BOOK THIS SPACE FOR AD
ARTICLE ADIf you are a beginner in web3 security space and want to learn from start. Then I have compiled a step by step guide for 2023 version :-
First start with Blockchain Basics, Blockchain is different than traditional web2 so before starting to learn security and hacking of smart contract, give sufficient time to learn about all those basics needed to become Blockchain developer.
Blockchain Basics
Photo by Pierre Borthiry - Peiobty on UnsplashMastering Ethereum by Andreas Antonopoulos and Dr. Gavin Woods : https://github.com/ethereumbook/ethereumbookLearn Blockchain, Solidity, and Full Stack Web3 Development with JavaScript By Patrick Collins : https://www.youtube.com/watch?v=gyMwXuJrbJQHarvard’s CS50 : https://cs50.harvard.edu/x/2021/Interactive school that teaches you all things technical about blockchains : https://cryptozombies.io/Learn Smart Contracts by actually writing one : https://buildspace.so/builds/solidityAt last Just Read like a story: https://docs.soliditylang.org/
Photo by GuerrillaBuzz Blockchain PR Agency on UnsplashSmart contract weakness classification: SWC Registry : https://swcregistry.io/ETH smart contract Best Practices: https://consensys.github.io/smart-contract-best-practices/
CTFs
Ethernauthttps://ethernaut.openzeppelin.com/
capture the etherdamn vulnerable defihttps://damnvulnerabledefi.xyz/
paradigm ctfPhoto by Ian Schneider on UnsplashImmunefi Medium: https://medium.com/immunefiRekt : https://rekt.news/BlockchainThreat : https://newsletter.blockthreat.io/Week In The Ethereum News : https://weekinethereumnews.com/
Photo by Julio Rionaldo on Unsplash
Framework/ programming tools
Hardhat : https://hardhat.org/Truffle : https://trufflesuite.com/Foundry : https://book.getfoundry.sh/Brownie : https://github.com/eth-brownie/brownieTenderly : https://tenderly.co/Seth: https://github.com/dapphub/dapptools/tree/master/src/sethMythril: https://github.com/ConsenSys/mythrilSurya : https://github.com/ConsenSys/suryaDappTools: https://github.com/dapphub/dapptoolsAfter Finishing all of the above , start with code4rena and then immunefi. practice enough with other audit reports and past attacks simulation.
Code4rena : https://code4rena.com/Immunefi : https://immunefi.com/hackenproof : https://hackenproof.com/