Davide Cioccia - Hackable.sol: Smart Contract Hacking in Solidity $1,750 (Early $1,550)

Name of Training:

Hackable.sol: Smart Contract Hacking in Solidity

Description:

Identify vulnerabilities in Smart Contracts written in Solidity

Training description:

A 2-day full hands-on training where you will learn how to identify vulnerabilities in Smart Contracts written in Solidity. During the course, we will go over 12 labs inspired by the major hacks that saw companies lose millions of dollars, implement Smart Contracts, but also perform security reviews and detect security flaws using manual analysis and automated tools.

Some of the scenarios we will go through:

The list below contains some of the vulnerabilities that we will identify and fix in the labs:

• Any user can cash out the money from the smart contract
• Users can buy the subscription also with any wei amount
• Any user can check the amount of money stored in the contract address
• Reentrancy vulnerability
• Block Timestamp Manipulation Vulnerability
• Tx.origin: Authorization bypass
• Integer Overflow and Underflow
• BatchTransfer Overflow (CVE-2018–10299)
• Unprotected SELFDESTRUCT
• DelegateCall vulnerabilities
• ....more

Trainer(s) bio:

Davide Cioccia is the founder of dcodx, a cybersecurity firm focusing on bridging the gap between development and security, working together with development teams to create and promote the DevSecOps security culture.

He is one of the first contributors to the OWASP Mobile Security Testing Guide and member of the SANS advisory board and Chapter Lead of DevSecCon Netherlands. He is also a speaker at international security conferences like BlackHat, OWASP AppSec, DevSecCon, Hacktivity and regional OWASP security events, where he presented different approaches and tools to automate mobile security testing in CI/CD, detect and prevent phishing attacks and automate infrastructure security in the release cycles.

On the personal side he loves to play racket sports, from tennis to padel, from ping pong to beach tennis. So hit him up for a match if you are in the Netherlands.

https://www.devseccon.com/chapters/dsc-netherlands/
https://appsecus2018.sched.com/event/F02G/mobile-bdd-security-tests-on-steroids-a-new-framework-to-automate-mstg-and-masvs-in-your-cicd-pipeline
https://www.blackhat.com/eu-18/arsenal/schedule/presenters.html#davide-cioccia-36753

Trainer(s) social media links:

https://www.linkedin.com/in/davidecioccia/
https://twitter.com/davide107

Outline:

Technical difficulty:

The course is for beginners/intermediate that have some knowledge about smart contracts

Knowledge of the topics below is only recommended but not mandatory for this course.
Blockchain
Smart contracts and Remix IDE
Basic understanding of decentralized applications and their applicability

Suggested Prerequisites:

The course starts from the basics of the blockchain and smart contracts.
Useful resources:

  - https://docs.soliditylang.org/en/v0.8.13/
  - https://ethereum.org/

What students should bring:

- Laptop with at least:
     8 GB RAM
- Chrome Browser

DATE: August 12th-13th, 2024

TIME: 8am to 5pm PDT

VENUE: Sahara Las Vegas

TRAINER: Davide Cioccia

- 16 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included

Registration terms and conditions:

Trainings are refundable before September 16th, the processing fee is $250.

Trainings are non-refundable after September 26th, 2024.

Training tickets may be transferred. Please email us for specifics.

Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.

By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.