Owen | Guardian @0xOwenThurm Twitter profile | Pikagi

Pikagi

Owen | Guardian

@0xOwenThurm

8,252

Followers

369

Following

361

Media

5,127

Statuses

Lead Auditor, World Class Smart Contract Security @guardianaudits . $3,400,000,000+ Protected. Follow for everything you need in the world of Web3 Security.👇

Subscribe →

https://t.co/rb6fjdT8CQ

Joined March 2021

Don't wanna be here? Send us removal request.

Pinned Tweet

@0xOwenThurm

Owen | Guardian

7 months

Join the exciting world of Web3 Security and rise in the ranks as a skilled Security Researcher: → In. One. Free. Course. ← 20+ hours of EVERYTHING Web3 Security + curated projects & assignments to solidify the knowledge. With this course, I'm announcing @intogateway 🧵

Tweet media one

60

172

789

Last Seen Profiles

@DrShrutiNaik

@manujove

@LolaKamakanda

@Z8yGm

@RobertZeltinsh

@SIGlasvegas

@bernabeu_pau1

@Algaliar23

@_AlexHirsch

@fushimegu_Y

@Umbrella_Alina

@michii7878

@DickFilby

@ma_yu0u0

@Ruanatotorihiki

@riczhly

@bolty0108

@gieyulia

@SerieReis

@soniaa739

@JasonBjorn5

@KAU_FD

@PFF_IJF

@MassGodNTRRR

@iFlaame

@AdrianoMoke

@Coach_MHamilton

@antijob_net

@AdamNeumannsCoS

@POLITICOPro

@FrancoisWahl

@alfarooo8

@JonKnowbody

@serenararia

@minazukinyx

@yoritaka11

@0xOwenThurm

Owen | Guardian

1 year

At this point I've audited a couple *hundred* Smart Contracts. Along the way, I've picked up a number of things that more often than not... lead to Critical bugs/vulnerabilities. So I decided to compile them all and share them with you. → 17 Common attack vectors I always try

29

148

623

@0xOwenThurm

Owen | Guardian

6 months

Everything you need to become a skilled Web3 Security Researcher. → 12 MORE hours of the free @intogateway Web3 Security Course ← Totaling 23+ hours of EVERYTHING Web3 Security + curated projects & assignments to solidify the knowledge. Here's everything in Part 2️⃣ 🧵

Tweet media one

11

87

450

@0xOwenThurm

Owen | Guardian

11 months

If I started doing this sooner I honestly think I would be 5x better at auditing by now... Here's the simple system I'm using to crystalize my experience. • Helps me learn, remember, free my mind • Others get everything I've learned + my audit systems The "Auditing Brain"🧵

Tweet media one

11

79

345

@0xOwenThurm

Owen | Guardian

1 year

Uniswap V3 is notorious for being one of the most complex DeFi protocols there is. Here's everything you need to know to understand it, as simply put as possible. 🧵👇

48

70

305

@0xOwenThurm

Owen | Guardian

1 year

Want to become a more advanced Web3 Developer/Auditor? Then it's crucial to understand how memory works at a low level. I compiled exactly what you need to know in just a few tweets 👇🧵 (💫 Takes 117 seconds)

21

79

306

@0xOwenThurm

Owen | Guardian

1 year

👉 Just getting into Web3 Security? This one's for you 👈 If you're reading this, you're early. The tales of tech newbies making 500k/y within months are true. Here's a series of videos explaining EXACTLY how you can get in and make this your reality. 🧵 👇

15

68

295

@0xOwenThurm

Owen | Guardian

1 year

Everything you need to know about the audit process, combined into a single handbook. 📖 🤝 I've compiled a 🧵 with every major point Access it here 👇

The Auditing Process | Solidity Lab

The all-in-one guide to the smart contract audit process

lab.guardianaudits.com

13

79

283

@0xOwenThurm

Owen | Guardian

3 months

I'm extremely excited to announce that @GuardianAudits has now made our Security Researcher roles open to public application! Interested in joining the Guardian team to usher in a new age of finance with World Class Smart Contract Security? → Comment below → & Shoot me a DM

