Awesome

How to get started as a smart contract auditor

Becoming a smart contract auditor can be daunting if you don't know where to start. The truth is you don't have to come from a super technical background to become a smart contract auditor. The eye for detecting where things can go wrong is a strongsuit most auditors have to foresee vulnerabilities that can graduate to detrimental attacks. Here is a concise repo of auditing resources from Youtube videos, articles, docs, and excerpts to get you started on your bug hunting journey. Please share. Let's make Web3 a safer place. </br>

• Quick Start 🎊

Secure Smart Contract Development

• OpenZepplin Contracts </br>
• Defender 2.0 by OpenZepplin </br>
• Ethereum Improvement Proposals(EIP) </br>
• How to become a smart contract auditor | The complete roadmap 2023

Ethereum TL:DR

• Whitepaper </br>
• Use-case for Smart Contracts
• Zellic 2023 Smart Contract Source Index

Youtube Videos

• Bug Bounty Playlist </br>
• Solidity Smart Contracts in 100 seconds </br>
• Smart Contract Security and Auditing 101 by Chainlink
• EatTheBlocks: How to audit your smart contract code </br>
• EatTheBlocks: Gas Optimization in Solidity: 10 tips </br>
• NEAR Smart Contract Security Course </br>
• 32-Hour Course on Solidity </br>
• Secureum Bootcamp - Ethereum 101 </br>
• Rust Tutorial Full Course </br>
• Secure Development Series
• Spearbit DAO Youtube </br>
• SolidityATL Web3 Security Fall '23 Session 3 </br>

Testing Frameworks

• Truffle </br>
• Foundry </br>
• Hardhat </br>
• Brownie </br>

Articles

• How to become a smart contract auditor by Cmichel <br>
• Solidity Learning: revert(), assert(), and require() in Solidity, and the New REVERT Opcode in the EVM </br>
• Awesome Blockchain Security by xxxeyJ </br>
• Check out Rekt.news Leaderboard! </br>
• All known smart contract-side and user-side attacks and vulnerabilities in Web3.0, DeFi, NFT and Metaverse + Bonus by Officer CIA </br>
• MEV Explore - Post-Merge
• Unsafe Delegatecall (Part #2) | Hack Solidity #5
• Severity Classification System

IDEs

• Remix </br>
• VS Code </br>
• EthFiddle </br>
• ChainIDE </br>
• Audit Wizard by Auditware </br>
• Find more IDEs recommended by the Ethereum Foundation here

Token standards

• Token standards

ETH Ecosystem Best Practices

• Ethereum Whitepaper
• List from Consensys </br>
• Smart Contract Weakness Classification and Test Cases </br>
• Common Web3 Security Issues </br>

Contest and Compete

CTFs

• Paradigm CTF </br>
• QuillAudits CTF </br>
• Damn Vulnerable DeFi </br>
• Ethernaut

Bug bounties (Earn 🤑 to hack)

• Code4rena </br>
• Sherlock </br>
• CodeHawks </br>
• ImmuneFi </br>
• Hacken Proof </br>
• Audit One - Become an Auditor </br>

<b> Bug bounties (Community-driven) </b> </br>

• Code4rena Reports </br>
• Sherlock Reports </br>
• Spearbit </br>

Public Reports

<i> Tips: </b> Read past reports to train muscle memory to find common vulnerabilities that occur on smart contracts </i> </br>

<b> Auditing firms </b>