Billets dans English
THCon 2023 « supplychain » writeup
- 24 avril 2023
This is a writeup from the « supplychain » challenge of the CTF for THCon 2023, made by Dridri.
Critical analysis of Flashbots
- 13 janvier 2021
This article is about the Flashbots project (see that post on ethresear.ch for background).
Python logging: do’s and don’ts
- 02 mai 2020
Logging is important. Python has a nice logging framework. I very rarely see it used properly, even by experienced programmers.
The bZx attacks explained
- 18 février 2020
This article will examine in details what happened during the two transactions that exploited vulnerabilities to open under-collateralized positions in bZx, causing a loss of equity worth more than a million dollar in total.
Analyzing suspicious smart contract vacuuming
- 18 février 2019
This is the counterpart of Blockchain Autopsies - Analyzing Ethereum Smart Contract Deaths, looking at suspicious patterns in the history of Ethereum, where contracts would not be killed but simply emptied by attackers.
How to steal Ethers: scanning for vulnerable contracts
- 05 décembre 2018
Four years ago, I wrote an article « How to steal Bitcoins » that was about finding address corresponding to weak brainwallets, and some forensic evidence that it was exploited automatically, for profit.
Pakala: yet another EVM symbolic execution tool
- 04 décembre 2018
Pakala is a tool for symbolic execution of EVM bytecode (like Manticore or Mythril).
Syncing a Parity Archive Node: How-To
- 02 décembre 2018
For my experiments, I set on having an Ethereum archive node (with the full history of all the states), with Parity.
Le gestionnaire de mot de passe parfait
- 11 décembre 2016
TL;DR: Je présente une solution à base de Yubikey 4 avec « touch-to-sign » pour contenir vos clés GPG, avec utilisation de ces clés pour l’authentification SSH et pour stocker vos secrets avec password-store
Astuces Neo4j [en]
- 06 juin 2015
This article is a collection of tips and informations that I found useful to know about neo4j, when learning about it. It also presents some performance tips (from the developer point of view).
Un crawler très simple et puissant en Python [en]
- 11 décembre 2014
I am fascinated by web crawlers since a long time. With a powerful and fast web crawler, you can take advantage of the amazing amount of knowledge that is available on the web.
Comment voler du Bitcoin
- 08 mars 2014
Chaque adresse Bitcoin se base sur une clé secrète, de laquelle on dérive la clé publique qui est l’adresse Bitcoin, et qui sert à signer les transactions.