Home

Awesome

BlockChain-Security-List About cryptocurrency security. (reverse, exploit, fuzz..)

欢迎加入!此List会跟踪最新情报实时更新。

alt text alt text

Tools

mythril - Security analysis tool for Ethereum smart contracts

manticore - Symbolic execution tool

Slither - Slither combines a set of proprietary static analyses on Solidity

Porosity - Decompiler and Security Analysis tool for Blockchain-based Ethereum Smart-Contracts

Echidna - Ethereum fuzz testing framework

Oyente - An Analysis Tool for Smart Contracts

Porosity - Decompiler and Security Analysis tool for Blockchain-based Ethereum Smart-Contracts.

Mythril - Security analysis tool for Ethereum smart contracts.

MAIAN - Automatic tool for finding trace vulnerabilities in Ethereum smart contracts.

Echidna - Ethereum fuzz testing framework.

Manticore - Manticore uses symbolic execution to simulate complex multi-contract and multi-transaction attacks against EVM bytecode.

Ethersplay - A graphical EVM disassembler with advanced features. (Binja)

Oyente - An automatic EVM code analyzer based on symbolic execution and Z3 SMT solver.

IDA-EVM - IDA Processor Module for the Ethereum Virtual Machine.

Evmdis - EVM disassembler.

Securify - Formal Verification of Ethereum Smart Contracts.

Rattle - Rattle is an EVM static analyzer that analyzes the EVM bytecode directly for vulnerabilities.

Slither - Static analyses on Solidity.

Diligence - Security Services, Tools and Best Practices for the Ethereum Ecosystem. fuildai - Fluid is an AI that can automatically find and fix fatal security vulnerabilities in Smart Contracts.

Blogs

区块链安全专题智库

PeckShield Inc. - Blog

Security Archives - Ethereum Blog

Blockchain-sec

猎豹移动区块链中心

隐形人真忙-区块链安全

Trailofbits-blockchain

blackhat - Blackhat Ethereum.

solidified - Parity hack.

arvanaghi 1 - Reversing ethereum smart contracts.

arvanaghi 2 - Reversing ethereum smart contracts 2.

ret2 - Practical ETH decompilation.

loom-network - 6 vulnerabilities and how to avoid them part 1.

ETH assembly - Lets talk assembly.

radare2 - Reversing EVM bytecode with radare2.

Etherum security tools - Trailofbits Ethereum security tools.

Hackernoon - Analyzing Ethereum smart contracts for vulnerabilities.

nccgroup - Discovering Smart Contract Vulnerabilities with GOATCasino.

Arseny Reutov - Predicting Random Numbers in Ethereum Smart Contracts.

funfair - Randomness is a big deal.

Training

Ethernaut - The ethernaut is a Web3/Solidity based wargame.

GOATCasino - GOATCasino is a Truffle project which deploys a set of intentionally vulnerable smart contracts.

Events

Blockchain-Graveyard

Coindesk //search keyword,like 'hack'、'attack'...

36kr-tag-anquan

cnn-bitcoin-crime

scmagazineuk-cryptocurrency

Vulnerabilities

DASP

Smart Contract Best Practices

BitcoinWiki-Weaknesses

BitcoinWiki-CVEs

Go-ethereum issue vuln

Examples of Solidity security issues

Scanning-ethereum-smart-contracts-for-vulnerabilities

Smart Contract Security

Solidity Security Considerations

MISC

dasp - Decentralized Application Security Project (or DASP) Top 10 of 2018.

Not so smart conracts - Examples of Solidity security issues.

EVM opcodes - Ethereum opcodes and instruction reference.

Threats

Go-ethereum issue bug

Solidity issue bug

Reddit ethereum

Bitcointalk

Stackexchange ethereum security

Stackexchange bitcoin security

Paper

区块链安全分析报告

区块链安全生存指南

Hacking Blockchain

BGP hijacking

Safe-wallet-white-paper

Blockchains-how-to-steal-millions-in-264-operations

Quantum attacks on Bitcoin, and how to protect against them

Eclipse Attacks on Bitcoin’s Peer-to-Peer Network

Smarter - Making Smart Contracts Smarter.

Yellow Paper - Ethereum: a secure decentralised generalised transaction ledger.

Reports

New allowAnyone Bug Identified in Multiple ERC20 Smart Contracts

Analyzing and Reproducing the EOS Out-of-Bound Write Vulnerability in nodeos

Audit report of iohk’s etc wallet

Audit report of the waves platform

Awesomes

solidity-audit-checklist

EOS bp nodes security checklist

pentesting-ethereum-dapps

awesome

awesome ethereum

awesome ethereum virtual machine

Jobs

Slowmist

Ethercasts

Solidified

codementor

iosiro

The author

I'M , Thanks to all blockchain security researchers