{"id":408,"date":"2026-01-01T17:36:00","date_gmt":"2026-01-01T17:36:00","guid":{"rendered":"http:\/\/www.wispwisp.com\/?p=408"},"modified":"2026-03-17T18:14:10","modified_gmt":"2026-03-17T18:14:10","slug":"links-to-my-recent-articles","status":"publish","type":"post","link":"https:\/\/www.wispwisp.com\/index.php\/2026\/01\/01\/links-to-my-recent-articles\/","title":{"rendered":"Links To My Recent Articles and Talk"},"content":{"rendered":"\n

Since joining CertiK<\/a> as a Security Engineer, my articles(write-ups, vulnerability analysis, etc) are now posted on CertiK’s website<\/a> and medium<\/a>. I also regularly attend conferences and meetups, where I present talks and share insights from my research and expertise.<\/p>\n\n\n\n

Talks<\/strong><\/h1>\n\n\n\n

Guest lectures on Web3 security for COMS 6998: Engineering Blockchain and Web3 Apps at Columbia University (Fall 2024 and Fall 2025)<\/strong><\/h3>\n\n\n\n

https:\/\/verigu.github.io\/6998Fall2024\/<\/a><\/p>\n\n\n\n

https:\/\/verigu.github.io\/6998Fall2025\/<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

DEFCON 32 AppSec Village: Web2 Meets Web3 – Hacking Decentralized Applications<\/strong><\/h3>\n\n\n\n

https:\/\/www.certik.com\/resources\/blog\/web2-meets-web3-hacking-decentralized-applications<\/a><\/p>\n\n\n\n

https:\/\/x.com\/wisp_fly\/status\/1822126402994671809<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

DEFCON 29 BlockChain Village:<\/strong> Evils in the DeFi world(Rugpulls and scams)<\/strong><\/h3>\n\n\n\n

https:\/\/docs.google.com\/presentation\/d\/1jg_OyIiqinmD1Sdd7Mja5RHtdKn_i1dGfSuv9uik2S4\/edit#slide=id.ge53a73c461_0_1094<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Security workshop with Binance Smart Chain: Understanding Security Risks in DeFi<\/strong><\/h3>\n\n\n\n

https:\/\/www.youtube.com\/watch?v=ErvOqJZB5lU&t=172s<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Security risks in DeFi(Guest speaker for the Blockchain Cyberdefense Design Challenge<\/a> at Columbia University)<\/strong><\/h3>\n\n\n\n

https:\/\/docs.google.com\/presentation\/d\/1x8iAy-Hind7wAiUkTWSe_FG9VpWPFOXAbiR2hIwNqzc\/edit?usp=sharing<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

DEFCON 28 BlockChain Village: Exploit Insecure Crypto Wallet<\/strong><\/h3>\n\n\n\n

https:\/\/www.youtube.com\/watch?v=oJaNiXVvE88<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Articles<\/strong><\/h1>\n\n\n\n

Web2 Meets Web3: Hacking Decentralized Applications<\/strong><\/h3>\n\n\n\n

https:\/\/www.certik.com\/resources\/blog\/web2-meets-web3-hacking-decentralized-applications<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Exploring the BRC-20 Token Standard: An Introduction<\/strong><\/h3>\n\n\n\n

https:\/\/www.certik.com\/resources\/blog\/39SZlEG2530iKwhA8Bcnfj-exploring-the-brc-20-token-standard-an-introduction<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

2022 Year in Review – Crypto Wallet Security Incidents<\/strong><\/h3>\n\n\n\n

https:\/\/www.certik.com\/resources\/blog\/01iz10lvnaAIcuNZ2zNJqA-2022-year-in-review-crypto-wallet-security-incidents<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

<\/p>\n\n\n\n

Upgradeable Proxy Contract Security Best Practices<\/strong><\/h3>\n\n\n\n

https:\/\/www.certik.com\/resources\/blog\/FnfYrOCsy3MG9s9gixfbJ-upgradeable-proxy-contract-security-best-practices<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Uranium Finance Exploit – Technical Analysis<\/strong><\/h3>\n\n\n\n

https:\/\/www.shentu.technology\/blog\/uranium-finance-exploit-technical-analysis<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Crypto Wallet Security Assessment Checklist<\/strong><\/h3>\n\n\n\n

https:\/\/certik-io.medium.com\/crypto-wallet-security-assessment-checklist-a977e3e80b99<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Blockchain explorer Denial-of-Service (DoS) attacks<\/strong><\/h3>\n\n\n\n

https:\/\/www.certik.com\/resources\/blog\/is-your-blockchain-safe-from-denial-of-service-dos-attacks<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

CVE-2020\u20135902 Analysis, F5 BIG-IP RCE vulnerability<\/strong><\/h3>\n\n\n\n

https:\/\/medium.com\/certik\/cve-2020-5902-analysis-f5-big-ip-rce-vulnerability-3a3ae6278128<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Bug bounty write up: remote code execution in Electron desktop crypto wallet.<\/strong><\/h3>\n\n\n\n

https:\/\/medium.com\/certik\/vulnerability-in-electron-based-application-unintentionally-giving-malicious-code-room-to-run-e2e1447d01b8<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Bancor smart contract vulnerability analysis<\/strong><\/h3>\n\n\n\n

https:\/\/medium.com\/certik\/bancor-bug-analysis-a-thousand-ways-to-die-smart-contract-function-call-error-d6303c09a7cc<\/a><\/p>\n\n\n\n

================================================================<\/p>\n\n\n\n

Exploit SSRF in Cors-Anywhere <\/strong><\/h3>\n\n\n\n

https:\/\/medium.com\/certik\/cors-anywhere-the-dangers-of-misconfigured-third-party-software-df232aae144c<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Since joining CertiK as a Security Engineer, my articles(write-ups, vulnerability analysis, etc) are now posted on CertiK’s website and medium. I also regularly attend conferences and meetups, where I present talks and share insights from my research and expertise. Talks Guest lectures on Web3 security for COMS 6998: Engineering Blockchain and Web3 Apps at Columbia […]<\/p>\n","protected":false},"author":1,"featured_media":685,"comment_status":"closed","ping_status":"open","sticky":true,"template":"","format":"standard","meta":[],"categories":[3],"tags":[],"_links":{"self":[{"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/posts\/408"}],"collection":[{"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/comments?post=408"}],"version-history":[{"count":36,"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/posts\/408\/revisions"}],"predecessor-version":[{"id":1254,"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/posts\/408\/revisions\/1254"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/media\/685"}],"wp:attachment":[{"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/media?parent=408"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/categories?post=408"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wispwisp.com\/index.php\/wp-json\/wp\/v2\/tags?post=408"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}