11251
• Articles: @officercia • Blog: officercia.mirror.xyz • X: x.com/officer_cia • Chat: t.me/+C6RfnbB33AYzNGIy
🧢 Want Glider Eth Mainnet access? Here's a little shortcut for you 👆
The GLD-1 Contest starts tomorrow and will be held on our Discord - join now to participate.
Take a peek at our glider-resources channel to brush up on your Glide writing skills 👀
Also mint my articles via Mirror!
• https://officercia.mirror.xyz
#offtopic
We interviewed @tpiliposian as part of our interview series "Interviews with your favorite whitehats" 🧢
Again, we asked him 6 questions ranging from how spends his typical day as a security researcher to who would be on his dream team 👀
Head over to our Discord to read the full interview and ask some follow up questions 🫡
A couple simple tips won't hurt your OpSec, please save this post!
Please support my work on OpSec & privacy. I am not a whale at all (feel free to cross-verify) and need your support.
The best thing is to support me directly by donating to any address from the list below:0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A
or officercia.eth — Ethereum & L2s;17Ydx9m7vrhnx4XjZPuGPMqrhw3sDviNTU or bc1q75zgp5jurtm96nltt9c9kzjnrt33uylr8uvdds or bc1p378ghr5k40tm2tw40m4lu4a680m8cfpqd7m6utx5d6p28e5xvnpsqs9f86 - Bitcoin;0zk1qydq9pg9m5x9qpa7ecp3gjauczjcg52t9z0zk7hsegq8yzq5f35q3rv7j6fe3z53l7za0lc7yx9nr08pj83q0gjv4kkpkfzsdwx4gunl0pmr3q8dj82eudk5d5v - Railgun;TYWJoRenGB9JFD2QsdPSdrJtaT6CDoFQBN - TRX;
My XMR address (in case someone wanted to tip me): 4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds
You can also support me by minting one of my Mirror articles NFTs or just DM me in Telegram for address! Thank you very much! ❤️
#offtopic
Date: 2024-09-19
Bug bounty program was added to Remedy:
Tokemak
Btw mentioned it here.
Link: https://officercia.mirror.xyz/pJSR4RwyOV_elzP8ymn3Ckn-Mat9s5sKE5Mqdmol06Y
#opsec #security
Re: explosive phones/batteries.
• https://x.com/officer_cia/status/1836426655482405081?s
#opsec #security
If you're heading to Singapore for TOKEN2049, join Hexens' CTO, @kemmio, on 17th of September for a panel discussion at Multichain Day, where we'll be talking all things Web3 tooling!
Читать полностью…
Dear subscribers, due to health issues I have to cancel today's audio room. Please forgive me and stay tuned for updates.
I’ll post content for it under this thread ⬇️
• x.com/officer_cia/status/1834658599614005531
#opsec #security
Join us in 5 minutes for Twitter spaces on Cross Chain Communication with Hexens, Sei, Tokemak, Union and Fuel.
Читать полностью…
Set your reminders!
• https://twitter.com/i/spaces/1RDxlyplOzqKL
#lecture #opsec
Key takeaways:
1. This type of virus is called RAT (Remote Access Trojan).
2. The infection occurs through the installation of a fake application. To do this, you need to at least click on the fake link and download the application.
3. There is no indication that Apple devices are vulnerable to this attack other than a screenshot provided by the company.
4. All known victims were using Android.
5. It's basically just a RAT with increased functionality. Nothing new there.
Source: x.com/the_smart_ape/status/1833437549643370795
I'll look forward to more info! It's strange that the article mentions Group-IB, although they have long been renamed to F.A.C.C.T..
Anyway, turn on lockdown on your iPhone, don't download random stuff and keep your phrase as intended - on a piece of paper!
My answer: x.com/officer_cia/status/1833592697137074582
Stay safe!
#opsec #security #android
Announcing the lecture series!
• https://x.com/officer_cia/status/1833364140691247523
Schedule to be posted ASAP*
#offtopic
Join us this Thursday (September 12th) for an insightful X spaces with Tokemak, Fuel and Union to learn more about cross-chain communication.
Set Your Reminders!
Interesting 🌚
officercia.mirror.xyz/1XgiSTo2QKTi2bow7B6IF3nTB9K-_k4eBBl79sqmZFs
🧢 Want to learn Glider? Check out this tutorial on 'functions'.
