Piyush Shukla 🇮🇳
@PiyushShukla__
Followers
1,892
Following
552
Media
71
Statuses
947
Security Researcher | Smart contract Auditor | Top 3 Security Researcher @hackenproof | CISO | Threat Hunter Awarded #Sway #rust #solidity Auditor
Dm for Smart Contract Audit
Joined February 2020
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Halloween
• 5479404 Tweets
Mark Cuban
• 418292 Tweets
Thug
• 380719 Tweets
Bucks
• 284424 Tweets
Corinthians
• 84800 Tweets
Racing
• 75597 Tweets
Jets
• 70260 Tweets
#GHGala9
• 68511 Tweets
Gunna
• 68271 Tweets
Martinez
• 54822 Tweets
Cazzu
• 51404 Tweets
Mariah
• 43470 Tweets
QUE TE VUELVA AMOR OUT NOW
• 40197 Tweets
Dame
• 37651 Tweets
Hugo
• 33960 Tweets
あと2ヶ月
• 33576 Tweets
#Horizonte
• 28253 Tweets
Texans
• 27249 Tweets
Gaviria
• 26934 Tweets
#あさイチ
• 26318 Tweets
Ameri
• 23697 Tweets
Memphis
• 19187 Tweets
残り2ヶ月
• 17870 Tweets
#目覚めていく_WMDA_INI
• 16728 Tweets
Happy New Month
• 14325 Tweets
Brian Steele
• 14034 Tweets
Giannis
• 13265 Tweets
ガンダムW
• 12771 Tweets
Juanfer
• 12675 Tweets
Yuri Alberto
• 11098 Tweets
Garro
• 11060 Tweets
Pinned Tweet
Hey everyone! There was a technical issue with the last X Space link. Please join us here instead:
0
2
2
Awesome checklist for websocket bug bounty
12
112
350
Sometimes it feels like I'm still dreaming. As a small kid, I always wanted to buy a car with my own money and have my parents sit in it. But at 21 years old, this nerd made the dream come true. I am always thankful for
#bug_bounty
🥹
#Web3
and to everyone in the cybersec
123
12
310
14
9
215
Behind each € / $ there is
- sleepless nights
- Early Mornings
- failures
- Time investment
- self doubt
- Endless efforts
- lot's of duplicates / N/a
- Lot's of demotivation
But everyone notice only € numbers
And call it is a luck
#infosec
@e11i0t_4lders0n
5
28
190
Happy New year everyone
My 2022 goals 🎉
1) pass ceh exam
2) complete interships
3) learn smart contract security
4) Earn $150k in bug bounty
5) deep dive in cloud security
6) preparing for startup !
#2022NewYear
#2022Goals
#bugbounty
#infosec
4
12
193
Hello everyone my first write-up are medium..I hope you learn something
@ADITYASHENDE17
@impratikdabhi
@theXSSrat
@GodfatherOrwa
@e11i0t_4lders0n
8
48
155
Here is my biggest 2021 goal. ...is completed
In May 2021 I started the bug bounty ...and today I found my name in
@GoogleVRP
@Apple
@Microsoft
I'm always Thankful - my bro , my mentor -
@ADITYASHENDE17
#bugbounty
#bughunter
13
9
148
I happy to announce that my first CVE 2022-0855 is published 🥳
@theXSSrat
@GodfatherOrwa
@ADITYASHENDE17
@e11i0t_4lders0n
7
6
139
only 3 goals for
#2024
- Earn $1,000,000.
- Achieve a position in the top of the hacker leaderboard on
@immunefi
.
- Maintain a regular workout routine.
