Awesome
BlockChain-Security-List About cryptocurrency security. (reverse, exploit, fuzz..)
欢迎加入!此List会跟踪最新情报实时更新。
Tools
mythril - Security analysis tool for Ethereum smart contracts
manticore - Symbolic execution tool
Slither - Slither combines a set of proprietary static analyses on Solidity
Porosity - Decompiler and Security Analysis tool for Blockchain-based Ethereum Smart-Contracts
Echidna - Ethereum fuzz testing framework
Oyente - An Analysis Tool for Smart Contracts
MAIAN - Automatic tool for finding trace vulnerabilities in Ethereum smart contracts.
Ethersplay - A graphical EVM disassembler with advanced features. (Binja)
IDA-EVM - IDA Processor Module for the Ethereum Virtual Machine.
Evmdis - EVM disassembler.
Securify - Formal Verification of Ethereum Smart Contracts.
Rattle - Rattle is an EVM static analyzer that analyzes the EVM bytecode directly for vulnerabilities.
Diligence - Security Services, Tools and Best Practices for the Ethereum Ecosystem.
fuildai - Fluid is an AI that can automatically find and fix fatal security vulnerabilities in Smart Contracts.
bp nodes security checklist[超级节点安全执行指南]
EOS bp nodes security checklist(EOS超级节点安全执行指南)
VeChain core nodes security checklist(唯链核心节点安全执行指南)
Ontology Triones Service Node security checklist(本体北斗共识集群安全执行指南)
Blogs
Security Archives - Ethereum Blog
blackhat pdf for cansecwest 2018 - Blackhat Ethereum.
solidified - Parity hack.
arvanaghi 1 - Reversing ethereum smart contracts.
arvanaghi 2 - Reversing ethereum smart contracts 2.
ret2 - Practical ETH decompilation.
loom-network - 6 vulnerabilities and how to avoid them part 1.
ETH assembly - Lets talk assembly.
radare2 - Reversing EVM bytecode with radare2.
Etherum security tools - Trailofbits Ethereum security tools.
Hackernoon - Analyzing Ethereum smart contracts for vulnerabilities.
nccgroup - Discovering Smart Contract Vulnerabilities with GOATCasino.
Arseny Reutov - Predicting Random Numbers in Ethereum Smart Contracts.
funfair - Randomness is a big deal.
Training
Ethernaut - The ethernaut is a Web3/Solidity based wargame.
GOATCasino - GOATCasino is a Truffle project which deploys a set of intentionally vulnerable smart contracts.
Events
Coindesk //search keyword,like 'hack'、'attack'...
Vulnerabilities
Examples of Solidity security issues
Scanning-ethereum-smart-contracts-for-vulnerabilities
Solidity Security Considerations
以太坊生态缺陷导致的一起亿级代币盗窃大案(2018-03-20)
EOSIO P2P Sybil Attack(2018-05-29)
EPoD: Ethereum Packet of Death (CVE-2018-12018)
New evilReflex Bug Identified in Multiple ERC20 Smart Contracts (CVE-2018-12702,CVE-2018-12703)
MISC
dasp - Decentralized Application Security Project (or DASP) Top 10 of 2018.
Not so smart conracts - Examples of Solidity security issues.
EVM opcodes - Ethereum opcodes and instruction reference.
Threats
Stackexchange ethereum security
Stackexchange bitcoin security
Paper
Blockchains-how-to-steal-millions-in-264-operations
Quantum attacks on Bitcoin, and how to protect against them
Eclipse Attacks on Bitcoin’s Peer-to-Peer Network
Smarter - Making Smart Contracts Smarter.
Yellow Paper - Ethereum: a secure decentralised generalised transaction ledger.
以太坊 Solidity 合约 call 函数簇滥用导致的安全风险
从以太坊"MorphToken事件"看智能合约构造函数大小写编码错误漏洞
以太坊 Solidity 合约 call 函数簇滥用导致的安全风险
Reports
New allowAnyone Bug Identified in Multiple ERC20 Smart Contracts
Analyzing and Reproducing the EOS Out-of-Bound Write Vulnerability in nodeos
Audit report of iohk’s etc wallet
Audit report of the waves platform
Awesomes
EOS bp nodes security checklist
awesome ethereum virtual machine
Jobs
The author
I'M ,爱上平顶山 Thanks to all blockchain security researchers
thanks: 李嵩@blackhat pdf for cansecwest 2018