166

23

255

@0xOwenThurm

Owen | Guardian

6 months

This tweet serves as a complete Web3 Security Mini-course Here's everything you need to know.👇 External Call Attacks (Reentrancy, DoS, Gas Griefing, Return Values) Advanced Reentrancy Guide Frontrunning

Tweet card media

Front-Running Attacks | Web3 Exploits 101

Are you a security researcher looking to join a world-class team? Apply to open positions at Guardian here: https://guardianaudits.comInterested in getting h...

www.youtube.com

5

54

250

@0xOwenThurm

Owen | Guardian

1 year

I could never fully understand the EVM until I stumbled across this video. This is the holy grail of EVM alpha. 🏆 Everything you need to know, laid out step by step.

Tweet card media

EVM: From Solidity to byte code, memory and storage

Slides are here: https://drive.google.com/file/d/1HkpCbY7TdlxQbkSK1az0kj_bY_Cxs-QA/view?usp=sharingPeter Robinson and David Hyland-Wood described how Solidit...

www.youtube.com

14

44

239

@0xOwenThurm

Owen | Guardian

1 year

I've had nightmares about AI replacing Security Engineers. My whole business is security. Will AI replace Auditors in 8-12 months? Or is AI just another tool? Well, I just attended an AI talk from the Ethereum Engineering Group... Suffice to say, a revolution is coming. 🧵

32

56

240

@0xOwenThurm

Owen | Guardian

5 months

Finally... The one vulnerability class that is: • Ridiculously common • High severity • Has netted me dozens of findings • Nobody talks about it And it is... 🧵

8

40

241

@0xOwenThurm

Owen | Guardian

1 year

Do NOT miss this Critical mapping bug in your next audit. 👀 Can you see it? Here's what it is and exactly how you can spot it immediately. 🧵

Tweet media one

14

51

237

@0xOwenThurm

Owen | Guardian

1 year

1/43 How I went from charging just $50 down to $50,000+ per Smart Contract audit. The ultimate guide to "making it" as a Smart Contract auditor so you can do it too.👇 🧵

12

41

232

@0xOwenThurm

Owen | Guardian

1 year

When starting out in Smart Contract Auditing, you may feel like all odds are against you: • You need to master Solidity • The financial math is complex • Your first High eludes you • Audit reports are cryptic However, here are 7️⃣ advantages you have when just starting out🧵

13

47

235

@0xOwenThurm

Owen | Guardian

1 year

Want to uncover more findings in contests or simply write better, more secure Solidity code? I have everything you need. 😌 I've compiled a MEGA-thread of all my past alpha just for you. ❤️ Follow step-by-step and learn from all my past research. 🧵

15

51

233

@0xOwenThurm

Owen | Guardian

10 months

• 10 Months • 84 Person weeks • 7 Reports • 351 Findings I am beyond proud to share that the team @GuardianAudits has concluded our review of @GMX_IO V2! 🎉 Looking forward to launch! 🫡

16

37

230

@0xOwenThurm

Owen | Guardian

4 months

At this point I’ve audited 27 liquidation functions... Liquidations are often the most critical/complex area of a protocol. If I need a quick finding → I focus on liquidations. So I compiled a list. 🫡 The 1️⃣3️⃣ liquidation vulnerabilities that you have to know.👇

7

34

211

@0xOwenThurm

Owen | Guardian

1 year

Full video of me live auditing the unreleased GMX V2 contracts dropping thoon! 👇

9

23

208

@0xOwenThurm

Owen | Guardian

1 year

Just recorded 📖 "The Ultimate Guide To Reentrancy". We covered: • Classic Reentrancy and the crux of the vulnerability • Cross-function Reentrancy • Cross-contract Reentrancy • Read-only Reentrancy • ERC721 & ERC777 Reentrancy • My method for uncovering all Reentrancies

13

22

204

@0xOwenThurm

Owen | Guardian

8 months

At this point I've worked with dozens of Smart Contract Auditors and seen exactly who performs and why... Here are the 7 skills I observed that set the difference between auditors who earn $43 in contests and those who earn $23,058. THREAD