#HappyNewYear2024
#2024Goals
6
2
132
lot's of people have been asking me to share my bounty screenshots...but I don't believe in sharing these stuffs ....but today for the very fast time I'm gonna reveal my weekly bounty state
#bughnuter
Thank you -
@ADITYASHENDE17
@theXSSrat
@impratikdabhi
@GodfatherOrwa
12
8
121
Some small earnings in this week
Thank you
@HackenProof
@hackenclub
@ADITYASHENDE17
#bugbountytips
#bugbounty
#Pentesting
#Hackers
#Ethicalhacking
#cybersecurity
#piyushshukla
11
8
77
Hard work always payoff
GOOGLE HOF
Finally.Dream.come.true
@ADITYASHENDE17
@impratikdabhi
@bhawnani_ansh
7
4
71
Another hit in
@Microsoft
@
#infosec
#bugbounty
#ethicalhacking
#cyberpunk
#cybersecuritytips
#bugbounty
#Hackers
@ADITYASHENDE17
4
6
72
Thank you
@GoogleVRP
for amazing book and bug Hunter Batch❤️
#infosec
#bugbounty
#bughead
#bugbountytips
#Ethicalhacking
#googlevrp
4
4
69
Found 2023 1st data breach in World biggest crypto exchange ❤️
They immediately restrict the access
#perfect_2023_start
#2023NewYear
#BugBounty
#bugbountytip
#infosec
5
6
69
If you think invite code and Referral code are useless then you should this 🔎
Another quick write-up about my recent easy finding in 2+million users data breach in crypto exchange
@ADITYASHENDE17
@theXSSrat
@zseano
#bugbountytips
#securitybreach
#cyber
1
23
69
Hey Web3 folks! 🎉 I’m giving away 5 individual passes for
@bsidesahmedabad
2024—exclusively for Web3 enthusiasts! 📷
Retweet this post.
Comment below and tell us why you want to attend this event! 👇🏻
Good luck!
Let's meet in person at
45
42
62
Thankyou
@hackenproof
for this warm reward .I'm glad to be on the list of top 5 Hackers of 2022
Finally I Hacked The bank 2.0
Cheers 🥂
#bughunter
#infosec
#hackers
#hackenproof
6
4
52
Another solidity ( smart contract ) bug . duplicate in
@immunefi
....but all are high saverity valid bugs
#bugbounty
#web3
#Blockchain
#cybersecurity
7
3
56
Another one in Google ❤️
#bugbounty
#bugbountytips
#webpentesting
#bugbounty
@ADITYASHENDE17
@impratikdabhi
@techhacker98
5
3
54
A big shoutout to this guy. I always wanted that level of mindset in my school days, and that level of understanding to ask questions like that.
1
1
56
Now I'm stopping hunting Fuel Attackathon!
I really enjoy hunting Fuel. I have learned a lot from it and gained a good understanding of fuel. It is a really interesting concept because of the UTXO (Unspent Transaction Output) model, which is a form of transaction data model.
2
1
53
Everything is scam
Focus on your Health and Wealth 🎉
2
4
47
3
5
48
You don't need Everytime burp to find critical bug , sometimes Inspect is enough
#bugbountytips
#infosec
#cybersecurity
#DevOps
@e11i0t_4lders0n
@GodfatherOrwa
@theXSSrat
@impratikdabhi
3
3
47
Found Account takeover in one of the biggest crypto exchange domain
Soon disclosing everything
#web3
#bugbountytips
#bugbounty
#Ato
#zeroday
1
3
43
No matter how much experience you have in bug bounty hunting and how many bugs you've found, there are times when trying harder to discover bugs results in frustration and disappointment. Even for someone who has found numerous critical bugs and is recognized as one of the best
1
1
32
when you start self doubting ...
#stop
everything And just start
#learning
#selfdoubting
#bugbounty
#infosec
#learning
0
2
32
I remember when I was a full-time web 2 bug hunter! In the initial days, I tried a lot to crack
@YogoshaOfficial
and join their elite hacker club, but unfortunately, I didn't complete their CTF at that time. So I started consistent work in
@HackenProof
and became the all-time top
1
1
28
Recently, I had an amazing talk with the
@msftsecresponse
security response team. I had a wonderful discussion on various topics with Dhavval Shrivastava and Neha Sharma. It's rare to see any tech company reaching out personally to improve its security measures. Really kudos to
1
0
27
🇮🇳 we're rocking everywhere
@impratikdabhi
@ADITYASHENDE17
@AseemShrey
@TheSecureum
@techhacker98
@Farah_Hawaa
1
2
27
Are you still wondering what automation in Web3 audits looks like? You might have missed out on
@solidityscan
! Built by the team at
@CredShields
,
@SolidityScan
automates your smart contract security audits with top-notch quality. It's not just effective; it’s a time-saver.
