FuzzingLabs Academy/Introduction to Ethereum Security

  • Free

Introduction to Ethereum Security

  • Course
  • 16 Lessons

Discover more about Ethereum security and fuzzing

Fuzzing Ethereum smart contract using echidna

In this video, I will show how to find vulnerability inside an Ethereum smart contract written in Solidity using echidna, one of the only Ethereum smart contract fuzzer.

Solidity audit & Ethereum Smart Contract analysis using Mythril

Following the last video, I will show how to audit and find vulnerability inside an Ethereum smart contract written in Solidity using Mythril, one of the best EVM smart contract analysis tools.

Ethereum/EVM Smart Contract Reverse Engineering & Disassembly

Today I'm showing how EVM disassembly works and how to reconstruct the control flow graph (CFG) of an Ethereum smart contract when you only have access to the bytecode (closed-source). It's really useful when you're looking to analyze in-depth a contract at the EVM assembly level. 

Ethereum Smart Contract Analysis & Solidity Audit using Slither

In this video, I will show how to audit and find vulnerability inside an Ethereum smart contract written in Solidity using Slither, one of the best EVM smart contract analysis tools.

State of the Art of Ethereum Smart Contract Fuzzing in 2022

Fuzzing is known as one of the most efficient techniques to find bugs in software. Sadly, when dealing with Ethereum smart contracts, the number of fuzzers and documentation available is really limited. During this talk, we will explain why fuzz testing EVM smart contracts can be challenging, why it's important and which EVM fuzzers are the best.

Ziion: Discovery of this New Kali Linux for Blockchain Security

Today, I'm presenting Ziion, a "Kali Linux" like VM for blockchain security engineers made by @halborn. It's a dedicated virtual machine that contains a bunch of security tools like static analyzer, fuzzer, analyzer, etc. for various blockchain protocols and smart contract languages.

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge

 In this video, I will show how to run and customize Foundry/Forge to fuzz an Ethereum smart contract in Solidity. I will also mention what, in my opinion, is missing regarding Foundry fuzzing compare to Echidna.

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports!

How to become an Ethereum/Solidity smart contract auditor? Where to start? How to improve your smart contract auditing process? Which tool to use? The paper analyzed in this video: "Demystifying Exploitable Bugs in Smart Contracts" is a compilation of all the findings of code4rena Ethereum contest audits.

What's included?

Fuzzing Ethereum smart contract using echidna

Video: Complete step-by-step tutorial
Preview
Cheatsheet_fuzzing_ethereum_SC_echidna.md
fuzzing_ethereum_smart_contract.zip

Solidity audit & Ethereum Smart Contract analysis using Mythril

Video: Complete step-by-step tutorial
Preview
Cheatsheet_audit_ethereum_SC_mythril.md
etherstore.sol

Ethereum/EVM Smart Contract Reverse Engineering & Disassembly

Video: Complete step-by-step tutorial
Preview
reversing_ethereum_smart_contract_final.pdf

Ethereum Smart Contract Analysis & Solidity Audit using Slither

Video: Complete step-by-step tutorial
Preview
audit_solidity_slither.zip

State of the Art of Ethereum Smart Contract Fuzzing in 2022 [EthCC5]

Video
Preview
EthCC5_Fuzzinglabs_State_of_the_Art_of_Ethereum_Smart_Contract_Fuzzing_in_2022.pdf

Ziion: Discovery of this New Kali Linux for Blockchain Security

Video
Preview

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge

Video: Complete step-by-step tutorial
Preview
Cheatsheet_fuzzing_ethereum_foundry_fuzz.md

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports!

Video
Preview

Meet Your Instructor

Hey! 👋 My name is Patrick and I'm the founder of FuzzingLabs, a research-oriented security company specializing in fuzzing, vulnerability research, and reverse engineering.

Over time, we found hundreds of bugs and presented our work at various security conferences around the globe, including BlackHat USA, OffensiveCon, REcon, Devcon, EthCC, RingZer0, ToorCon, hack.lu, NorthSec, Microsoft DCC, etc.

You can read more about me by clicking here.

FREE Resources & Trainings

Enter your email to receive special deals and a bundle of awesome resources. 100% free - 100% awesome. 👇

You're signing up to receive emails from FuzzingLabs Academy