afeli

Discussing how to get into Smart Contract Auditing and Web3 Security with Tyrese Tetteh and Amaechi Okolobi - Chainlink Developer Advocates and Students at Brunel University. Links: https://code4rena.com/ https://secureum.substack.com/ https://yacademy.dev/ https://spearbit.com/ Full podcast: https://www.youtube.com/watch?v=g79DFfBaTew

An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In just under a year, Trust has rocketed to the top of the code4rena leaderboard, and has made waves on both code4rena and Immunefi. In this conversation, we delve into Trust's background as an exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Trust discusses his work performing audits on code4rena, participating in bug bounties on Immunefi, and shares with us his methodology and mindset around bounty hunting and security research. Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw

An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In just under a year, Trust has rocketed to the top of the code4rena leaderboard, and has made waves on both code4rena and Immunefi. In this conversation, we delve into Trust's background as an exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Trust discusses his work performing audits on code4rena, participating in bug bounties on Immunefi, and shares with us his methodology and mindset around bounty hunting and security research. Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw

An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In just under a year, Trust has rocketed to the top of the code4rena leaderboard, and has made waves on both code4rena and Immunefi. In this conversation, we delve into Trust's background as an exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Trust discusses his work performing audits on code4rena, participating in bug bounties on Immunefi, and shares with us his methodology and mindset around bounty hunting and security research. Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw

An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In just under a year, Trust has rocketed to the top of the code4rena leaderboard, and has made waves on both code4rena and Immunefi. In this conversation, we delve into Trust's background as an exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Trust discusses his work performing audits on code4rena, participating in bug bounties on Immunefi, and shares with us his methodology and mindset around bounty hunting and security research. Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw

An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In just under a year, Trust has rocketed to the top of the code4rena leaderboard, and has made waves on both code4rena and Immunefi. In this conversation, we delve into Trust's background as an exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Trust discusses his work performing audits on code4rena, participating in bug bounties on Immunefi, and shares with us his methodology and mindset around bounty hunting and security research. Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw

An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In just under a year, Trust has rocketed to the top of the code4rena leaderboard, and has made waves on both code4rena and Immunefi. In this conversation, we delve into Trust's background as an exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Trust discusses his work performing audits on code4rena, participating in bug bounties on Immunefi, and shares with us his methodology and mindset around bounty hunting and security research. Contact Trust: https://twitter.com/trust__90 https://www.trustindistrust.com/ Links: https://code4rena.com/ https://immunefi.com/ OUTLINE: 00:00 - Intro 2:49 - Israel Defense Forces 10:16 - Experience as an Exploit Dev 20:25 - Working at NSO Group 29:16 - Switching to web3 security 38:16 - Traditional (web2) Bug Bounties 41:08 - Web3 Learning Resources 47:29 - Audit Methodology 1:02:10 - Auditing on code4rena 1:07:14 - Audit Methodology cont. 1:13:25 - Bounty Hunting on Immunefi 1:24:02 - Becoming a Judge on code4rena 1:28:20 - Trust Security: Private Audits 1:37:51 - Getting a job VS being an independent security researcher 1:39:56 - Web2 or Web3 as a career for 2023 1:42:08 - ChatGPT for auditors 1:48:28 - ZK auditing 1:51:33 - Future of smart contract auditing

Trust talks about his experience working at NSO Group as an iOS exploit developer, discovering 0-click, 1-click zero-day vulnerabilities. An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In this conversation, we delve into Trust's background as a security researcher and exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw

Trust describes his methodology for auditing smart contracts. An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In this conversation, we delve into Trust's background as a security researcher and exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw

How security researchers can utilize ChatGPT to assist in their work. An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In this conversation, we delve into Trust's background as a security researcher and exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Full Podcast: https://www.youtube.com/watch?v=NC4uzV-syIw

