A developer trying to create a secure smart contract will have a different mindset. Smart contract auditors are able to put themselves in the shoes and exploit security vulnerabilities, if any.
Julien Klepatch – Live Training #7 – Smart Contract Security #2
Which skill is the most highly-paid in the Blockchain industry
Security.
Earn up to 250k USD/year as a smart-contract security specialist.
Yep.
Smart contract hacks have cost hundreds of millions.
It’s worth a lot of money if you are able to write secure smart contracts.
Smart contract audits are the best in security.
One smart contract audit can cost hundreds of thousands for blockchain companies.
Two components are required for a smart contract auditor:
- Security vulnerabilities
- Your findings are presented in a report
Different mindsets are needed than those who attempt to create safe smart contracts.
As a smart contract auditor you will try to exploit security flaws if possible.
You will be taught by a professional security expert how to conduct smart contract audits.
This training will prepare you to conduct smart contract audits on your own and charge top dollar!
LIVE EVENT
When is the training?
- July 20th, 11:58 UTC+8
- Even if the live event is not accessible, the recording will be available.
PART I: OFFENSIVE SECURITIES IN SMART CONTRACTS
- The Mindset of a Pentester
- Types Of Scan:
- Manual Scanning
- Static Analysis
- Analyse Dynamic
PART II: AUDIT METHODOLOGY
- Black Box
- Grey Box
- White Box
- How to write a report, and how to do a risk assessment
Download immediately Julien Klepatch – Live Training #7 – Smart Contract Security #2
PART III: DETECT CLIMATE ENDPOINTS IN SMARTER CONTRACTS
- Solograph
- Signage of Critical Functions
PART VI: THE SWC RECORD (SMART CONTRACT WeakNESS CLASSIFICATION).
PART V – EXPLOIT SOLIDITY vulnerabilities
- Detect and Exploit-Entrancy Attacks
- Detect and Exploit Integer Overflow/Underflow
- Detect Denial of Service
- Force sending Ether
- You can bypass the Tx.Origin Authentication
PART VI: STATTIC ANALYSIS
- Slither is a great tool to identify Solidity issues
PART VII: DYNAMIC ANALYSIS
- MythX
- Manticore
PRE-REQUISITIONS
- The basics of NodeJS
- The basics of the command line
- Ethereum
- Solidity
- ERC20
- Truffle
- It is required:
- Code editor (ex: Visual Studio Code)
- A terminal (Windows users can use bash emulation to git for Windows)
- NodeJS
- Truffle
- Works on Windows 8/10, recent versions of Ubuntu & MacOS
Your instructor
Souhail Mssassi
ShellBoxes founder and CRISIS director, more than 6 years experience in cybersecurity. Security He is an engineer who specializes in application security, cryptography, and security of decentralized apps. He has assisted many organizations in improving their cybersecurity strategies. Security Engineer in Halborn, the Elite Cybersecurity for Blockchain Companies.
He also presented as both an instructor and speaker. Security Lectures at Universities and Conferences
Recent research in cybersecurity on Formal Verification
[+] @Email: [email protected]
[+] @LinkedIn: https://www.linkedin.com/in/mssassi/
Here’s what you can expect in the new book Julien Klepatch – Live Training #7 – Smart Contract Security #2
Course Features
- Lecture 0
- Quiz 0
- Duration 10 weeks
- Skill level All levels
- Language English
- Students 143
- Assessments Yes
