Login
FuzzingLabs Academy/Solidity & Ethereum Smart Contract Security Audit and Fuzzing

You're signing up to receive emails from FuzzingLabs Academy.

  • Waitlist

Solidity & Ethereum Smart Contract Security Audit and Fuzzing

  • Bundle
  • 0 Products

Learn which kind of security vulnerabilities/bugs can be found inside Ethereum smart contract and in particular in Solidity code, how to detect them statically and automatically using different audit and fuzzing techniques.

You're signing up to receive emails from FuzzingLabs Academy.

Abstract

Module 1: Audit & Code Review

  • Introduction to Ethereum 
    • Blockchain 101, Ecosystem
  • Introduction to Solidity 
    • Basics, Learning Resources, Examples
  • Solidity Ecosystem 
    • Toolchains, Compilation, IDEs
  • EVM Design & Security 
    • Security Concepts, Transactions, EVM bytecode
  • ERC Standards 
    • ERC20, ERC721, ERC777, Proxy, Templates, Modifiers
  • Error handling 
    • Assertion, Revert, Exceptions
  • Common Vulnerabilities 
    • PRNG, Overflow, Access control, Ownership, Reentrancy, etc.
  • EXERCISES 
    • CTF, Real-life examples, Past vulnerabilities
  • DeFi 
    • Concepts, Stablecoin, DEX, AMM, Lending, Yearn, Staking, DAO
  • DeFi Vulnerabilities 
    • Flash Loans. Oracle Manipulation, Governance Attacks, Front-running. Rug Pulls, etc.
  • EXERCISES 
    • CTF, Real-life examples, Past vulnerabilities
  • Going deeper
    • Public reports, Checklists

Module 2: Advanced Testing & Fuzzing 
  • Attack surface discovery
    • Call graph, Auditing tools, Testing techniques
  • EVM execution & Emulation
    • Geth, revm, Qiling, etc.
  • Transaction analysis
    • Exploit analysis, EVM traces
  • Static Analysis Tools
    • Mythril, Slither
  • EXERCISES 
    • CTF, Real-life examples, Past vulnerabilities
  • Property-based Testing
  • Fuzzing
    • Echidna, Foundry
  • Code Coverage
  • Symbolic Execution
    • Manticore, hevm, etc.
  • Formal verification
    • Certora, KEVM, Halmos, Symbolic Bounded Model Checker, etc.
  • EXERCISES 
    • CTF, Real-life examples, Past vulnerabilities

Meet Your Instructor

Hey! 👋 My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

You can read more about me by clicking here.
XLinked_inYoutubeWebsiteMail

FREE Resources & Trainings

Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. 👇

You're signing up to receive emails from FuzzingLabs Academy