7

36

191

@0xOwenThurm

Owen | Guardian

1 year

As you progress in your journey as a smart contract auditor it's vital to have a deep understanding of DeFi primitives. Perhaps the most important of these is the AMM (automated-market-maker). Here's the ultimate guide to the AMM just for you 👇 🧵

8

51

192

@0xOwenThurm

Owen | Guardian

11 months

Who wants to see a live pair-auditing mega series? 👀 I audit a complex codebase live, alongside a cybersecurity/blockchain professional with over a decade of experience. You follow along and have all the context I do. We uncover bugs and vulnerabilities 🤝😌

44

8

191

@0xOwenThurm

Owen | Guardian

1 year

⚠️ The Ultimate Guide To Reentrancy just dropped! ⚠️ We covered: • Classic Reentrancy • Cross-function Reentrancy • Cross-contract Reentrancy • ERC-721 Reentrancy • ERC-777/677 Reentrancy • Readonly Reentrancy • Reentrancy detection system 👇

Tweet card media

The Ultimate Guide To Reentrancy

Are you a security researcher looking to join a world-class team? Apply to open positions at Guardian here: https://guardianaudits.comInterested in getting h...

www.youtube.com

6

46

191

@0xOwenThurm

Owen | Guardian

11 months

Hear me out... Smart contracts, but in JS

70

7

184

@0xOwenThurm

Owen | Guardian

1 year

I made Read-only Reentrancy as simple as possible! No longer does this exploit need to be mysterious nor complex. Read on(ly) to understand exactly what Read-only Reentrancy is and how you can spot it in your next audit.👇🧵

14

49

180

@0xOwenThurm

Owen | Guardian

1 year

There is one Solidity feature that goes virtually unnoticed in the land of auditing. This feature is possibly the MOST underrated feature in Solidity. Let's learn everything about it in this thread 👇 🧵

15

53

173

@0xOwenThurm

Owen | Guardian

8 months

You might have missed a Reentrancy vulnerability👀 Have you been checking for all variations? • Classic single-function • Cross-function • Cross-contract • ERC-721 • ERC-777/677 • Readonly Understand each one and my system to uncover them.👇

8

20

169

@0xOwenThurm

Owen | Guardian

2 months

Auditing becomes very *very* fun once you're over the hump. Still trying to break through that barrier? Just follow these steps in order: 1️⃣ Learn The Basics I covered it all for you, get all the basics down with the following playlist: After that,

Tweet media one

14

31

164

@0xOwenThurm

Owen | Guardian

28 days

Excited to announce that @guardianaudits has now made our Fuzzing Engineer roles open to public application! 🎉 Want to learn from the best & join the Guardian team to usher in a new age of finance with World-class Smart Contract Security? → Comment below → & Shoot me a DM

73

22

162

@0xOwenThurm

Owen | Guardian

8 months

Massive Success vs. Slightly Above Average $1,500,000/y vs. $150,000/y Cross-specialization determines which camp you are in. In any given field the vast majority of participants are running the same race and competing based on the same skillset. If you are a Web3 Security

Tweet media one

17

12

159

@0xOwenThurm

Owen | Guardian

1 year

Reentrancy attacks are among the most common exploits I see out in the wild. They come in many forms, some more hidden than others. I’ve compiled everything I’ve learned about Reentrancy into a 🧵 for you 👇

9

46

156

@0xOwenThurm

Owen | Guardian

1 year

1️⃣3️⃣ Cheat-codes to get your Smart Contracts ready to audit for maximum security! 🧵 👇 You'll be kicking yourself if you don't do #7 😉

2

39

155

@0xOwenThurm

Owen | Guardian

10 months

When you have an 8 hour flight ahead but the grind don’t stop. 👀😌

Tweet media one

28

2

154

@0xOwenThurm

Owen | Guardian

6 months

Struggle with DeFi math?? AMM formulas are perhaps the hardest to initially grasp. That's why I made it as easy to understand as possible!👇 • What is an AMM • How do swaps work • How does liquidity work • What are the equations & how to use them

6

17

153

@0xOwenThurm

Owen | Guardian

1 year

⚠️ Over the past 48 hours I’ve explored a novel gas griefing attack that was previously undocumented ⚠️ In this 🧵 we’ll cover the current idea of gas griefing and then explore this new (IMO more fitting) "gas griefing" exploit. Strap in! ⛽ 💨

