From pwning boxes to draining contracts — this post kicks off my transition from traditional cybersecurity to smart contract hacking.

How I break a lending vault by sending a single rogue token transfer, throwing off its internal accounting and halting all future loans.

Info Name Difficulty Author Weird Cookie Medium @M_alpha#3534 Something’s a little off about this stack cookie… Analysis...

Info Name Difficulty Author Stickers Hard congon4tor Wooohoo!!! Stickers!!! Hackers love STICKERS!! You can make your own ...

Info Name Difficulty Author Open Sesame Easy JohnHammond Something about forty thieves or something? I don’t know, they mu...

Info Name Difficulty Author Museum Medium JohnHammond Check out our museum of artifacts! Apparently, soon they will allow ...

Info Name Difficulty Author Hidden Figures Easy JohnHammond Look at this fan page I made for the Hidden Figures movie and ...

Info Name Difficulty Author Fetch Easy JohnHammond “Gretchen, stop trying to make fetch happen! It’s not going to happen!”...

Info Olympus has been among the machines I’ve found most enjoyable, as it demands a diverse range of techniques. OscarAkaElvis crafted an engaging machine that features multiple phases, each provi...

Info Retired machine starts with a Local File Disclosure vulnerability in the web page, which we will use to download a binary used to validate a license file, this binary has a buffer overflow vu...