SEC554: OnDemand

Provided by

Enquire about this course

What You Will Learn

In 2008, an anonymous author using the pseudonym Satoshi Nakamoto, published a white paper outlining a public transaction ledger for a decentralized peer-to-peer payment system entitled Bitcoin: A Peer-to-Peer Electronic Cash System, which is regarded as the "birth" of blockchain. Since then, the use of blockchain has evolved beyond its original implementation as a cryptocurrency. It has gained momentum in recent years, being adopted by some of the largest organizations in the world, including IBM, Amazon, PayPal, Mastercard, and many others. However, due to the fast moving innovation and adoption of blockchain, and the unfamiliar concepts compared to more understood and traditional technologies, its use is still hindered by speculation, confusion, uncertainty, and risk.

In SEC554: Blockchain and Smart Contract Security, you will become familiar with essential topics of blockchain and smart contract technology, including its history, design principles, architecture, business use cases, regulatory environment, and technical specifications. The course takes a detailed look at the mechanics behind the cryptography and the transactions that make blockchain work. It provides exercises that will teach you how to use tools to deploy, audit, scan, and exploit blockchain and smart contract assets. Hands-on labs and exercises will enable you to deploy, audit, scan, and exploit various blockchain implementations, such as Bitcoin, Ethereum, Solana, Cosmos, Near and others, as well as smart contract languages like Solidity and Rust, along with protocols, such as NFTs, DeFi, and Web3.

There have already been widespread security breaches, fraud, and hacks on blockchain platforms, resulting in billions of dollars in losses. These issues, along with growing scrutiny by government agencies to find malicious users abusing the technology, is tarnishing blockchain's reputation. SEC554 approaches blockchain security and smart contracts from an offensive perspective to inform students what vulnerabilities exist, how they are exploited, and how to defend against attacks that are currently leveraged today. Some of the skills and techniques you will learn include how to:
  • Interact with and get data from public blockchains
  • Exploit several types of smart contract vulnerabilities
  • Test and exploit weak cryptography/entropy
  • Discover and re-create private keys
  • Understand what cryptojackers do and how to trace and track movements on blockchain
  • Combat non-technical or social engineering types of attacks that adversaries use to access and steal from victims
We can see the many solutions blockchain technology can provide as a payment system, but as the technology is increasingly adopted, its attack surface will continue to grow. While there are some educational resources available for blockchain, there is relatively little educational content around blockchain security. No other training provides the comprehensive level of blockchain testing, exercises and knowledge that SEC554 delivers.

You Will Be Able To
  • Compile and deploy smart contracts
  • Exploit vulnerable smart contracts, nodes, and private keys
  • Run automated security scans on smart contracts
  • Use the latest blockchain tools for development, security, auditing, and exploiting
  • Trace and discover blockchain transaction information
  • Set up and protect a cryptocurrency wallet
  • Crack partially exposed mnemonics keys
  • Send transactions to blockchain
  • Set up a local Ethereum blockchain for testing
  • Join a cryptocurrency mining pool, or create your own mining node
  • Run static analysis on EVM bytecode
  • Interact with cryptocurrency on main and test networks
  • Investigate, install, and prevent crypto-jacking malware
  • Protect and defend against privacy attacks on blockchain
You Will Receive With This Course
  • ZIION blockchain and smart contract testing and development platform
  • Access to a full Bitcoin testnet node
  • Reference documents outlining all the common smart contract vulnerability classes
  • Cheat sheet for the most common blockchain CLI tool commands
  • 28 labs with custom tools
  • Course workbook


Start date Location / delivery
No fixed date Virtual Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...