Finding bugs is just one part of the bug hunting process.
Once you've found a bug, you write a report, and more importantly, you must write a proof of concept. It helps you
Like anyone starting with something new, I made some mistakes when I just started bug bounty hunting.
Here are some of my mistakes so that you might avoid them:
1 - I Had
Many auditors and bounty hunters don't look for game-theoretic and economic flaws.
Instead, they focus on the more tangible and well-known types of attacks. This is unfortunate as a game-theoretic design flaw can
A bunch of security researchers that I know do the most exciting work.
Unfortunately, they don't show it to the world. They might share their cool projects with colleagues and friends, but it
Not enough people care about Oracle Extractable Value!
Over the recent years, we've all become aware of MEV. However, just like miners can extract value from their sequencing power, oracles can extract value