blockchains-security-toolkit/advanced_expert/bug_hunting at c95df54981cbaf1e9cb2775f98cb48fd4526d1f6 - Git-Mirrors/blockchains-security-toolkit - Gitea: Git with a cup of tea

Git-Mirrors/blockchains-security-toolkit

mirror of https://github.com/autistic-symposium/blockchains-security-toolkit.git synced 2025-05-15 05:02:22 -04:00

History

bt3gl 184e917000 organize chapters for the ongoing research, remove dead links, add new resources		2024-11-04 18:42:30 +07:00
..
README.md	organize chapters for the ongoing research, remove dead links, add new resources	2024-11-04 18:42:30 +07:00

README.md

bug hunting smart contracts

tl; dr

initial questions

list external and public functions.
when and where external call happens and what changes.
check payable functions.
how functions are accessed (permissions by who).
follow the flow for transfers.

look for common vulnerabilities

reentrancy with flashloans, fallbacks, payables.
access control.
arithmetic errors.

create an enviroment for testing

static analysis
fuzzing and poc exploits (use foundry)