3
4
25
Meeting most amazing and most humbled hackers in
@bsidesahmedabad
@harshbothra_
Bhai
@rupenderbauhtey
Bhai
#bsidesahamdabad
3
4
24
@PrismaFi
faced an $11.6M exploit, but white hat hackers returned the funds after negotiating a bounty through a rescue operation. Understanding the hack's root causes is crucial to prevent future incidents. Read more about the $11M hack breakdown
1
4
22
2023 is in 1 month
Stop been distracted the things that have nothing to do with accomplishing goals
#goals
#selfworth
1
4
20
A few hours ago, a
@minerercx
exploited a vulnerability resulting in a loss of $456k.
The vulnerability lies in the `_update` function. If a user transfers tokens to themselves within the same transaction, there is indeed a potential for their balance to double. This scenario
2
4
18
Did you check out this awesome list of the top 10 bugs of 2023 on Immunefi? It's really insightful, and you'll notice that these bugs aren't exactly rocket science to find ?
0
5
20
Even with my years of experience finding critical bugs in many CEX exchanges, I have never collected this much PoC. One or two PoCs are enough. This incident doesn't look white hat at all
1
1
17
Once, a legend said, 'If you want to achieve success, stick with one thing,' and I really follow this advice. I'm stuck with
@0xOwenThurm
YouTube content; I'm truly obsessed with it. In my eyes, there is no one better than him in terms of creating videos on web 3 security
0
0
16
You can't learn everything. You can only do good research according to your needs. Your research skill must be
#sharp
2
2
15
Thank you so much
@bsidesahmedabad
for organising such an amazing event and giving opportunities to all the hackers to network with each other . It goes without saying that the talks were really amazing and illuminating !
Avidly waiting for the next year ! ✨
#bsidesahmedabad
0
2
16
Recently, I tried the pay-per-vulnerability model for smart contracts audit, and I was really impressed with its results. It helped me put in more effort to find high and medium severity issues in the code, and it also compensated me more compared to regular audits.
1
1
16
No matter how much time you spend in front of your laptop, if you don't achieve satisfying results by the end of the day, it's all worthless
1
0
14
Wonderful Practical video of websocket hunting by
@AseemShrey
#bugbountytips
#infosec
#learning
#hacking
#CyberSec
#cybersecuritytips
1
6
15
In 2023, Web3 suffered $2.02B in losses:
$1.397B from 191 major attacks
$388M from 267 rug pulls
$238M from phishing scams.
68% of the attacks targeted
#DeFi
projects, resulting in the highest losses of $408M, constituting 29.2% of the total.
0
0
14
@Mudit__Gupta
Indeed! Now, politicians use the WazirX example to prove that crypto should no longer be allowed in India.
0
0
15
Recently, I completed another solo audit. The smart contract had already been audited multiple times, including by a Tier 1 auditing firm. Despite this, I was able to identify 1 medium, 2 low, and 3 gas optimization issues. The time spent on the audit was 10 hours.
#soloaudit
2
0
13
Hey everyone, I will be attending the
@MSFTBlueHat
Microsoft conference in Hyderabad on May 16th and 17th, where I'll be sharing some valuable insights about blockchain security. If anyone else is attending, feel free to connect with me there!