10

30

152

@0xOwenThurm

Owen | Guardian

1 year

🧵 I am delighted to announce that I've joined forces with @RealJohnnyTime @pashovkrum & @trust__90 to produce the most comprehensive Web3 Security training there is! 🤯 Get $50 off through my referral link 👇

Smart Contracts Hacking Course

Smart Contracts Hacking Course

smartcontractshacking.com

18

10

147

@0xOwenThurm

Owen | Guardian

7 months

Overwhelmed when you start a contest?🤔 I jumped into a random @CodeHawks contest LIVE with 6 security researchers! See how I like to approach new codebases and get to initial findings ASAP with this 3-hour session🫡👇

14

18

148

@0xOwenThurm

Owen | Guardian

1 year

As promised🤝 Watch me audit & uncover a critical vulnerability in GMX's (unreleased) V2 contracts👇

Tweet card media

Live Audit Of GMX V2 | Withdrawals

Interested in getting hands-on training to become an expert security researcher in a matter of months?Get the guide to becoming a senior auditor in 6 months ...

www.youtube.com

9

33

142

@0xOwenThurm

Owen | Guardian

3 months

Did you know you're just 10 hours away from being a talented Web3 Security Researcher? I just put together the *only* resource you need to start finding vulnerabilities in contests and getting payouts. 😎 That's it. Watch this and head straight into contests. 👇

11

22

151

@0xOwenThurm

Owen | Guardian

6 months

There’s a reentrancy here, can you spot it?🤔 (Not what you think)

Tweet media one

37

8

139

@0xOwenThurm

Owen | Guardian

6 months

At this point, I've reviewed dozens of DeFi protocols. With every new protocol, I develop a mental model for that "DeFi archetype". There are 7 core DeFi archetypes. Master them all and you are a force to be reckoned with. Let's master #1 , CDPs👇

2

18

142

@0xOwenThurm

Owen | Guardian

1 year

How to be more effective while auditing: - Reward yourself for findings - Turn off the lights - Listen to music without words - Drink tea/coffee - Limit yourself to 90-minute sessions - Set goals for your sessions - Close all other apps - Phone in the other room - Multiple

17

31

141

@0xOwenThurm

Owen | Guardian

1 year

28 ways to miss vulnerabilities in an audit 🧵

23

42

140

@0xOwenThurm

Owen | Guardian

1 year

How many Smart Contract auditors are there? Comment below 🤔👇

92

6

134

@0xOwenThurm

Owen | Guardian

7 months

It's been a long time in the works. 12 more hours of Web3 Security training coming to you soon. 🫡 Notifications on!

9

8

131

@0xOwenThurm

Owen | Guardian

8 months

The outlook on security researcher Twitter lately has been bleak. Many folks pontificating that opportunity has been replaced by competition. Let's talk about it. Yes, In 2023 there have been more entrants into the realm of Smart Contract security than ever before. Does this

22

21

133

@0xOwenThurm

Owen | Guardian

4 months

I just noticed we hit over 20,000 views on the Advanced Web3 Security course!🤯 So glad this could be helpful to anyone looking to break into the space.🫡 Hopefully we can onboard hundreds of skilled Security Researchers as a result!

Tweet media one

13

4

132

@0xOwenThurm

Owen | Guardian

11 months

The alpha no one else told you about: How to become a Solidity data storage Jedi in one article. Right here👇

Data Representation in Solidity

Paper: Data Representation in Solidity

ethdebug.github.io

5

23

130

@0xOwenThurm

Owen | Guardian

1 year

🔟 Videos queued up coming to you over the next month 🎉 - Complex Codebase Deep Dive | CTF Solution - Solving a CTF Live! - Becoming a 10x Auditor - Guide to writing PoCs (Live PoC) - 21 Sneaky Smart Contract Bugs - Complete EVM Guide | Everything you need to know - Guide to

21

11

133

@0xOwenThurm

Owen | Guardian

26 days

How to spend as much money on security services as possible, while ensuring you are still vulnerable to Critical exploits. 🧵

14

21

132

@0xOwenThurm

Owen | Guardian

10 months

A lot of people seem to think I'm a solo auditor... Nonsense, I couldn't do any of this without the kickass team @GuardianAudits . Check out 500+ findings from our team here👇

Tweet card media

GitHub - GuardianAudits/Audits

Contribute to GuardianAudits/Audits development by creating an account on GitHub.

