/awesome_posterm

Rep for awesome vulnerability posterm

Awesome vulnerability posterms && audit && mev resources

vulnerability posterms

polygon zkevm dos

https://twitter.com/0xiczc/status/1662090504660725760

Aztec zkevm double-spend

https://twitter.com/aztecnetwork/status/1453773879898378241

kyber swap liquidity drain

https://100proof.org/kyberswap-post-mortem.html

notional ntoken redemption bug

https://blog.notional.finance/ntoken-redemption-bug-post-mortem/

yearn pricePerShare manipulation

https://github.com/yearn/yearn-security/blob/master/disclosures/2021-10-27.md

Immunefi-bug-bounty-writeups-list

https://github.com/sayan011/Immunefi-bug-bounty-writeups-list

2022 top 10 hacking techniques

https://blog.openzeppelin.com/final-results-blockchain-hacking-techniques-of-2022-top-10?utm_campaign=2022_Top10_Hacking

awesome blogs

https://www.trust-security.xyz/

https://medium.com/@nnez

https://hacxyk.com/

https://cmichel.io/

https://twitter.com/AshiqAmien

http://www.rileyholterhus.com/

https://defihacklabs.substack.com/

https://ashiq.co.za/tabs/research/

https://iosiro.com/blog

https://cmichel.io/

https://www.coinspect.com/

https://mixbytes.io/blog/overview-of-the-inflation-attack (ERC4626 inflation attack)

https://zachobront.com/

https://www.rareskills.io/post/solidity-gasleft

https://medium.com/@0kage

https://stermi.xyz/

https://www.halborn.com/reports/top-hacks/halborn_top_50_defi_hacks_2016_2022.pdf

https://mirror.xyz/0x333247F2e126954ed6428e9135Ae9dE06A76BA32

https://github.com/OpenCoreCH/smart-contract-auditing-heuristics?utm_source=substack&utm_medium=email

vulnerable contract replay

https://github.com/coinspect/learn-evm-attacks

https://github.com/SunWeb3Sec/DeFiHackLabs

audit

code4rena audit books

https://github.com/aviggiano/theauditorbook

https://code4rena.com/contests

https://github.com/orgs/code-423n4/repositories?q=&type=all&language=&sort=

https://github.com/orgs/sherlock-audit/repositories?type=all

https://github.com/zobront/audits/blob/main/reports/sablier-1.pdf

lending && borrowing attacker vector

https://dacian.me/lending-borrowing-defi-attacks

Defi slippage attacks

https://dacian.me/defi-slippage-attacks

Solo audit report

https://github.com/pashov/audits

https://github.com/0xNazgul/Blockchain-Security-Audit-List

mev

https://twitter.com/EigenPhi/status/1662488947346538497

EIP standard issues

ERC20

https://github.com/d-xo/weird-erc20#no-revert-on-failure

ERC4337

https://medium.com/oak-security/a-deep-dive-into-the-main-components-of-erc-4337-account-abstraction-using-alt-mempool-part-1-3a1ed1bd3a9b

multichain diff

https://github.com/0xJuancito/multichain-auditor#modified-opcodes

fuzz test

https://twitter.com/zachobront/status/1679542288458866692

Automation code static analysis tool

https://github.com/Picodes/4naly3er

zkp

https://twitter.com/SpearbitDAO/status/1699800472448835776

https://www.youtube.com/playlist?list=PLS01nW3Rtgor_yJmQsGBZAg5XM4TSGpPs

Blockchain & DLT

https://hackenproof.com/blog/for-hackers/near-rewards-1-8-million-to-ethical-hackers-at-hackenproof