From 7027f61a109b9d018617b03ee1f8328130e6dcd9 Mon Sep 17 00:00:00 2001
From: "dr. mia von steinkirch, phd"
 <1130416+mvonsteinkirch@users.noreply.github.com>
Date: Fri, 17 Feb 2023 16:25:12 -0800
Subject: [PATCH] add bug bounty list

---
 bug_hunting/README.md | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 bug_hunting/README.md

diff --git a/bug_hunting/README.md b/bug_hunting/README.md
new file mode 100644
index 0000000..39eb186
--- /dev/null
+++ b/bug_hunting/README.md
@@ -0,0 +1,38 @@
+## bug hunting smart contracts
+
+<br>
+
+### initial questions  
+
+<br>
+
+* list `external` and `public` functions. 
+* when and where external call happens and what changes.
+* check `payable` functions.
+* how functions are accessed (permissions by who).
+* follow the flow for transfers.
+
+<br>
+
+### look for common vulnerabilities
+
+<br>
+
+* reentrancy with flashloans, fallbacks, payables.
+* access control.
+* arithmetic errors.
+
+<br>
+
+### create an enviroment for testing
+
+<br>
+
+* static analysis
+* fuzzing and poc exploits (use foundry)
+
+<br>
+
+---
+
+### resources