2

24

130

@0xOwenThurm

Owen | Guardian

1 year

Passion comes after 2,500 hours. Enjoyment comes after 1,000 hours. Everything before that is plain hard work. When you’re just starting out, don’t seek passion. Find something that’s valuable to others. Passion will come.

9

15

130

@0xOwenThurm

Owen | Guardian

8 months

58 Days of straight auditing since I got back from Paris. 🫡 Here's what I found: 19 Criticals 21 Highs 38 Mediums Many reports dropping soon.👀 Good to have a day of looking at no code to focus on other things now!

14

6

127

@0xOwenThurm

Owen | Guardian

1 year

Exactly how v, r, and s signatures can be malleable 👇 Explained simply 😌🫡 (Full video threaded)

5

15

127

@0xOwenThurm

Owen | Guardian

7 months

With the @steadefi GMX V2 integration contest on @CodeHawks , I thought I'd release a much more in-depth intro to the @GMX_IO system! Some of these things will be crucial for getting those niche, critical edge cases in the contest 🫡 Access the 2-hour deep dive here 👇

Tweet media one

12

23

125

@0xOwenThurm

Owen | Guardian

7 months

The path to becoming a top-level security researcher is really quite simple. However: `simple != easy` I will give you the *only* 4 steps you'll need to become a rockstar security researcher, it is up to you to execute on them. 🧵

13

15

123

@0xOwenThurm

Owen | Guardian

9 months

There are 5 common upgrade patterns for Smart Contracts: • Eternal Storage • Transparent • UUPS • Beacon • Diamond Standard Do you know all of them?? Get the low-down on all 5 patterns in todays video 😎👇

7

17

124

@0xOwenThurm

Owen | Guardian

1 year

If you want to become a successful Smart Contract auditor: Don’t give up.

11

11

124

@0xOwenThurm

Owen | Guardian

1 year

Elliptic Curve Addition Explained Simply 👀

4

21

123

@0xOwenThurm

Owen | Guardian

1 year

A Collection of Almost Every Common Bug/Vulnerability Here it is, if there's one single article that will bring you up to speed with every common bug/vulnerability it's this one.👇

Smart Contract Security in Solidity | HackerNoon

A security issue in Solidity boils down to smart contracts not behaving the way they were intended to.

1

22

119

@0xOwenThurm

Owen | Guardian

7 months

Here is the complete GMX V2 Integration checklist: (Don't miss any of these edge cases) Depositing Liquidity • Consider PnL Factor carefully when estimating GM price • Handle deposit cancellations • Ensure only the GMX handlers can call the afterDepositExecution &

8

21

113

@0xOwenThurm

Owen | Guardian

1 year

🤯 The clearest, most comprehensive thread on signature malleability of all time! It’s a hefty claim, I know. But if you give me the chance, I will not disappoint. ✊ 🎩🔮 Allow me to demystify this age-old attack 💫 Let’s hop in 👇

5

33

116

@0xOwenThurm

Owen | Guardian

1 year

When the findings aren't coming, auditing is very hard for me. So I developed a plan for exactly these situations, and it has rewarded me with 51 Critical/High findings so far this year. The 3️⃣ pillars of my momentum-based auditing framework, so you can use superstar mode too🧵

6

17

114

@0xOwenThurm

Owen | Guardian

7 months

You really only need one trait to succeed at anything: Consistency. No valuable skill can be mastered in a week. In a decade, you can master nearly anything. The easy part is doing it today, the hard part is doing it for the next 10 years.

9

11

115

@0xOwenThurm

Owen | Guardian

6 months

There is no magic solution. The only thing we can do: More + Better More security researchers More solo auditors More security firms More contests More invariant testing More bug bounties Better education Better tooling Better incident response Better systems & standards It's

8

10

113

@0xOwenThurm

Owen | Guardian

1 year

🧵 The Design of GMX V2 Explained Simply Let's dive in 👇

6

26

107

@0xOwenThurm

Owen | Guardian

1 month

Nobody is actively trying to prevent you from reaching your goals. They're just trying to reach theirs. Help them with theirs and they'll help you with yours.