We'll be sharing more soon - join our Discord to know when new tutorials go up!
🚨 Did you catch the latest news about R.xyz?
We have a redesigned Remedy! Bringing you a community of Web3 security researchers.
We've brought exceptional technologies to you for free and🔥
Here's everything you need to know:
🚀 Glider - Scan the entire blockchain for bugs in less than 30 seconds.
This is first of its kind security solution used by the biggest enterprises, brought to the researchers' community for free.
🧢 Bug bounties - with the highest-quality triage in the market.
This is the most unique platform powered by Zero Knowledge Proof of Duplicates, which adds an additional layer of protection for researchers.
💊 Engram - Coming very soon... 👀
Check this thread for more info and join our Discord Community to be the first to know about the latest updates 🙌 We'll be sharing more soon 🫡
I'm currently writing a book (and also preparing several works) about my life and the presence of security in it. I would be glad to have your help. Thank you. 🙏
#offtopic
🧢 New Bug Bounty Alert 🧢
@TokemakXYZ's Autopilot, a decentralized liquidity management protocol that optimizes liquidity provision across DEXs, enabling more efficient capital deployment, has launched its bug bounty program on R.xyz!
Explore the new opportunity and claim a reward up to $250,000 🚀👉 Join our Discord to stay updated on new bug bounties!
Happy Hunting🪲
Try our glider tool! It’s worth it, I promise 👀
• https://x.com/_Parsely_/status/1836395286937190822?s
#audit #security
Is it possible to remotely make the battery light up? Yes.
Will it cause an explosion? No.
An explosion is caused by the fact that the device contains an explosive substance that can be detonated by heating the battery. Which in turn usually only results in a fire.
Read more: https://officercia.mirror.xyz/GX0LvoKDcC12ACXzhT3F_3PVRSfEyhE8cJYMZnoia9U
#security #opsec
Glider - Scan the entire blockchain for bugs in less than 30 seconds.
This is first of its kind security solution used by the biggest enterprises, brought to the researchers' community for free!
• x.com/xyz_remedy/status/1835705209269432489
#audit #security
Use this list of fantastic telegram channels I've put together in order to discover them as your own personal Web3-Google!
Feel free to use this folder to onboard your non-web3 friends to Web3, as the majority of the channels are maintained by independent researchers. There are also additional channels for news, CT reviews, and more!
A small tip to subscribooors: if you find a channel interesting, move it out of the folder into your main list of chats. That way you’ll view content you’re interested in more often, and channels get more views instead of just subscribers!
My own room starts in 7 hours!
See you there fam!
Currently someone is withdrawing tokens and swapping for ETH.
Multiple addresses drained, but not all tokens drained. Looks strange. Anyone knows what is happening?
16 million $ gone so far!
Thread: https://x.com/officer_cia/status/1833626322226319624?s=46
#security #alert
🚨 Ready to Hunt Bugs on Ethereum Mainnet? 🚨
Join us TODAY at 4:30 PM CET for an exclusive R.xyz Livestream!
Watch our expert team in action as they showcase mastering Glider. We’ll show you how to craft powerful Glides and catch vulnerabilities live on Ethereum Mainnet.
Don’t miss this chance to level up your skills and witness real-time exploits in Web3. Join our Discord for event details!
iPhone Crypto Safety Checklist ⬇️
• https://x.com/officer_cia/status/1833597754914050538?12
#opsec #security #ios
https://docs.google.com/spreadsheets/d/1-UlA4-tslROBDS9IqHalWVztqZo7uxlCeKPQ-8uoFOU/edit#gid=0
Читать полностью…
Some of the useful tools from my list:
-Fork checker
https://forkchecker.hashex.org/
-Diff between chains
https://www.evmdiff.com
Github:
-Search across a half million git repos
https://grep.app/
https://sourcegraph.com
CLI:
https://book.getfoundry.sh/reference/cast/cast
ABI:
https://openchain.xyz/tools/abi
https://emn178.github.io/online-tools/keccak_256.html
https://www.4byte.directory/
Code viewers:
deth.net
https://bytegraph.xyz/
github1s.com (github.com->github1s.com) allows to read GitHub repos in a better view
More:
https://telegra.ph/Rare-Tools-For-Audits-03-25
https://mirror.xyz/leosagan.eth/eF4m7u3DlWhqvUqz6DiZ_YevcWViCWPxO-JYfsJiulM
Читать полностью…