Nothing here yet.
Nothing here yet.
Nov 25, 2025 · 11 min read · In the world of blockchain security and Capture The Flag (CTF) challenges, vulnerabilities in smart contracts often stem from subtle arithmetic issues, especially in older Solidity versions (pre-0.8.0), where unchecked operations could lead to overfl...
Join discussion
Nov 25, 2025 · 9 min read · This post provides a rigorous, low-level analysis of a vulnerable casino smart contract system, focusing on the interaction between on-chain logic and an off-chain RNG oracle. We formalise the vulnerability as a probabilistic bias in the oracle's out...
Join discussion
Aug 20, 2025 · 4 min read · Pentester Nepal, a leading cybersecurity community in Nepal, recently celebrated its 12th anniversary on August 16, 2025, at Ullens College in Lalitpur. The free event featured expert talks on bug bounty hunting, AI governance, OAuth attacks, and mor...
Join discussion
Aug 11, 2025 · 5 min read · Introduction During Bugcrowd CTF at Black Hat USA 2025, I tackled a web challenge involving SecureFile Solutions, a document management system with a hidden Local File Inclusion (LFI) vulnerability in its index.php. This journey involved exploiting t...
Join discussionJul 9, 2025 · 5 min read · Introduction Recently, I tackled a blockchain-based Capture The Flag (CTF) challenge that required exploiting the mechanics of an ERC4626 vault to meet a specific condition. The challenge revolved around smart contracts and demanded a solid grasp of ...
Join discussion