4

7

115

@0xOwenThurm

Owen | Guardian

9 months

⚠️ Free Stuff Alert Are you looking to transition into a full-time job in Web3? If you'd like to work with me 1-1 to master your Web3 development skills to get that Web3 job comment down below.👇

184

5

112

@0xOwenThurm

Owen | Guardian

1 year

Goal by 2024: Help 1,000 Web2 developers, cybersecurity experts, and tech newbies learn how to perform the highest tier of security audits and give them a platform to practice, earn money, and provide value to the Web3 community while doing it.

14

3

110

@0xOwenThurm

Owen | Guardian

8 months

Lfg we just hit 5K! 🎉 Just getting started here...

Tweet media one

17

0

112

@0xOwenThurm

Owen | Guardian

1 year

🔁 Reentrancy attacks are perhaps the most widespread devastating Web3 exploit. You might think that a nonReentrant modifier solves all your problems, but many protocols are still at risk. 👀 The `globalNonReentrant` pattern offers better protection. Let's dive in 👇

5

21

112

@0xOwenThurm

Owen | Guardian

4 months

You have to work hard before you can work smart.

7

15

112

@0xOwenThurm

Owen | Guardian

7 months

Rounding in Solidity has lead to thousands of findings/bugs/vulnerabilities. Thousands... That's why it's absolutely key that you understand how to spot rounding issues in any codebase. I broke down exactly everything you need to uncover sneaky rounding issues yourself👇

5

12

110

@0xOwenThurm

Owen | Guardian

1 year

Thoughts on recording myself auditing?

24

1

109

@0xOwenThurm

Owen | Guardian

3 months

Crazy to think I've been making videos on Smart Contract security for a year now. 🤯 I hope we've prevented at least a couple of bugs/exploits from occurring in production 🫡 It's been a blast, glad folks can find them valuable! Here's to many more 🥂

Tweet media one

13

4

107

@0xOwenThurm

Owen | Guardian

7 months

Want to become a skilled Web3 Security Researcher? → Learn by watching other Security Researchers conduct reviews 5+ hours of live pair auditing here for you to do just that 🤝👇

7

16

105

@0xOwenThurm

Owen | Guardian

7 months

Oracle manipulation is the single most common exploit! Haven't been able to understand it at a deep level yet? I've got everything you need 🫡👇

5

10

103

@0xOwenThurm

Owen | Guardian

5 months

Lfg!! In 2024 we are going to: - Secure 30+ projects - Grow the team from 6 -> 15 - Release 100 hours of content - Hands-on train 150 Elite Security Researchers

@dannygfromnyc

Daniel | Guardian Audits ◻⛓

5 months

We're back on Twitter baby! Thankful for all the people I've met last year, and looking forward to crushing 2024 💪

1

0

21

13

2

105

@0xOwenThurm

Owen | Guardian

10 months

On my way to Paris for @summit_defi ! This is actually my first time leaving the US. 👀 In fact it might be my first time leaving the house. 😂

16

1

104

@0xOwenThurm

Owen | Guardian

3 months

How to go fast in Web3: Slow down. Take an extra week before your audit. Take an extra week before launch. Do things right the first time so you don’t end up spending months in recovery.

4

12

105

@0xOwenThurm

Owen | Guardian

3 months

Is that right?... 2.5 hours of a real-time (past) contest audit?? Something big coming your way 👀

Tweet media one

10

5

105

@0xOwenThurm

Owen | Guardian

2 months

Engage with this tweet 🙏

Tweet media one

12

3

104

@0xOwenThurm

Owen | Guardian

1 month

No matter what, keep your lifestyle low so you have the freedom to make any move you want. Sometimes to move forward you need to take 3 steps backwards. Give yourself that room.