0
1
13
@IM_Mad_hub
The answer is simple: Build curiosity in your mind. Think about how everything works and how an attacker can find a bug even when top researchers have audited the code. Use your search skills to find hidden, important resources on Google. If you stay curious and keep learning all
0
1
12
Recently,
@PrismaFi
was exploited (or compromised) by a white hat hacker 🧐. While the terminology isn't crucial, what matters most is learning from the incident. That's why I'm preparing a full analysis of the root causes. Stay tuned for a complete hack analysis of
1
0
12
Recently, the $NORMIE Token suffered losses of $881,686. Read more about the hack and the black hat hacker's approach to exploiting the contract. You'll definitely learn a lot from this analysis.
0
0
13
Grateful to receive an invite from the Fuel team and get another chance to find some cool bugs in the Sway code !
🚨New IOP alert!🚨
@ThunderbyFuel
has launched an IOP on Immunefi — the first of the 4 Fuel dApps.
There's $65,000 in rewards available for all whitehats who found at least one valid vulnerability in the Fuel Attackathon.
Find out more:
1
2
23
0
1
13
Just a quick suggestion to new auditors who are going to start their first audit:
1) Read
@pashovkrum
reports. His reports are clear and simple, it easy to understand many tricky issues.
2) Start with small codebases! It helps boost your confidence. While there may be fewer
0
0
11
Hey everyone,
We're currently seeking a Security Researcher with extensive knowledge in security and a strong understanding of the web3 domain to join us at
@techfund_inc
and contribute to enhancing the security of
#web3
.
At
#TechFund
, we offer industry-level compensation, and
3
0
12
Hey everyone, we are launching the official Telegram community channel for
@techfund_inc
and soon will be available on Discord as well. Anyone willing to learn new tech and blockchain security from scratch can join this channel. Our experts also conduct sessions to teach you more
1
4
11
Hey everyone,
Today, I am thrilled to share a moment of immense pride: I have been honored as a
"Top Blockchain Voice"
by this incredible platform,
@LinkedIn
This recognition is not just about me; it's a testament to the power of collaboration, knowledge sharing, and
3
0
12
I'm pleased to announce that I'm in Top 2 hackers in this week in
@HackenProof
@ADITYASHENDE17
@GodfatherOrwa
@theXSSrat
#bugbounty
#bughunting
#hackers
3
4
11
How can you sharpen your auditing skills? By continuously reading contest and public audit reports, especially those focusing on recent hack analyses (you can read recent exploits in
@techfund_inc
), and understanding the exploit code. Then, initiate your own hack analyses. This
0
0
12
Hey fam, I've created TopMate, where you can book direct calls with me for anything related to Web 3 / security. You can consult with me directly through LiveMe
0
1
12
Until you understand a code function, you won't be able to implement a hacker mindset to find critical bugs
#Blockchain
2
1
12
If you think it's not too late to enter the Web3 security space, then maybe you're wrong. I can clearly see that researchers who find and receive rewards for vulnerabilities are now discovering that they no longer exist or are easily detected by bot races.
2
0
11
I'm super excited to share that this year I'm attending the
@BcryptGlobal
Conference 2023 in Delhi to represent
@qoodo_io
. We're eager to connect, interact, and share insights about
#Qoodo
check out
#QDO
Presale -
1
6
10
Glad to see Sway gaining popularity among auditors! In the past few weeks, I've received a lot of DMs about learning Sway audit stuff. It’s wild how fast it’s taking off!
#Sway
@fuel_network
0
1
10
After conducting many audits, I realized one thing: if you're unable to find a single issue, you probably don't fully understand the code.
#Bugs_are_everywhere
.
0
1
10
Thanks a lot to
@ADITYASHENDE17
,
@cyberboyIndia
,
@0xakshat
,
@Ashmeet70884617
and
@Prism_Blocks
for joining and for the interesting discussion, as well as for sharing valuable insights.
2
0
10
Happy Republic Day to everyone.🇮🇳
May the spirit of democracy and patriotism continue to flourish
#HappyRepublicDay
#गणतंत्र_दिवस
#india
#jaishreeram
0
0
10
Three mistakes by
@WazirXIndia
, which, if avoided, might have led to a different outcome:
1. They responded too late to the hack. Even an hour after the hack, their team had not responded, which is not expected from a big crypto exchange.
