Project Introduction
LLMs are already proved that it has a strong potential to find 0days from any platforms.
- https://aicyberchallenge.com/
- https://issuetracker.google.com/issues?q=componentid:1836411
- Google Big Sleep bug tracker
- https://www.hacktron.ai/blog/supapwn
A few weeks ago, I tried to give it a shot to finding vulnerabilities from some unfamiliar research target to me, Web3( blockchain, DeFi or whatever… ).
I only solved Damn Vulnerable DeFi wargame before and have 0 experience about auditing real-world smart contracts code or blockchain node implementation.
I used Claude Code + Sonnet 4.5 model and I found my first high severity vulnerability in smart contracts!
- ref: https://x.com/exp_only_no_poc/status/1997157210435264512
To be honest, I couldn’t found any fun when I was auditing smart contracts code manually even though it is very expensive target compared to traditional old research targets like browser, kernel, mobile, etc… So I don’t want to digging into the web3 bug bounty too deeply, just want to picking some low-hanging fruits by automating the process with LLM. Maybe we can finding some funs by tuning the LLM to web3 bug hunting automata with worthy profit.
I think there are some other competitors(?) are already trying to use LLM in same way but web3 bug bounty world is huge and I think it is not niche area as much as traditional major research targets.
- https://v12.zellic.io/
- https://x.com/QED_Audit
- https://github.com/qriousec/web3_finding
Send DM to @exp_only_no_poc on X platform if you have any interest for this project!