0xDjango went full time in web3 security as an independent researcher this year, and has found success on both Code4rena and Immunefi earning over 400k combined in bounty rewards. In this conversation we talk about how he transitioned into web3 security, bounty hunting and tips for beginners getting started in this field. Links: https://code4rena.com/ https://immunefi.com/ Learning Resources: https://medium.com/immunefi/hacking-the-blockchain-an-ultimate-guide-4f34b33c6e8b The Saloon: https://discord.gg/qE8wpbP5rW https://twitter.com/saloonfinance Follow Django: https://twitter.com/0xdjangoonchain OUTLINE: 00:00 - Background 2:07 - Learning Solidity 4:11 - Learning Web3 Security 6:51 - Audit Methodology 8:33 - Bounty Hunting Full Time 9:52 - Immunefi 17:25 - Picking Targets 20:40 - Million $ Bounties 22:04 - Code4rena vs Immunefi 29:58 - Auditing as a Team 31:40 - Upskilling Quickly 34:53 - Traditional Auditing vs Decentralized Audit Models 39:43 - Immunefi Audit Methodology 48:09 - Diverse Backgrounds of Auditors 49:28 - New Bug Bounty Platform - The Saloon 1:02:49 - How to Learn Blockchain and Smart Contract Hacking 1:06:33 - Future Predictions of Web3 Bug Bounties

This was the resume that I used to land a job as a smart contract auditor in the web3 security space. Got good response rates with top auditing firms.

Discussing how to get into Smart Contract Auditing and Web3 Security with Tyrese Tetteh and Amaechi Okolobi - Chainlink Developer Advocates and Students at Brunel University. Tyrese & Amaechi: https://twitter.com/Tettehnetworks https://twitter.com/AmaechiEth https://chainlinktoday.com/chainlink-hosts-smart-contract-developer-bootcamp-at-imperial-college-london/ Links: https://code4rena.com/ https://secureum.substack.com/ https://yacademy.dev/ https://spearbit.com/ OUTLINE: 00:00 - Background 9:14 - Getting into Web3 Security 11:24 - Getting a job 13:16 - Code4rena 19:49 - Smart Contract Auditing Bootcamps 21:44 - Advice for Code4rena 23:57 - Spearbit 26:33 - Cyber Security vs Developer background 28:12 - Confidence and Determination 38:05 - Audit Methodology for Code4rena (breadth first search vs depth first search)

Full Podcast: https://www.youtube.com/watch?v=cHAOoANmSNA

Jackson Kelly is a software engineer (ex-Amazon), smart contract auditor and career coach with over 10 years of experience in tech. In this conversation we discuss his move from FAANG to working in the crypto space, his smart contract auditing methodology, opportunities in web3 and advice for students considering a career in tech. LINKS: https://www.youtube.com/c/JacksonKelley https://twitter.com/sjkelleyjr https://jacksonkelley.gumroad.com/l/how-to-become-a-smart-contract-auditor/ https://medium.com/coinmonks/5-solidity-code-smells-87bb2f259dde https://code4rena.com/ https://yacademy.dev/ https://spearbit.com/ OUTLINE: 00:00 - Background 8:04 - Working at Amazon 14:13 - Software Engineering vs Smart Contract Auditing 16:46 - Lessons learned from Amazon 19:09 - Adversarial/Hacker Mindset 21:53 - FAANG Interview Tips 28:13 - Coding Interviews 30:32 - Do you need a Degree 32:08 - Smart Contract Auditing Methodology 35:23 - Developing Intuition for Vulnerable Code 38:54 - Learning Resources for Smart Contract Auditing 47:43 - Getting a Job as a Smart Contract Auditor 55:12 - yAcademy 1:01:43 - Spearbit 1:05:11 - Senior Smart Contract Auditor Salaries 1:07:49 - Working at Robinhood 1:14:31 - Working as a Developer vs Auditor 1:17:24 - Cyber Security background vs Developer background 1:19:53 - Web3 security in the next 2-5 years 1:28:35 - Advice for Students 1:32:55 - Deciding what to work on 1:35:36 - Being a new dad 1:40:24 - Jackson's YouTube Videos

Links: https://cmichel.io/how-to-become-a-smart-contract-auditor/ https://www.youtube.com/watch?v=gyMwXuJrbJQ https://www.damnvulnerabledefi.xyz/ https://ethernaut.openzeppelin.com/ https://secureum.substack.com/ https://code4rena.com/ https://www.youtube.com/watch?v=-469Gcye-ZE

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ

Full Podcast: https://www.youtube.com/watch?v=YCsfUrzrcgQ