stan

Bad auditors miss obvious bugs. We built an AI tool that finds them. Introducing V12: the only autonomous Solidity auditor that actually finds Highs and Criticals. We'll be releasing it for free. V12 finds Crits in Zellic audits, High/Mediums in Cantina, and a bug in Pendle.

Code4rena will run audit contests for free, as public goods. 100% of funds from sponsors will go directly to auditors and judges. We won't take any cut. Why? 1. Competitions are commodities. They're CRUD apps. Why should builders pay premium for a website just to submit bugs? Especially smaller teams without VC funding. 2. Everyone deserves competitions. We tell all our clients to get a competition after their audit. That's because competitions simulate real world conditions, where there's thousands of eyes on a protocol. We want to make competitions as affordable as possible so everyone can get one. 3. It benefits our wardens. In 2021, we invented the competition format. We're still the platform with the largest auditor pool (10,000+ registered). Not only should builders have access to the best security talent, we believe auditors should have opportunities to work with great projects. Opening up our platform benefits our wardens. How will you afford this? Zellic is a profitable business. We make money doing traditional private audits through Zellic and Zenith. This benefits us because: (1) our clients are more secure after they run contests, and (2) Code4rena is a talent pipeline for Zenith. Will you stop maintaining the platform? Of course not. Since we acquired Code4rena, we've shipped several features and have several more already underway. C4 has a dedicated dev team that we're fully committed to. Besides, many of our clients at Zellic use C4. We're incentivized to make sure the platform works well. It's just that now we're allowing everyone to benefit from our investments in Code4rena. In conclusion: Run a contest on Code4rena! We won't take a cut, your prizes will go directly to wardens and judges. For full details, check out our blog post here: zellic.io/blog/code4rena…

Zellic is proud to serve as a whitelisted security provider joining the @UniswapFND Security Fund! We're excited to provide support for the teams building on Uniswap v4 to help them launch secure, innovative projects.

@rectcoordsys 없어요

내 실험 결과 어디감

Just completed my 10th audit as a contractor @zellic_io and these are my top favourite things about this place: 1. They have a diverse and deep talent pool. World top Web security, Cosmos, Rust, Golang, MOVE. They have experts in every direction I want to move into (pun definitely unintended). 2. I still get to be independent, get my own clients, work with other teams. This keeps me fresh, accountable, and at the top of my game. 3. Every time I have asked for a specific type of contract, it magically shows up in my schedule. These past 4 months I've done countless bridges (EVM, OP, Cosmos), Client implementations in rust, governance, staking, etc. Keen to see what they throw at me next!

Finally figured out why I've never won a slot game during DEFCON..

Ethereum watching Bitcoiners build L2s

@munsiwoo @_lauritz_ awesome!

@_lauritz_ there's another interesting trick here 😇 ```html <script> let a = '<!--<script>'; alert(a); // not work </script> <script> alert(2); // not work </script> ``` this behavior is also valid for backtick and double quote.

TIL: HTML comments work as single-line-comments in JavaScript context 🤯 <script> <!-- test --> alert(1); alert(2); </script> Only alert(2) is executed. #HTML #LegacyStuff #XSS

@rectcoordsys 달다 ㅋㅋ

ㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅋㅅㅂ

We HypeBoy topped Plaid CTF 2024! 👑 @_Reinose_en @justlikebono @munsiwoo @real_as3617 @mhibio_ptw @howdays1 @stanzz @soo_sudo @n1net4il @1nteger_c @c2w2m2 @pr0cf51 @cmy981224 @csapp3e ironore15 G0RiYa Thanks to the great support from dakuo & hellsonic

Boom! Seunghyun Lee (@0x10n) of KAIST Hacking Lab was able to successfully demonstrate his exploit of #Google Chrome. He's off to the disclosure call to provide us all the details before we bring in the Google team for disclosure. #Pwn2Own #P2OVancouver

@_seokchan_yoon 잇쇼니 오사케 노무까;

3月28日から4月1日まで東京に行きます。私はウェブハッキングをしていて、韓国のCTFにも多く参加しました。最近日本語の勉強をしているので、少し日本語が話せるようになりました。ため、日本のハッカーの方々と話をしたいと思います。来月、東京で30分ぐらいコーヒーを飲みながら話しする方いますか？

@c0m0r1 youtu.be/TnlPtaPxXfc?si…

- Birthday - Alone in dorm - Need to work - Bad condition (maybe a food poisoning) What a life

Apparently, you can now embed any image (or GIF) in your Steam nickname and it’ll show up in the CS2 kick voting menu 🔥 After a few tries, our admin was able to use some random GIF with @s1mpleO as his nickname 😭💀

@paypayp4y 허경영 : payload요

허경영

@c0m0r1 부자의 삶

Update - We received a generous $67,837 in bounties from kernelCTF program, and have been selected speakers for POC2023 conference to share our experience! Stay tuned for our (hopefully) rich and insightful talk!

[POC2023] - SPEAKER UPDATE1⃣2️⃣ 💁‍♂️ @c0m0r1, @Xion One shot, Triple kill: Pwning all three Google kernelCTF instances with a single 1-day Linux vulnerability #POC2023

@sosl3py 윈도우 노트북은 언젠간 사야될거같음 요즘 exe 나오면 죽을거같애

@tonix0114 저 숨 참아욧

@lolzareverser @ShuntIsReal @rajxnull @offsectraining @jinmo123 @c2w2m2 @c2w2m2 zzzzzzzzzzzzzzzzzzzzzz