Let’s make web3 industry more secure!
Community Whitehat (145)
English version (400 Incidents)
Solidity smart contract security and auditing techniques
Move programming language secure development
[Tools] Identify a DeFi scam token
[Tools] Mev watcher & Real time threat alert
[Tools] Intro transaction debugging tools
[Course] Web3 security awareness course for users
1.Nine Common Web3 Hacks and Scams
3.[Quiz] User security awareness testing
4.Event spoofing - fake records on etherscan!
[Course] Web3 security course for devs
3.Unchecked return value 4.Data location - storage vs memory
5.Unchecked external call - call injection [REF]
6.Deflationary/fee-on-transfer tokens
7.Phantom function - Permit Function
10.Price manipulation - balanceOf
12.Oracle data feed is insufficiently validated
13.Precision Loss - Rounded down to zero
14.Slippage - Incorrect deadline & slippage amount
15.abi.encodePacked() Hash Collisions
20.Incorrect use of payable.transfer() or send()
21.Unauthorized NFT Transfer in custom ERC721 implementation
22.Missing check for Self-Transfer allows funds to be lost
23.Incorrect implementation of the recoverERC20()
24.Missing flash loan initiator check
27.Web3 DevSecOps is very important!
[中文] 大家來找碴