0xFelconsec

209 posts

0xFelconsec banner
0xFelconsec

0xFelconsec

@FelconSecs

Smart Contract & Web3 Auditor | Safeguard your blockchain projects with expert, bulletproof audits.

Mars 加入时间 Kasım 2024
714 关注49 粉丝
置顶推文
0xFelconsec
0xFelconsec@FelconSecs·
WHO can call this? → WHAT if this is zero? → CAN this be recursive? → WHERE does this price come from? → CAN I do this in one tx? → WHAT if order is reversed? → IS this fresh or stale? → CAN I grief this?
0xFelconsec tweet media0xFelconsec tweet media
English
0
0
0
19
Pashov Audit Group
Pashov Audit Group@PashovAuditGrp·
JUST IN: Erling Haaland joins Pashov AI Group as Member of Technical Staff, effective immediately
Pashov Audit Group tweet media
English
13
2
136
4.7K
0xFelconsec 已转推
pashov
pashov@pashov·
I started in web3 security by doing code4rena contests in 2022. I made $46.04 on my first one (Nibbl). Got lucky on the second one and made $926.63 (Illuminate) with ~6hrs of focused work. I was hooked. I was already making close to $200k/yr base pay in my full-time job, and this was even better ROI on my time, insane. A few months into this, I won my first contest. A Champion. 1st place, everyone else was behind me. Still, it was a small contest, made only $3561.22 (VTVL). This taught me that everything is possible in this space. I started doing all contests and posted about it on X, then it found me - someone reached out to do an audit for him. "A solo audit?" I said - he nodded. $600 for 6 hours of work - DEAL. After this, in a week I got another solo audit for $1500, which took me ~10hrs - even better. Felt awesome. I later got invited to work with OakSecurity and got paid $3000. I felt rich now. Here I was all-in, spending all my awake time to study and learn, speak to other people, analyse opportunities, I wanted to grow and be better. Was finding more and more vulnerabilities. Now, I joined Spearbit as an Associate Security Researcher position which I was proud of, with an advertised weekly rate of $6250. I don't think I ever ACTUALLY got paid that, but on paper, it looked cool. More solo audits followed - got my first 5 figure deals and it was pure profit. I had a good stream of clients. It was a business. This is ~February 2024. In the end of the year I launched a full-blown web3 security company, Pashov Audit Group. It was really about doing MORE of the good work, for more web3 projects. In 2.5yrs we did 500 audits so I guess that's that... The big lesson in here is that you can start small, very small. Again, $46.04 dollars. I kept going. Added lots of zeroes to that number. Spoke to the right people and teamed up with them. Ignored the naysayers, kept going. I really kept going, still going. Your time to decide now - will you keep going, or will you quit? Choose wisely🙏
English
50
44
587
17.9K
0xFelconsec 已转推
pashov
pashov@pashov·
pashov/skills v3 with the results on a security contest from a year ago. Most AI Skills will never reach recall as high as this. People will see this and still won't use the free skills, then get hacked with an insanely stupid vulnerability. You can't save them all I guess...
pashov tweet media
English
10
5
181
10.2K
0xFelconsec 已转推
pashov
pashov@pashov·
Most people's security strategy is wrong. Speak to me on Telegram @ pashovkrum about yours. Btw, we are giving away 50 (yes, 50) monthly Claude Pro/GPT Plus plans to people who RT the main post and tag a fellow web3 developer below. Good luck, results on Monday🫡
pashov tweet media
English
9
6
48
3.4K
pashov
pashov@pashov·
🤯An AI security tool has 1st-place performance on security contests from just 1yr ago. Solidity-auditor v3 is out, FREE & Open Source. Thousands of Solidity developers are using the tool already. Upgrade your security baseline, use the tool🫡 pashov.com/solidity-audit…
pashov tweet media
English
96
124
503
44.4K
0xFelconsec 已转推
pashov
pashov@pashov·
Lately, even though we see multi-million dollar exploits on a daily basis, it seems whitehats still get mistreated constantly I wish projects learn once and for all that security truly is worth it. Budget smartly, make sure to buy security, not just hours of work. Stay safe🫡
English
7
5
94
3.2K
0xFelconsec 已转推
0xFelconsec
0xFelconsec@FelconSecs·
Exploit Chains Mythos Strategies... #Web3‌‌
0xFelconsec tweet media
Français
0
1
1
115
0xFelconsec 已转推
0xFelconsec
0xFelconsec@FelconSecs·
Exploit Chains 2: Social Engineering & Admin Function Abuse. When auditing , please do a complete REKT test... don't leave any stone unturned
0xFelconsec tweet media
English
0
1
1
134
0xFelconsec
0xFelconsec@FelconSecs·
Exploit Chain 3: Mempool Monitoring & Front-Running Strategy Mythos When auditing , please do a complete REKT test... don't leave any stone unturned ...
0xFelconsec tweet media
English
1
1
1
238
0xFelconsec 已转推
Pashov Audit Group
Pashov Audit Group@PashovAuditGrp·
We have been innovating, doing things differently and finding endless High severity vulnerabilities, working with tens (if not hundreds) of talented security researchers. Now is the smartest time to be part of our community. Many people got great opportunities already. Join us🫡
English
6
2
58
2.5K
0xFelconsec
0xFelconsec@FelconSecs·
@MitchellAmador And your point? I mean isn't it what you do for a living, get hunters to submit reports? Then it mustn't be AI reported, but yet AI assisted hacks takes place every second! Soon AI will replace platforms like yours. And they won't charge a fee, totally free. Rethink your Ops.
English
0
0
1
112
Specter
Specter@SpecterAnalyst·
It appears the @gravity_bridge bridge contract key may have been compromised, resulting in the theft of $5.4M. The attacker drained the following assets: USDC: $4.3M WETH: 274 ETH (~$553K) USDT: $434K $PAYG: $64K Theft addresses: 0x7B582033061b96cC3F9421e73a749ED7C62da1F9 0x4d3ca32e687e871a58b78AcAc73bE59AC37C7A47 Stay smart.
Specter tweet media
English
17
20
115
48.2K
0xFelconsec 已转推
SunSec
SunSec@1nf0s3cpt·
Got an idea for Web3 security but need AI credits? 🔥DeFiHackLabs AI Credits Initiative is now open. We’re supporting builders and white hats using AI to create security public goods. Apply 👇
SunSec tweet media
English
2
7
24
1.5K
0xFelconsec 已转推
TenArmorAlert
TenArmorAlert@TenArmorAlert·
🚨TenArmor Security Alert🚨 Our system has detected a suspicious attack involving #Legendary MON NFT on #BSC, resulting in an approximately loss of $85.5K. Attack transaction: bscscan.com/tx/0x15c835c07… With TenArmor’s TenMonitor, you get early detection and automated response to on-chain attacks. Need protection? Reach out anytime! #TenArmorAlert #TenArmor
TenArmorAlert tweet mediaTenArmorAlert tweet media
English
0
4
16
9.8K