Olivia
Online
DLITE
@Dlite_official
Security Researcher ๐ป
Global
Joined July 2019
628 Following
431 Followers
1.7K Posts
ย Pinned Tweet
Big Ups to @PashovAuditGrp for organizing this amazing program. I definitely learnt a lot.
Highlights: the audits I participated in and the people I got to work with.
Amazing amazing experience ๐๐
You're going to waste the summer.
Not because you're lazy.
Because summer makes losing momentum feel harmless. And by the time September shows up, "I'll lock in soon" has already cost you 3 months of your life.
This summer, use it.
Today, we're launching SR Summer ๐๏ธ๐ป
A challenge for security researchers who want to spend this summer turning their skills into actual money.
The goal is not just to tell you to "hunt harder." It's to help you get better at the parts of security research that actually affect your results.
Which programs should you spend time on?
How do you choose targets with a higher chance of meaningful findings?
How do you structure your research process?
How can AI help you move faster?
How do you write reports that are easier to review, and more likely to communicate impact clearly?
That is what SR Summer is about.
The full breakdown is below.
Don't read it in September.
@IOsayimwense This is a good piece. Keep it up, brother
@infosec_us_team Works now. I didn't initialize my Etherscan Api Key yet
@infosec_us_team amazing stuff @infosec_us_team.
I tried using the tool, but I keep getting hit with "POST /generate HTTP/1.1" 500 error.
Following the process as highlighted in the readMe
The Pareto Principle hits hard in Web3 auditing:
-80% of findings are found with 20% of the effort.
-The final 20% of findings demand 80% of the effort.
-Yet, those few, deep bugs can make up 100% of the critical prize pot.
Don't settle for the low-hanging fruit. Dig deeper. โ๏ธ
"Youโre absolutely right โ that was an infinite mint. My mistake."
Auditing methods I've tested:
- Top to bottom (and reverse)
- Small contracts first (and reverse)
- User flows
- Internal first
- Fast read everything and go deep
- Go deep and slow
- Start where you like (for the crazy ones)
And from all of these tests I've came to the conclusion that it doesn't really matter.
Whatever you pick it will have little to no effect on your auditing as long as you do the basics.
The only exception are user flows, which are a must to do a least once on an audit xD
Here is a very simple Alfa that could 10x the earnings of any person struggling in Web3 Security Competitions:
Before even auditing the code, understand the code so deeply such that you are able to implement it from scratch if needed.
Resist any urge to analyze any part of the code even if you sense any potentially vulnerable code and reserve the analysis for the post understanding phase.
On the evening of November 20th, RareSkills will launch...
Ultimate Security Games
Live in Argentina.
Smart contract hacking + esports = Ultimate Security Games
The hackers will share their screens live, so you'll see their thought process and strategy as they break the contracts. If the terminal looks a little scary, no worries, @Jeyffre will explain what is happening in understandable terms.
The contracts will be hosted on @monad (which-net? can't say yet!).
We'd also like to thank @sigp_io and @immunefi for making the event possible.
Over the next few days we'll more details about the rules, teams and more. Watch this space...
Sign up in the Luma next!
I just took a leap now and submitted an application to @cantinaxyz for their Fellowship Program (Apprentice). Hopefully, I am considered.
Fingers crossed ๐ค
To this day, just by pure hard work and persistence, you can make it in web3 & crypto, especially in web3 security.
If you are reading this, this is your chance to focus, get back on track, and do the work you know you MUST do๐ซก
One of the privileges of working as a security researcher is that you don't have to do interviews before you get to work with protocols. Your skills and results speak for themselves
them fajitas be sizzling
Itโs all gonna be worth it in the end. Keep grinding!
I relate with this so much. I constantly have to remind myself to press further and never be satisfied.
Once you start finding bugs, you need to put even more effort.
Don't be satisfied with small wins.
The snowball effect is a real thing in auditing and if you stop or slow down, you are literally taking steps back.
I made this mistake in the beginning and regretted it deeply.
I guess you did. I just finished the course and the new module wasnt a part of it
Wait, I found some new articles at https://t.co/kKIjrR7aRR
๐I found it before official announcement?
Nobody is good at the start.
Nobody is bad after 10,000 attempts.
Nobody is good at the start.
Nobody is bad after 10,000 attempts.
Last Seen Users on Sotwe
Yunus Sert
Seen from Poland
suka colii
Seen from Singapore
Altyazฤฑlฤฑ Tรผrk ฤฐfลa
Seen from Austria
lagi enak
Seen from Indonesia
faislabadi
Seen from Pakistan
tรผrbanlฤฑ sex
Seen from Germany
yassen โค๏ธ
Seen from Austria
Afrodita Fans +18
Seen from United States
๐คซ
Seen from Vietnam
Abuelas calientes
Seen from Netherlands
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.4M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.1M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers