A
ARGUS
10-EYE recon + correlation engine
LIVE - Updated 2026-05-09T14:00:02Z
auto-refresh every 10 min
DAY 29 / 90 of 90-day challenge

Snapshot

Methodology Rules
37
cumulative since Day 1
Disclosures Sent
1
awaiting reply
Walks Averted
9
submission slots saved (30d)
Active Findings
2
pending submission/payout

Detail (click to expand)

🎯Active Findings 2
FindingTargetSeverityEst. PayoutStatus
dYdX v4 Megavault equity asymmetrydYdX v4 (Cantina)HIGH$150K-$1MCandidate - Skeptic gates 1+5 pending Day 30
Centrifuge V3.1 Gateway.retry duplicate-executionCentrifuge ProtocolHIGH$15-50K DAIDisclosed - awaiting acknowledgement
Recent Walks (Methodology Defense) 9
DateTargetReasonSaved
2026-05-09dYdX v4 Cantina (Cosmos hook ordering)Architecture mismatch - dYdX uses direct keeper imports + ABCI order, not hooks pattern. Banked sub-rule under Rule 36.Cantina submission slot + 4-6h Buddy time
2026-05-08Fireblocks MPC BugcrowdPattern A docs explicitly require event_id dedup (Rule 34 sub-rule)Bugcrowd submission slot
2026-05-08Centrifuge V3.1 Sherlock contest 1028Contest finished Nov 17 2025 (Rule 35)Sherlock submission slot - pivoted to direct disclosure
2026-05-08Babylon Phase-2 cycles 1+2Disclosed GHSAs already public + Skeptic gate 4 unconfirmed2 Sherlock submission slots
2026-05-08Kinepolis Lane BCapacitor APK region-locked + OIDC findings only P5 informationalIntigriti submission slot
2026-05-08TrueLayer cycle 2 weaponizeTrueLayer docs explicitly require event_id dedup (Rule 34 sub-rule founder)Intigriti submission slot
2026-05-08OpenSea + Auth0 + Adstruc sourcemapsTier B classified (no secrets in compiled bundles per Rule 34 logic)3 Bugcrowd/H1 submission slots
2026-05-07Venly Intigriti actuator clusterBanner-grabbing class explicitly OOS in Venly OOS list (Rule 33 founder)Intigriti submission slot
📚Rules Banked 37
#RuleDateSummary
RULE 37Adapt primitive to architecture, don't walk on mismatch2026-05-09Walks belong to scope/status/saturation - NOT architecture-mismatch. Audit primitives compound at INVARIANT level, not syntax level. Unlocked dYdX HIGH finding within hours.
RULE 36Lane B pattern saturation landscape2026-05-08Track which primitives are saturated vs fresh. Spend ~50% time on novel primitive discovery.
RULE 35Verify Sherlock contest STATUS first (Step -1)2026-05-08Sherlock contest pages SPA-rendered, can't auto-extract. Browser-verify Open/Judging/Finished before scope work.
RULE 34Information-disclosure findings need exploitable follow-on (Tier A/B)2026-05-08Generalizes Rule 33 to sourcemap/openapi/banner/verbose-error/.env classes. Pure disclosure = OOS-class on most programs.
RULE 33Actuator findings need exploitable endpoint2026-05-07Pure /actuator+/info = banner-grabbing class = OOS. Need /env, /heapdump, /loggers, /shutdown to be Tier A.
📊Programs & Scope 889 programs
Programs
889
889 active / 0 suspended
In-Scope Assets
45,293
across all programs
Vendor Clusters
9
52 members
Total Signals
2,110
cumulative all EYEs
🚨Signal Tiers 12 T1 / 738 T2 / 1,360 T3
Tier-1 Alerts
12
submission-worthy
Tier-2 Signals
738
deferred / follow-up
Tier-3 Signals
1,360
tracking / informational
Unprocessed 24h
0
awaiting Brain
👁️EYE Breakdown 2,110 signals across 7 EYEs
EYE_0: 25EYE_1: 986EYE_2: 0EYE_3: 16EYE_4: 660EYE_5: 344EYE_10: 79
📡Recent Tier-1 + Tier-2 Signals 30
TierEYETypeTargetDetected
Tier-2EYE 10all-a-records-migratedwww.yeswehack.com1h ago
Tier-2EYE 10all-a-records-migrateditunes.apple.com1h ago
Tier-2EYE 10all-a-records-migratedwww.microsoft.com1h ago
Tier-2EYE 10all-a-records-migratedchrome.google.com1h ago
Tier-2EYE 10all-a-records-migratedwww.shffls.com1h ago
Tier-2EYE 10all-a-records-migratedauth.immutable.com1h ago
Tier-2EYE 10all-a-records-migrateddocs.immutable.com1h ago
Tier-2EYE 10all-a-records-migratedwiki.atom-lens.com1h ago
Tier-2EYE 10all-a-records-migratedwww.sophos.com1h ago
Tier-2EYE 10all-a-records-migrateddocs.sophos.com1h ago
Tier-2EYE 10all-a-records-migratedwww.assurancewireless.com1h ago
Tier-2EYE 10all-a-records-migrateddevedge.t-mobile.com1h ago
Tier-2EYE 10all-a-records-migratedapi.t-mobile.com1h ago
Tier-2EYE 10all-a-records-migratedtfb.t-mobile.com1h ago
Tier-2EYE 10all-a-records-migratedaccount.t-mobile.com1h ago
Tier-2EYE 10all-a-records-migratedwww.yeswehack.com7h ago
Tier-2EYE 10all-a-records-migrateditunes.apple.com7h ago
Tier-2EYE 10all-a-records-migratedchrome.google.com7h ago
Tier-2EYE 10all-a-records-migratedwww.shffls.com7h ago
Tier-2EYE 10all-a-records-migratedauth.immutable.com7h ago
Tier-2EYE 10all-a-records-migrateddocs.immutable.com7h ago
Tier-2EYE 10all-a-records-migratedapp.scaleft.com7h ago
Tier-2EYE 10all-a-records-migratedwiki.atom-lens.com7h ago
Tier-2EYE 10all-a-records-migratedapi.t-mobile.com7h ago
Tier-2EYE 10all-a-records-migratedaccount.t-mobile.com7h ago
📂Sourcemap Captures (EYE 3) 8
HostPathSizeFilesRecovered
marketplace.auth0.com/_next/static/chunks/pages/_app-5472c689...5696.1 KB12139h ago
marketplace.auth0.com/_next/static/chunks/pages/index-f374b1d...0.5 KB11d ago
marketplace.auth0.com/_next/static/chunks/framework-67c9938e3...183.8 KB91d ago
wallet.opensea.io/assets/index-DGk1JYWX.js.map9197.9 KB12371d ago
marketplace.auth0.com/_next/static/chunks/webpack-5aadf7b0e00...13.4 KB211d ago
marketplace.auth0.com/_next/static/chunks/main-7e69766e8eff35...656.8 KB1341d ago
clients.adstruc.com/static/js/main.45ab4b31.js.map15953.6 KB21411d ago
wallet.opensea.io/assets/index-BWT8Nbv7.js.map9197.9 KB12371d ago
🔧Recent High-Signal GitHub Commits (EYE 4) 12 of 23 watched repos
RepoLabelSHAMessageCommitted
coinbase/smart-walletsecuritye7fde11a50faAdd SECURITY.md (#167)10d ago
Uniswap/v4-peripherygeneric_bypass9dafaaecc1e2fix: pin npm to specific version in deploy workflow (#520)36d ago
babylonlabs-io/babylonsecurityd00e68415909chore(deps): bump google.golang.org/grpc from 1.77.0 to 1.79.3 in the go_modules group acr45d ago
babylonlabs-io/babylonsecurity65d793a0a8b8ci: enhance backport workflow security (#1977)53d ago
Uniswap/UniswapXsecurity9c8f9017a694fix: resolve zizmor GitHub Actions security findings (#362)59d ago
Uniswap/v4-peripherysecuritycfa74b47304dfix: resolve zizmor GitHub Actions security findings (#515)59d ago
babylonlabs-io/babylonsecurity0a2d17d8df02chore(deps): bump the go_modules group across 1 directory with 4 updates (#1974)67d ago
dydxprotocol/v4-chainsecurity07b2c964e689upgrade cometbft and cosmos-sdk for tachyon security fix (#3320)102d ago
Uniswap/UniswapXsecurity687d9e122082fix(DCA): dca allocation bug (#360)105d ago
Uniswap/UniswapXsecurity898d71736220ci: integrate Nethermind Audit Agent for automated security scanning (#357)107d ago
Truelayer/truelayer-signingsecurity868e7e7c04baBump Python library from 0.3.7 to 0.3.8 (#343)295d ago
Uniswap/v4-coresecurity5f00c8416c19Safer readme example (#961)401d ago
🏢Vendor Clusters 9
ClusterMembers
FDJ-Kindred16
ByteDance-TLB8
Atlassian-Edge7
Salesforce-Experience-Cloud6
Apple-Geneva-Staging5
Intergamma4
IDnow2
Mozilla-allizom-Staging2
AutoDiscovered-GitRepo-intergamma/shopfront2
🔄Recent State Transitions 3
HostNoteDetected
-state changed suspended->active16h ago
-state changed suspended->active1d ago
-state changed active->suspended1d ago