Since joining CertiK as a Security Engineer, my articles(write-ups, vulnerability analysis, etc) are now posted on CertiK’s website and medium. I also regularly attend conferences and meetups, where I present talks and share insights from my research and expertise.
Talks
DEFCON 32 AppSec Village: Web2 Meets Web3 – Hacking Decentralized Applications
https://www.certik.com/resources/blog/web2-meets-web3-hacking-decentralized-applications
https://x.com/wisp_fly/status/1822126402994671809
================================================================
DEFCON 29 BlockChain Village: Evils in the DeFi world(Rugpulls and scams)
================================================================
Security workshop with Binance Smart Chain: Understanding Security Risks in DeFi
https://www.youtube.com/watch?v=ErvOqJZB5lU&t=172s
================================================================
Security risks in DeFi(Guest speaker for the Blockchain Cyberdefense Design Challenge at Columbia University)
https://docs.google.com/presentation/d/1x8iAy-Hind7wAiUkTWSe_FG9VpWPFOXAbiR2hIwNqzc/edit?usp=sharing
================================================================
DEFCON 28 BlockChain Village: Exploit Insecure Crypto Wallet
https://www.youtube.com/watch?v=oJaNiXVvE88
================================================================
Articles
Web2 Meets Web3: Hacking Decentralized Applications
https://www.certik.com/resources/blog/web2-meets-web3-hacking-decentralized-applications
================================================================
Exploring the BRC-20 Token Standard: An Introduction
================================================================
2022 Year in Review – Crypto Wallet Security Incidents
================================================================
Upgradeable Proxy Contract Security Best Practices
================================================================
Uranium Finance Exploit – Technical Analysis
https://www.shentu.technology/blog/uranium-finance-exploit-technical-analysis
================================================================
Crypto Wallet Security Assessment Checklist
https://certik-io.medium.com/crypto-wallet-security-assessment-checklist-a977e3e80b99
================================================================
Blockchain explorer Denial-of-Service (DoS) attacks
https://www.certik.com/resources/blog/is-your-blockchain-safe-from-denial-of-service-dos-attacks
================================================================
CVE-2020–5902 Analysis, F5 BIG-IP RCE vulnerability
https://medium.com/certik/cve-2020-5902-analysis-f5-big-ip-rce-vulnerability-3a3ae6278128
================================================================
Bug bounty write up: remote code execution in Electron desktop crypto wallet.
================================================================
Bancor smart contract vulnerability analysis
================================================================