elite Cybersecurity for Blockchain Companies.

And as an Instructor and a Speaker he presented Security lectures in universities and Conferences.

Recently researching on Formal Verification in the cybersecurity Field.


[+] @Email: [email protected]

[+] @LinkedIn: https://www.linkedin.com/in/mssassi/


FOR CRYPTO PAYMENTS:
» READ THIS

Frequently Asked Questions


When does the course start and finish?
The course starts now and never ends! It is a completely self-paced online course - you decide when you start and when you finish.
How long do I have access to the course?
How does lifetime access sound? After enrolling, you have unlimited access to this course for as long as you like - across any and all devices you own.
What if I am unhappy with the course?
We would never want you to be unhappy! If you are unsatisfied with your purchase, contact us in the first 30 days and we will give you a full refund. Please be aware that there are no refund for payments with crypto.
Can I pay with crypto?
Yes, please read this page for details: https://eattheblocks-pro.teachable.com/p/crypto-payments

Get started now!