@prdp1137
About
Nothing here yet.
Available for
Nothing here yet.
Pradip Bhattarai's blogs
Recently published
Exploiting Integer Underflows in Solidity
Nov 25, 2025 · 11 min read · In the world of blockchain security and Capture The Flag (CTF) challenges, vulnerabilities in smart contracts often stem from subtle arithmetic issues, especially in older Solidity versions (pre-0.8.0), where unchecked operations could lead to overfl...
Join discussion
Exploiting Biased Off-Chain RNG in Ethereum Smart Contracts
Nov 25, 2025 · 9 min read · This post provides a rigorous, low-level analysis of a vulnerable casino smart contract system, focusing on the interaction between on-chain logic and an off-chain RNG oracle. We formalise the vulnerability as a probabilistic bias in the oracle's out...
Join discussion
GoPhish Powers RSVP for Pentester Nepal’s 12th Anniversary
Aug 20, 2025 · 4 min read · Pentester Nepal, a leading cybersecurity community in Nepal, recently celebrated its 12th anniversary on August 16, 2025, at Ullens College in Lalitpur. The free event featured expert talks on bug bounty hunting, AI governance, OAuth attacks, and mor...
Join discussion
Exploiting an LFI Vulnerability and Forging a Signature in BugcrowdCTF
Aug 11, 2025 · 5 min read · Introduction During Bugcrowd CTF at Black Hat USA 2025, I tackled a web challenge involving SecureFile Solutions, a document management system with a hidden Local File Inclusion (LFI) vulnerability in its index.php. This journey involved exploiting t...
Join discussion