#Smart-contract-security
Showing 20 of 20 repositories tagged #smart-contract-security, ranked by stars
DianXing - AI-Driven End-to-End Code Security Auditing
A curated list of smart contract attack vectors
Curated Web3 security learning hub for smart contract auditors and protocol teams: roadmaps, audit tools, public reports, fuzzing, formal verification, AI-assisted workflows, offchain security, incident response, and launch checklists.
Here I gather all the resources about hacking that I find interesting
Ethereum Commonwealth Security Department conducted over 400 security audits since 2018. Not even a single contract that we audited was hacked. You can access our audit reports in the ISSUES of this repo. We are accepting new audit requests.
AI Agent Skills for Smart Contract Auditing to generate triaged, industry grade report findings, code locations, pocs, attacker story flow graphs and more
18 Claude Code skill files for smart contract security โ built from 2,749 Immunefi reports, 681 DeFiHack reproductions, and real hunt experience
The purpose of this repo is to list all the related Research Papers focused on Smart-contracts security topics. As well as listing all the encountered smart-contracts defects with a summary description. ๐ก๏ธ
A curated list of awesome web3 formal verification resources -- including tools, tutorials, articles and more.
This repo contains anti-hack checklists, which will help projects to build and develop secure DeFi applications. If you find anything missing or want to update existing resources, you can create a pull request and contribute to the project.
Your go-to resource for all things Smart Contract Security. Featuring guidelines, best practices, and in-depth articles. Sections include: Vulnerabilities (SWC, OWASP Top 10), Learning Resources (Papers, Blogs, Courses), Tools & Libraries, and Architecture (Smart Contract Platforms, Languages). Stay secure with the latest updates!
Don't Get Rekt. Protect Your Crypto from Phishing & Scams
๐ก๏ธ Ghosts is a free smart contract security study and revision platform. Initially based solely on previous Secureum Races to wit we use all of the previous race content and simulate an engaging, incentivized learning platform for aspiring smart contract security researchers.
My Blockchain auditing service
๐ฆ CodeHawks documentation
A practical, research-friendly toolkit demonstrating how Python can read, parse, and analyze Solidity smart contracts using feature-engineering techniques. Extracts structural and security-relevant signals from Solidity code, detects risky patterns, builds interpretable features, and forms the basis for heuristic or ML-driven security analysis.
A deep research study introducing the concept of Economic DNA Repair for smart contracts, designing self-correcting tokenomics that detect anomalies, repair unstable parameters, rebalance incentives, and restore economic equilibrium. Explores adaptive rewards, automated governance, liquidity healing, and resilience in decentralized systems.
AI prompts for web3 security researchers โ bug bounties, private audits, and contests
Your go-to resource for all things Smart Contract Security. Featuring guidelines, best practices, and in-depth articles. Sections include: Vulnerabilities (SWC, OWASP Top 10), Learning Resources (Papers, Blogs, Courses), Tools & Libraries, and Architecture (Smart Contract Platforms, Languages). Stay secure with the latest updates!
Bytecode Truth, Not Source is a deep technical exploration of why smart-contract source code cannot be trusted as the ground truth for security. This repository shows how compiler optimizations, hidden assembly, proxies, and unreachable logic make verified Solidity misleading, and why only EVM bytecode reveals actual on-chain behavior.