Skip to content
😎 Curated list about cryptocurrency security (reverse / exploit / fuzz..)
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md

README.md

Awesome cryptocurrency security

😎 Curated list about cryptocurrency security. (reverse, exploit, fuzz..)

alt text

Image from this Practical ETH decompilation blog .

Tools

Porosity - Decompiler and Security Analysis tool for Blockchain-based Ethereum Smart-Contracts.

Mythril - Security analysis tool for Ethereum smart contracts.

MAIAN - Automatic tool for finding trace vulnerabilities in Ethereum smart contracts.

Echidna - Ethereum fuzz testing framework.

Manticore - Manticore uses symbolic execution to simulate complex multi-contract and multi-transaction attacks against EVM bytecode.

Ethersplay - A graphical EVM disassembler with advanced features. (Binja)

Oyente - An automatic EVM code analyzer based on symbolic execution and Z3 SMT solver.

IDA-EVM - IDA Processor Module for the Ethereum Virtual Machine.

Evmdis - EVM disassembler.

Securify - Formal Verification of Ethereum Smart Contracts.

Rattle - Rattle is an EVM static analyzer that analyzes the EVM bytecode directly for vulnerabilities.

Slither - Static analysis on Solidity.

Diligence - Security Services, Tools and Best Practices for the Ethereum Ecosystem.

fuildai - Fluid is an AI that can automatically find and fix fatal security vulnerabilities in Smart Contracts.

vs code - Solidity Visual Auditor Extension for VS Code

Blogs

muellerberndt - Practical Smart Contract Security Analysis and Exploitation— Part 1

blackhat - Blackhat Ethereum.

solidified - Parity hack.

arvanaghi 1 - Reversing ethereum smart contracts.

arvanaghi 2 - Reversing ethereum smart contracts 2.

ret2 - Practical ETH decompilation.

loom-network - 6 vulnerabilities and how to avoid them part 1.

ETH assembly - Lets talk assembly.

radare2 - Reversing EVM bytecode with radare2.

Etherum security tools - Trailofbits Ethereum security tools.

Hackernoon - Analyzing Ethereum smart contracts for vulnerabilities.

nccgroup - Discovering Smart Contract Vulnerabilities with GOATCasino.

Arseny Reutov - Predicting Random Numbers in Ethereum Smart Contracts.

funfair - Randomness is a big deal.

Training

Ethernaut - The ethernaut is a Web3/Solidity based wargame.

GOATCasino - GOATCasino is a Truffle project which deploys a set of intentionally vulnerable smart contracts.

ctf challs SWAMPCTF

MISC

dasp - Decentralized Application Security Project (or DASP) Top 10 of 2018.

Not so smart conracts - Examples of Solidity security issues.

EVM opcodes - Ethereum opcodes and instruction reference.

mint integer overflow mint integer overflow.

Uninitialized Pointer Storage Allocation Exploits in Ethereum Smart Contracts.

Paper

Smarter - Making Smart Contracts Smarter.

Yellow Paper - Ethereum: a secure decentralised generalised transaction ledger.

Awesomes

awesome

awesome ethereum

awesome ethereum virtual machine

Jobs

Ethercasts

Solidified

codementor

iosiro

audithor

Twitter

@withzombies @chaignc @trailofbits


By @chaignc #HexpressoTeam.

You can’t perform that action at this time.