Gonçalo Magalhães

DEFCON's Bug Bounty Village

Why you should be hunting on Web3 Bug Bounties

Presented on the key distinctions of Web3 bug bounty hunting and how blockchain provides more assurances to whitehats. Covered significant hacks, hacker communications, and million-dollar bounties.

ETHDam 2024

Auditors & Bounty Hunters: who should secure your bags?

Panel discussion with Oliver Hörr (hats.finance), Erik Arfvidson (Euler Labs), and Josselin Feist (Trail of Bits), moderated by Matthias Egli (ChainSecurity).

TrustX 2023 (DevConnect Istanbul)

The Hacker Mentality: What makes one Succeed in the Bug Bounty World

Talk exploring the mindset and strategies that lead to success in bug bounty hunting, presented at TrustX during DevConnect Istanbul.

Solidity Summit 2023 (Devconnect)

Solidity's most common security pitfalls (and its best safeguards)

Talk on the most common security vulnerabilities in Solidity smart contracts and the best practices to prevent them.

Featured Quote on Back Cover

"I've taught crypto devs for many years. If you want to go from zero to hero in smart contracts, Mastering Ethereum is the definitive no-fluff guide I recommend above all to achieve that."

Hacking Back: Why Offensive Cyber Operations Are a Legal Minefield

"This is why firms should focus on operating under frameworks that prevent these scenarios entirely, like scaling bug bounty programs that channel security efforts into authorized, constructive activities. When security researchers work within this framework, they're protected legally, companies get stronger security, and innocent third parties are never put at risk."

Lazarus Group's favorite exploit revealed — Crypto hacks analysis

"[North Korean hackers] focus on a small number of high-value targets and can play a very long game, combining detailed technical knowledge with social engineering and spear-phishing capabilities."

Hack Analysis: 0xbaDc0dE MEV Bot, September 2022

"In this article, we will be analyzing the exploited vulnerability in the 0xbad smart contract without looking at any actual source code. We'll analyze the massive profit arbitrage transaction and see what we can learn from there, but also try a few decompiling tools to help us reach the same conclusion as the hacker."

Two probes will explore the early Solar System

"The points derive from the three-body problem, which considers the gravitational pull of just two bodies (in this case, the Sun and Jupiter), and then the few points where smaller points can remain stable are found through algebraic methods. The Trojan asteroids are celestial bodies that gathered around Jupiter's L4 and L5. The Lucy mission is crucial to understanding the history of the solar system."