🧱⛓☠️ blockchain hacking

---

tl; dr

👾 this repository contains resources for blockchain white hackers or gray hackers.

👾 for mev-related resources, check out mev-toolkit. to learn blockchain development, check out web3-toolkit-rs, web3-toolkit-py, web3-toolkit-go, and web3-toolkit-sol.

⚠️ the resources in this repository are from my own ongoing boundless research. therefore, no guarantees, no promises; use it at your own risk.

---

☠️✨ dirs in this repo

• cosmos
• attack reviews
• cryptography
• decentralized storage
• dynamic analysis
• the evm && opcodes
• gray hacker tools
• hardhat
• l2s && rollups
• oracles
• solana
• static analysis
• vulnerabilities

---

☠️✨ hacking tools

• Ethstats
• EthTx Transaction Decoder
• Solidity decomposer
• Eth converter
• Contracts diff checker
• Mutation Testing for Ethereum Smart Contracts
• Ethereum nodes
• ERC20 verifier and the source code
• ANKR RPC gateway
• burp's web3 decoder
• Oyente, analysis Tool for Smart Contracts
• Trail of Bits' Ethereum Security Toolbox
• Securify, Security scanner for Ethereum smart contracts
• Surya, A Solidity Inspector
• Octopus, Security Analysis tool for WebAssembly
• ETK, EVM toolkit
• Pyevmasm, EVM disassembler and assembler
• Verx, smart contract verifier
• Semgrep rules for smart contracts
• ETH detective
• EVM-trace, Ethereum Virtual Machine transaction tracing tool
• Sleuthing Hashed Function Signature and Event Signature on Ethereum
• Pratical overview of classic system security
• socketscan, track bridge transactionss
• Solhint, a linter for Solidity
• Solidity coverage tool
• JSON formatter
• Craft requests from curl commands
• Tools by Notonly.owner
• Ethereum Developer Tools List
• Immunefi scrapper
• Crystal Blockchain
• 0XT
• Impersonator
• CIA Officer's DeFi Roadmap
• Mnemonic Code Converter
• Tornado Cash Pool Anonymity Auditor
• Cryptocurrency historical data snapshot
• Explain shell
• revoke.cash
• breadcrumbs
• cookbook.dev
• detect metamorphic contracts
• rpcs list by privacy
• tenderly
• token security detector
• smart contract explorers

decompilers

• oko
• jeb
• dedaub
• ethervm.io

visual / graph explorers

• data viz for evm-based blockchains
• watchers.pro
• crypto flows
• spider foots
• cosmographs
• ice vision

---

☠️✨ security resources

• SWC Registry
• Blockchain Security Database
• Intro to Security first dev
• Spoof tokens on Ethereum
• Solidity security mind map
• Pitfalls and best practices
• Hacking the Blockchain by Immunefi
• Uniswap Oracle Attack Simulator by Euler
• Thinking About Smart Contract Security by Vitalik
• Advanced Pitfalls and best practices
• The Evolution of Smart Contract Security
• Audit findings
• Advanced audit findings
• Video on audit findings
• Sigp public audits
• The Dangers of Price Oracles in Smart Contracts
• Strategies for Secure Governance with Smart Contracts
• Security in Upgrades of Smart Contracts
• Onward with Smart Contract Security
• Publications from Trail of Bits
• Smart contract security fundamentals by OpenZeppelin
• White Hat panel: DeFi exploits
• Smart contract audit checklist
• Another audit checklist
• Ethereum signature database
• OpSec SelfGuard RoadMap
• The Solcurity Standard
• Smart Contract Security Verification Standard
• SecurETH Guidelines
• REKT leaderboard
• Smart Contract Attack Vectors
• List of known attack vectors
• Awesome Ethereum security
• Bug Bounty 101
• DeFi hacks analysis and root causes

---

☠️✨ practicing your hacking skils

• Capture the Ether
• the ethernaut
• Paradigm CTF 2022 and Paradigm CTF 2021.
• Damn vulnerable DeFi
• A collection of EVM puzzles
• Gamefication vault
• Cipher Shastra
• Etherhack
• DeFiHack.xyz
• w3b s3c
• Crypto blacklist
• Vyper Punk
• more blockchain ctfs
• list of blockchain CTF competitions

contracts of interest

• Uniswap v3
• Chainlink
• Fei protocol
• OpenZeppelin's ERC-20
• OpenZeppelin's ERC-721
• Immunefi notes on the ERC token standard
• Security contracts from OpenZeppelin
• Smart contracts attack vectors