Jeff Security
@jeffsecurity
Followers
8K
Following
12K
Media
93
Statuses
2K
Independent Smart Contract Researcher & Researcher at @ShieldifySec My mission is to find vulnerabilities in smart contracts for a safer Web3 Space!
Audit portfolio here:
Joined May 2021
My May/July/June 2023 update from private audits:. - $48900 earned .- 10 high, 14 Medium, 26 Low, 50+ Info severity vulnerabilities found.- 7 solo smart contract security audits done for clients.
56
17
459
Account plugin for the Ape Framework, designed for the Safe multisig wallet: 👇 .
github.com
Safe (Wallet) account plugin for the Ape Framework - ApeWorX/ape-safe
1
0
5
RT @ShieldifySec: ERC Standards & Edge Cases ( Resources) - repost & bookmark sir🫡. ♦️Weird ERC20 Implementations.🔗.
github.com
A security checklist for novel ERC4626 safety. Contribute to Solthodox/erc4626-checklist development by creating an account on GitHub.
0
22
0
Despite advancements in smart contract security, reentrancy attacks are still a significant threat in Web3. Great resource on reentrancy by @pcaversaccio!!! .
github.com
A chronological and (hopefully) complete list of reentrancy attacks to date. - pcaversaccio/reentrancy-attacks
0
1
6
RT @WatcherGuru: JUST IN: 🇺🇸 Fed Chair Jerome Powell suggests current conditions 'may warrant' interest rate cuts.
0
4K
0
Don't get rekt by address poisoning. Scammers dust your wallet history with a fake address, hoping you get sloppy. 😵. Always check the full address before you send it!!!. Read more:
zeroshadow.io
In the ever-evolving world of cryptocurrencies, new threats and vulnerabilities emerge as the technology matures. One such threat that has gained attention in recent years is address poisoning. This...
1
0
6
The BRC20 Pinning Attack is a devastating exploit that can lock up BRC20 tokens and disrupt marketplaces on the Bitcoin network. A must-read paper for anyone defending Web3:
arxiv.org
BRC20 tokens are a type of non-fungible asset on the Bitcoin network. They allow users to embed customised content within Bitcoin's satoshis. The token frenzy reached a market size of US\$2.811\,b...
0
2
12
TIL:. Github actually has a tools that can scan repositories for potential secret leaks 👀👀👀.
docs.github.com
Let GitHub do the hard work of ensuring that tokens, private keys, and other code secrets are not exposed in your repository.
0
1
8
RT @hosseeb: On social media, anger looks powerful. It will get you views and follows. But in real life, anger burns out fast. It won't g….
0
7
0
Another tool for your arsenal! 🛠️. DevSecOps toolkit from @theredguild is a curated set of DevSecOps tools that all work together seamlessly in a minimal containerized environment. Check it out:
github.com
Curation of DevSecOps tools that all work together inside the minimum amount of containers. Just run make exec and read the How To! - theredguild/DevSecOps-toolkit
0
0
16
RT @ShieldifyMartin: Ultimate Vulnerability Checklist 🚀. All patterns are separated for different protocol types.
github.com
Primers for Specialist AI Smart Contract Auditors. Contribute to devdacian/ai-auditor-primers development by creating an account on GitHub.
0
13
0
Some classic ETH attacks carry over to SOL!!! . That and more discussed in this Solend Auditing Workshop ☀️🦀.
0
0
11
RT @ShieldifyMartin: Huff Puzzle Challenges 🚀. A progressive puzzle series that takes you from beginner to pro in Huff and EVM bytecode thr….
github.com
These exercises were created for our Advanced Solidity Bootcamp and open sourced. Learn EVM bytecode with the Huff Language. - RareSkills/huff-puzzles
0
5
0
RT @jeffsecurity: Sol-azy is a static analysis tool for the sol eco, allowing you to:. - reverse ⏪.- analyze 🧐. - poke at Solana programs 👈….
github.com
Sol-azy is a modular CLI toolchain for static analysis and reverse engineering of Solana sBPF programs - FuzzingLabs/sol-azy
0
8
0
RT @jeffsecurity: Schrödinger’s Transaction: 🐈⬛🧪. Until the block confirms, the exploit simultaneously exists in a superposition of “rekt”….
0
1
0
Schrödinger’s Transaction: 🐈⬛🧪. Until the block confirms, the exploit simultaneously exists in a superposition of “rekt” and “all good.”.
0
1
10
RT @ShieldifySec: Audit checklists🗒️. - Across.- Arbitrum.- Chainlink-CCIP.- LayerZeroV2.- Wormhole.
0
6
0
Sol-azy is a static analysis tool for the sol eco, allowing you to:. - reverse ⏪.- analyze 🧐. - poke at Solana programs 👈.
github.com
Sol-azy is a modular CLI toolchain for static analysis and reverse engineering of Solana sBPF programs - FuzzingLabs/sol-azy
1
8
58
