Hector Cuesta
@HectorCuesta"As our circle of knowledge expands, so does the circumference of darkness surrounding it" Security at @MoonPay. Formerly at @Sensepost.
Similar User
@0vercl0k
@K3vinLuSec
@oleavr
@HackingPatatas
@ukolodny
@marver
@idlefinance
@Sablier
@cesarcer
@dialluvioso_
@NourHaridy
@vfat0
@Qm9yamFN
@_Hykeos
@wasserpest
Hacking GTA V RP Servers Using Web Exploitation Techniques by @blastbots nullpt.rs/hacking-gta-se…
Gameboy cold wallet demo: seed phrase is generated by talking to an NPC using a hash of your previous 500 button presses as you walk around and do quests.
I wrote something on the @ExodusIntel blog 🙂 blog.exodusintel.com/2023/05/16/goo…
We are now sharing the technical write-up of the vulnerability in @bnbchain that @_fel1x (a security researcher at @jump_) discovered and responsibly disclosed earlier this week: jumpcrypto.com/helping-secure…
Did you read all of the post-mortems of 2022? Well, I did it for you and tried to boil it down into a single article. Made for web3 auditors and bug hunters. No SEO/marketing bs, just one giant blogpost for you to review at your own pace. Merry christmas! ventral.digital/posts/2022/12/…
Thread: How thousands of Slope wallets were hacked and how other wallets can avoid this 👇
In one of our recent engagements with a customer, we were asked to audit some code which depended on BokkyPooBah's DateTime library. The contract calculates the day of the month from block.timestamp, and it does this to ensure an operation happens only up to once a month.
A story about bad compilers, the sad state of ETH contracts RE tooling, and a potential vuln on @optimismPBC To be clear, they were never vulnerable. In short, anyone can submit L2 transactions from eth mainnet by calling enqueue() on the CanonicalTransactionChain contract. 1/?
Want to learn how to hack smart contracts? We're excited to release our introduction to Solana (from an auditor's perspective)! osec.io/blog/tutorials…
Are you a CodeQl/Joern user? I wrote a quick blog post where I compare the usability of these two tools and show some use cases. Check it out! elmanto.github.io/posts/sast_der…
Last week, I discovered (and reported) a critical bug (which has been fully patched) in @optimismPBC (a "layer 2 scaling solution" for Ethereum) that would have allowed an attacker to print arbitrary quantity of tokens, for which I won a $2,000,042 bounty. saurik.com/optimism.html
How did the @wormholecrypto exploit work? I joined forces with @gf_256 and @ret2jazzy to reverse engineer the exploit, and now that it's been patched we can finally share it with you👇
I've been playing around with Cairo, and came across a nice new foot-gun/ bug class. tl;dr Stay safe and use memory-safe functions such as update_dict()
Boom! We're thrilled to announce our $555M Series A, valuing us at $3.4B! 🦄💥 A 🧵 on the raise…
Curious about exploiting #Microsoft #ActiveDirectory? @slazar0 & @xpirabit will teach you how to obtain a foothold, perform recon, escalate privs, achieve #Windows auth, target #Kerberos, and more! Register for this class at #CATCH2022 ⚡ ringzer0.training/active-directo…
What would you do if you found an 0day in @etherscan? I decided to build a pinball machine. paradigm.xyz/2021/11/hiding…
Do you like mobile security and cryptos? My team at @MoonPayHQ is looking for Product Security Engineers with experience securing mobile applications to join us helping developers deliver secure products at scale! More info at boards.greenhouse.io/moonpay/jobs/4… RTs are welcome 🙏🏻
Wrote some words on my recent experience with burnout. I was burnt out. Everyone else is too. We're about to have a moment. mayakaczorowski.com/blogs/burnout
I published an article about remote code execution in cdnjs that could allow tampering of 12.7% of all websites on the internet. blog.ryotak.me/post/cdnjs-rem…
United States Trends
- 1. Spotify 2,01 Mn posts
- 2. $TOAD 4.449 posts
- 3. Pete 818 B posts
- 4. $PHNIX 5.944 posts
- 5. Brian Thompson 114 B posts
- 6. Newcastle 49,4 B posts
- 7. CEOs 19,7 B posts
- 8. Mo Salah 21,7 B posts
- 9. Isak 21,1 B posts
- 10. United Healthcare 83,7 B posts
- 11. Nunez 24 B posts
- 12. Apple Music 222 B posts
- 13. Diontae Johnson 3.579 posts
- 14. #NEWLIV 23,5 B posts
- 15. Quansah 7.834 posts
- 16. NASA 79,5 B posts
- 17. Subsonic 4.216 posts
- 18. ACLU 46,5 B posts
- 19. Chipotle 7.604 posts
- 20. Citibike 5.107 posts
Who to follow
-
Axel Souchet
@0vercl0k -
KevinLu
@K3vinLuSec -
Ole André V. Ravnås
@oleavr -
Jesús 🍟
@HackingPatatas -
Uri Kolodny
@ukolodny -
Markus Vervier
@marver -
Idle DAO
@idlefinance -
Sablier
@Sablier -
Cesar Cerrudo
@cesarcer -
Manuel Blanco
@dialluvioso_ -
nour
@NourHaridy -
vf.at
@vfat0 -
Borja Martínez
@Qm9yamFN -
Eduardo Arriols
@_Hykeos -
maru.eth
@wasserpest
Something went wrong.
Something went wrong.