blockchains-security-toolkit/README.md

🧱⛓☠️ 1337 blockchain hacker toolkit

🍩 sections in this repo

ethereum

• solidity
• the evm and opcodes

other chains

• solana

tools

• static analysis
• dynamic analysis
• foundry
• tenderly
• oracles

general

• vulnerabilities
• top immunefi vulns
• gray hacker stuff

---

🍧 resources

the evm

• EVM opcodes
• Ethereum book
• Ethereum's Whitepaper
• Understanding rollups
• Speeding up the EVM by Flashbots

---

solidity

• Solidity docs
• OpenZeppelin docs
• Solidity by example
• Solidity style guide
• Solidity 201 primitives
• Solidity Python course
• Solidity by Securitum bookcamp
• Smart contract programmer videos
• Ethereum smart contract best practices
• Solidity cheatsheet and best practices
• Vscode plugin: Solidity visual
• Vscode plugin: Solidity support

---

🥧 all things security

• SWC Registry
• Blockchain Security Database
• Intro to Security first dev
• Spoof tokens on Ethereum
• Solidity security mind map
• Pitfalls and best practices
• Hacking the Blockchain by Immunefi
• Uniswap Oracle Attack Simulator by Euler
• Thinking About Smart Contract Security by Vitalik
• Advanced Pitfalls and best practices
• The Evolution of Smart Contract Security
• Audit findings
• Advanced audit findings
• Video on audit findings
• Sigp public audits
• The Dangers of Price Oracles in Smart Contracts
• Strategies for Secure Governance with Smart Contracts
• Security in Upgrades of Smart Contracts
• Onward with Smart Contract Security
• Publications from Trail of Bits
• Smart contract security fundamentals by OpenZeppelin
• White Hat panel: DeFi exploits
• Smart contract audit checklist
• Another audit checklist
• Ethereum signature database
• OpSec SelfGuard RoadMap
• The Solcurity Standard
• Smart Contract Security Verification Standard
• SecurETH Guidelines
• REKT leaderboard
• Smart Contract Attack Vectors
• List of known attack vectors
• Awesome Ethereum security
• Bug Bounty 101

documented defi and blockchains exploits

• defi hacks
• Rug Doc Wiki
• 246 Findings From our Smart Contract Audits
• rug pull checker tools

---

🥞 contracts of interest

• Uniswap v3
• Chainlink
• Fei protocol
• OpenZeppelin's ERC-20
• OpenZeppelin's ERC-721
• Immunefi notes on the ERC token standard
• Security contracts from OpenZeppelin

---

🧁 practice your hacking skils

• Capture the Ether
• the ethernaut
• Paradigm CTF 2022 and Paradigm CTF 2021.
• Damn vulnerable DeFi
• A collection of EVM puzzles
• Gamefication vault
• Cipher Shastra
• Etherhack
• DeFiHack.xyz
• w3b s3c
• Crypto blacklist
• Cipher Shastra
• Vyper Punk
• more blockchain ctfs
• List of blockchain CTF competitions

---

🍰 hacking tools

ethereum general

• Ethstats
• EthTx Transaction Decoder
• Eth converter
• Contracts diff checker
• Mutation Testing for Ethereum Smart Contracts
• Wallet impersonator
• Ethereum nodes
• ERC20 verifier and the source code

somehow relevant

• Oyente, analysis Tool for Smart Contracts
• Trail of Bits' Ethereum Security Toolbox
• Securify, Security scanner for Ethereum smart contracts
• Surya, A Solidity Inspector
• Octopus, Security Analysis tool for WebAssembly
• ETK, EVM toolkit
• Pyevmasm, EVM disassembler and assembler
• Verx, smart contract verifier
• Semgrep rules for smart contracts
• ETH detective
• EVM-trace, Ethereum Virtual Machine transaction tracing tool

other useful tools

• Solhint, a linter for Solidity
• Solidity coverage tool
• JSON formatter
• Craft requests from curl commands
• Tools by Notonly.owner
• Ethereum Developer Tools List
• Immunefi scrapper
• Crystal Blockchain
• 0XT
• Impersonator
• CIA Officer's DeFi Roadmap
• Mnemonic Code Converter
• Tornado Cash Pool Anonymity Auditor
• Cryptocurrency historical data snapshot