Souhail Mssassi – EatTheBlocks Pro – Live Training #7 – Smart Contract Security #2

Description

Souhail Mssassi – EatTheBlocks Pro – Live Training #7 – Smart Contract Security #2 download , Souhail Mssassi – EatTheBlocks Pro – Live Training #7 – Smart Contract Security #2 review , Souhail Mssassi – EatTheBlocks Pro – Live Training #7 – Smart Contract Security #2 free

Souhail Mssassi – EatTheBlocks Pro – Live Training #7 – Smart Contract Security #2

Learn to create smart contract audits

What is the highest paid skill in the Blockchain industry?
Security.
As a smart contract security specialist, you can earn up to 250k USD / year.

Yep.

Hundreds of millions have been lost to smart contract hacks.
If you can write safe smart contracts, it’s worth a LOT of money.

And in the security niche, smart contract audits is what pays the most.
Blockchain companies pay hundreds of thousands of dollars for a single smart contract audit.

In a smart contract audit, there are 2 components:

Finding security vulnerabilities
Presenting your findings in a report
The mindset to have is different than for a developer who try to write a safe smart contract.
As a smart contract auditor, you put yourself in the shoes of a hacker and try to exploit security vulnerability, if any.

In this training, you will learn from a professional security specialist how to do smart contract audits.
After this training, you will be able to do your own smart contract audits and charge top dollars for it!

PART I: OFFENSIVE SECURITY IN SMART CONTRACTS
The Mindset of a Pentester
Types of Scan:Manual Scanning
Static Analysis
Dynamic Analysis

PART II: AUDIT METHODOLOGY
Black Box
Grey Box
White Box
How to write a report and risk assessment

PART III: DETECT CRITICAL ENDPOINTS IN SMART CONTRACTS
Solograph
Critical Functions Signature

PART VI: THE SWC REGISTER (SMART CONTRACT WEAKNESS CLASSIFICATION)

PART V: EXPLOIT SOLIDITY VULNERABILITIES
Detect and Exploit Re-Entrancy Attacks
Detect and Exploit Integer overflow/underflow
Detect Denial of Service
Force Sending Ether
Bypass the Tx.Origin Authentication

PART VI: STATIC ANALYSIS
Use Slither to detect Solidity issues

PART VII: DYNAMIC ANALYSIS
MythX
Manticore

PRE-REQUISITES

• Basics of NodeJS
• Basics of the command line
• Ethereum
• Solidity
• ERC20
• Truffle
• Required software:
  Code editor (ex: Visual Studio Code)
  A terminal (for Windows users, you can use the bash emulation of git for windows)
  NodeJS
  Truffle
• Works on Windows 8/10, recent versions of Ubuntu & MacOS

Your Instructor
Souhail Mssassi
With more than 8 years of experience in cybersecurity as an offensive Security Engineer specialized in application security, cryptography and security of decentralized applications he assisted several organizations in improving their own cybersecurity strategy.

And as an Instructor and a Speaker he presented Security lectures in universities and Conferences.

Recently researching on Formal Verification in the cybersecurity Field.

Frequently Asked Questions:

1. Innovative Business Model:
   • Embrace the reality of a genuine business! Our approach involves forming a group buy, where we collectively share the costs among members. Using these funds, we purchase sought-after courses from sale pages and make them accessible to individuals facing financial constraints. Despite potential reservations from the authors, our customers appreciate the affordability and accessibility we provide.
2. The Legal Landscape: Yes and No:
   • The legality of our operations falls into a gray area. While we lack explicit approval from the course authors for resale, there’s a technicality at play. When procuring the course, the author didn’t specify any restrictions on resale. This legal nuance presents both an opportunity for us and a boon for those seeking budget-friendly access.
3. Quality Assurance: Unveiling the Real Deal:
   • Delving into the heart of the matter – quality. Acquiring the course directly from the sale page ensures that all documents and materials are identical to those obtained through conventional means. However, our differentiator lies in going beyond personal study; we take an extra step by reselling. It’s important to note that we are not the official course providers, meaning certain premium services aren’t included in our package:
     • No coaching calls or scheduled sessions with the author.
     • No access to the author’s private Facebook group or web portal.
     • No entry to the author’s exclusive membership forum.
     • No direct email support from the author or their team.

   We operate independently, aiming to bridge the affordability gap without the additional services offered by official course channels. Your understanding of our unique approach is greatly appreciated.

Refund is acceptable:

• Firstly, item is not as explained
• Secondly, Item do not work the way it should.
• Thirdly, and most importantly, support extension can not be used.

Thank you for choosing us! We’re so happy that you feel comfortable enough with us to forward your business here.