2. They did not have a proper incident
0
1
9
Another hit ....in google
Thanks
@ADITYASHENDE17
#bugbounty
#cybersecurity
@GoogleVRP
#redteam
#bughunting
0
6
9
Finally, here is Episode 3. To be honest, I have been eagerly waiting for this. It's one of the best audio series I have ever watched. Respect ++
@0xOwenThurm
. If you are still missing masterpieces . watch here =
1
1
9
History Made 🇮🇳
India on the Moon 🇮🇳
Proud Indian 🇮🇳
@isro
#IndiaOnTheMoon
#Chandrayaan3
#Indian
#ISRO
0
2
9
Happy New Year, everyone 💫! May Lord Ram assist each one of you in achieving your
#2024
goals, making it the most successful year of your lives.
#happynewyear
#2024goals
0
1
9
@IAmNickDodson
Honestly, I have years of auditing experience in different chains and lang, but Fuel Sway are something different. I participated in a Fuel Attackathon on Immunefi for the first time, and now there's no going back. It's really fun to work with Fuel Sway
0
0
8
Building a comprehensive mind map during an
#audit
is crucial. It really helps in understanding the complex code flow in a much easier way. I’ve manually created tons of flowcharts and mind maps, and it truly makes my job easier
@SwayLang
@fuel_network
0
0
9
Recently, I audited a staking contract with a relatively small codebase, but I still found
#2
high saverity security issues in the code.
#BLOCKCHAIN
#hack
#Audit
#smartcontact
#web3community
1
1
7
0
0
8
We are ready for 2023 with more energy 🔥
TOP-5 bug bounty researchers
@gowtham_ponnana
— the most original vulnerabilities
@PiyushShukla__
— the fastest growing bug hunter
@cyberarmy101
— the most active bug hunter
@lucio_89
— the best quality of reports
@Manojku29482042
— submitted more than 300 valid repots
1
6
32
1
1
8
0
0
8
GM, I'm writing a very comprehensive blog to explain deeply about predicates. Predicate is a core concept of
@fuel_network
, which is built in the Sway language. Until I finish my writing, check out this small thread about predicates 👇
1
1
10
Hey, thanks for participating! I'm really amazed to see the amount of interest in the security conference.
@bsidesahmedabad
definitely has a different craze, but unfortunately, I can't invite everyone.
Here are the final winners of the Web3 Researcher giveaways:
@0xAraj
Hey Web3 folks! 🎉 I’m giving away 5 individual passes for
@bsidesahmedabad
2024—exclusively for Web3 enthusiasts! 📷
Retweet this post.
Comment below and tell us why you want to attend this event! 👇🏻
Good luck!
Let's meet in person at
45
42
62
6
2
7
Recently, a Pike Finance fell victim to a hack, resulting in a loss of $$1.6 million . We'll cover the full breakdown of the hack , please do read
@techfund_inc
0
1
7
Just a quick suggestion for new auditors:Instead of randomly starting to read
@SoloditOfficial
reports,try reading 10 reports for one vulnerability. By doing this,you'll cover multiple attack scenarios of the same bug across different contracts,which can provide valuable insights
0
2
7
Over $550k was drained from multiple Fantom Foundation-labelled wallets; however, it appears that, upon the initial security investigation, the developer's private key was
#compromised
through
#phishing
.
3
1
6
Understanding the Risks of EIP712: Keeping Your Crypto Safe
EIP712 has become a popular tool in the Ethereum ecosystem, allowing users to sign messages off-chain and verify them on-chain. However, like any powerful tool, it's crucial to understand the potential risks involved.
3
2
7
Hey
@latokens
,A year ago, I was very impressed with your proactive nature regarding security. You made security a priority back then.
@latokens
and
@0xLachain
were my favorite programs on
@HackenProof
, which is why I held top positions in both programs.
However, this is no
1
0
7