4

5

102

@0xOwenThurm

Owen | Guardian

11 months

The complete guide to the EVM is here! The simplest introduction to the EVM of all time in one video.💪🎉

Tweet card media

Complete Guide To The EVM | Everything You Need To Know

Are you a security researcher looking to join a world-class team? Apply to open positions at Guardian here: https://guardianaudits.comInterested in getting h...

www.youtube.com

7

22

101

@0xOwenThurm

Owen | Guardian

3 months

Foundry Debugger is goated. Never again will I console.log a word in memory and spend 3 hours wondering why everything is broken... Just to realize the console.log pooped all over the memory.

9

5

102

@0xOwenThurm

Owen | Guardian

1 year

Just released the guide to your first audit! 👀 We covered: • Auditing Mindset • Gaining Context • Audit Tags • A system to find your first vulnerability! Watch the full guide here👇

Tweet card media

Complete Guide To Your First Audit

Are you a security researcher looking to join a world-class team? Apply to open positions at Guardian here: https://guardianaudits.comInterested in getting h...

www.youtube.com

4

13

98

@0xOwenThurm

Owen | Guardian

1 year

🚀 Excited to share a comprehensive guide to your first audit. We have four key elements to go through: 🧠 Auditing mindset 📚 System breakdown 🏷️ Audit tags 🔧 Utilizing attack knobs Let's start with the most crucial part: the mindset.👇 🧵

8

20

97

@0xOwenThurm

Owen | Guardian

1 year

And just like that a 117 page audit report is delivered 🤝

12

6

99

@0xOwenThurm

Owen | Guardian

4 months

Solution to the marketing-only auditor epidemic: We need a widely adopted, hard to obtain (skill wise) Web3 Security certification standard.

20

5

96

@0xOwenThurm

Owen | Guardian

7 months

Can not be more proud of @0xvangrim_ @AboutikaR @0xDimo @PolGallardo_ @SecurityDev23 @Nayan_kubade They just graduated the 4 week accelerator! 🥇🎉 It was an intense 4 weeks, but coming out they are now on a completely new level. 💪🫡

Tweet media one

17

5

96

@0xOwenThurm

Owen | Guardian

11 months

💡 Foundry Tip When working with bytecode or assembly I invariably find myself converting hex → decimal. All. the. time. Me 3 months ago: > python3 > int("a0", 16) Me today: > cast --to-dec a0 Reduce friction by 10% for 10 things you constantly do. → Watch efficiency 📈

6

9

97

@0xOwenThurm

Owen | Guardian

11 months

So many people aren’t even serious about accomplishing what they set out to. Separate yourself from those. Take action. No more questions, audit for 1,000 hours -- you will have what you're looking for.

7

8

92

@0xOwenThurm

Owen | Guardian

10 months

The past 4 weeks, I've been adding every common finding class I come across to my "auditing brain". Here are 11 that I've added recently that you should start looking out for as well... 1. ERC-721 safeTransfer DoS 2. Phantom functions 3. Duplicate elements in an array 4. Force

8

25

93

@0xOwenThurm

Owen | Guardian

1 year

I want my YouTube to be the ultimate resource for any looking to get into auditing and really make it. What videos would help you achieve your goal? (comment below, making them all)👇

24

4

93

@0xOwenThurm

Owen | Guardian

6 months

Let's talk about DAO & Governance Attacks... (Over $200,000,000 stolen) There are 4️⃣ common ways in which DAOs get hacked. If you master these, you'll know exactly what to look for when auditing DAO & Governance systems.👇

1

12

92

@0xOwenThurm

Owen | Guardian

1 year

It's true only a fraction of those who dare to become an auditor will make it in the long run. Here's how I would take that fact in stride & use it to my advantage: • 60% will get distracted by something else (MEV, Dropshipping, Rust (gross)) • 20% will give up after not

18

8

91

@0xOwenThurm

Owen | Guardian

1 year

How I consistently find bugs that no one else does: • Understand the entire codebase first • Become convinced there are bugs • Spend an unreasonable amount of time on the most complex areas (where 90% shy away) • Build a "second brain" of everything you've seen before

5

11

94

@0xOwenThurm

Owen | Guardian

8 months

🤯 $4.57 from the YT channel Do you guys think I can stop auditing now?

Tweet media one

14

0

91