Joined December 2022
- Tweets 1,107
- Following 491
- Followers 1,876
- Likes 884
142 Photos and videos
Pinned Tweet
May 7
🗣️New: TestMachine Telegram
For TestMachine users, exploit hunters, and paranoid Web3 builders.
Live exploit breakdowns, audit alpha, attack vectors, and AI security talk — high signal only!
Join: t.me/ MwJN2TM_mccwYmQx
1
1
14
636,396
100 new users. 30 days.
The numbers don't lie.
→ Scan your repo and see what's hiding: app.testmachine.ai
1
2
65
Jun 12
New: Azimuth Referral Program
You can help us bring world class security to DeFi through our Azimuth Referral Program: earn 1:1 Azimuth credits for every successful referral.
If they top up $100 in credits → You receive $100 in credits. It’s that easy!
Serious security shouldn't be a luxury good.
The future of auditing is faster, more accessible, and available to every builder.
Contact us at testmachine.ai for your custom referral code!
1
2
6
232
Jun 11
AI slop is killing bug bounty programs.
Bug bounties are drowning in AI generated “critical” vulnerabilities that look real, but aren’t.
THORChain and Code4rena have both shut down their programs. Even curl (Web2) cited “slop” as the reason for closing.
So what does this mean for DeFi protocols?🧵
2
10
406
Jun 11
We pointed Azimuth at the @ZetaChain gateway contract after the exploit.
It reconstructed the destination-side attack vector from the contract alone, and flagged exactly where its visibility ended.
It found the vulnerability but didn't fully see the potential damage that was exploited.
1
3
79
Jun 11
To bridge this gap we need to redefine what a finding is.
We're building a verification layer that scores trigger conditions, reachability, and attacker economics before they ever reach a human reviewer.
The goal isn't to generate more findings, it's to ensure the findings that matter are impossible to ignore.
Findings need to arrive with evidence proof.
That’s exactly what we’ve built Azimuth to do.
Full breakdown in our blog → testmachine.ai/blog/fog-of-s…
1
65
Jun 11
Models only use 10% of their brain... TestMachine uses 100%
2
3
98
Jun 10
1/12
Hundred Finance lost $7.4M because a small accounting flaw became a real, executable attack path.
Not because auditors missed a bug -- but because nobody proved it was exploitable until it was too late.
We ran Azimuth on a live CErc20Delegator market on Optimism. Here's what the scan found.
2
5
38
4,378
Jun 10
11/12
These three findings do not exist in isolation. Finding #1 enables Finding #2.
The same inflated exchange rate that powers share inflation is the precondition that causes redemption truncation.
One shared attack surface. Two independent High-severity paths.
Static analysis sees separate bugs.
Execution-aware analysis sees the full picture.
1
232
Jun 10
12/12
The gap between "we found an issue" and "we understand whether an attacker can actually use it" is where most major DeFi exploits live.
Azimuth is built to close that gap.
For teams deploying CErc20-style forks: which of these three attack surfaces --
first-depositor share inflation
redemption truncation without burning
permanent market freeze -- do you find hardest to catch reliably before launch?
1
192