{"id":13489426,"url":"https://github.com/smartbugs/smartbugs","last_synced_at":"2025-03-28T04:31:14.089Z","repository":{"id":39667502,"uuid":"186633437","full_name":"smartbugs/smartbugs","owner":"smartbugs","description":"SmartBugs: A Framework to Analyze Ethereum Smart Contracts","archived":false,"fork":false,"pushed_at":"2024-03-24T19:13:24.000Z","size":81969,"stargazers_count":521,"open_issues_count":4,"forks_count":128,"subscribers_count":18,"default_branch":"master","last_synced_at":"2024-04-06T23:31:46.538Z","etag":null,"topics":["blockchain","ethereum","solidity","vulnerability"],"latest_commit_sha":null,"homepage":"https://smartbugs.github.io/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/smartbugs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2019-05-14T13:56:10.000Z","updated_at":"2024-04-05T21:07:45.000Z","dependencies_parsed_at":"2023-02-12T06:01:15.891Z","dependency_job_id":"521bd5cf-16cd-407e-8127-4d95e47e8152","html_url":"https://github.com/smartbugs/smartbugs","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smartbugs%2Fsmartbugs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smartbugs%2Fsmartbugs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smartbugs%2Fsmartbugs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smartbugs%2Fsmartbugs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/smartbugs","download_url":"https://codeload.github.com/smartbugs/smartbugs/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245970568,"owners_count":20702443,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["blockchain","ethereum","solidity","vulnerability"],"created_at":"2024-07-31T19:00:27.448Z","updated_at":"2025-03-28T04:31:13.525Z","avatar_url":"https://github.com/smartbugs.png","language":"Python","funding_links":[],"categories":["Taxonomy \u0026 Benchmarks","Static Analysis"],"sub_categories":["[3Box](https://3box.io)"],"readme":"# SmartBugs: A Framework for Analysing Ethereum Smart Contracts\n\n\u003ca href=\"https://github.com/smartbugs/smartbugs/releases\"\u003e\u003cimg alt=\"Smartbugs release\" src=\"https://img.shields.io/github/release/smartbugs/smartbugs.svg\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/smartbugs/smartbugs/blob/master/LICENSE\"\u003e\u003cimg alt=\"Smartbugs license\" src=\"https://img.shields.io/github/license/smartbugs/smartbugs.svg?color=blue\"\u003e\u003c/a\u003e\n\u003cspan class=\"badge-crypto\"\u003e\u003ca href=\"#support-and-donate\" title=\"Donate to this project using Cryptocurrency\"\u003e\u003cimg src=\"https://img.shields.io/badge/crypto-donate-red.svg\" alt=\"crypto donate button\" /\u003e\u003c/a\u003e\u003c/span\u003e\n\u003ca href=\"#Supported-Tools\"\u003e\u003cimg alt=\"analysis tools\" src=\"https://img.shields.io/badge/analysis tools-20-blue\"\u003e\u003c/a\u003e\n\n\nSmartBugs is an extensible platform with a uniform interface to tools\nthat analyse blockchain programs for weaknesses and other properties.\n\n## Features\n\n- *20 supported tools, 3 modes* for analysing Solidity source\n  code, deployment bytecode, and runtime code.\n\n- *Modular integration of analysers.* All it takes to add\n  a new tool is a Docker image encapsulating the tool and a few lines\n  in a config file. To make the output accessible in a standardised\n  format, add a small Python script.\n  \n- *Parallel, randomised, restartable execution* of the tasks for the\n  optimal use of resources when performing a bulk analysis. If\n  execution is interrupted, it can be resumed by running SmartBugs\n  with the same parameters again.\n\n- *Standardised output format.* Scripts parse and normalise the output\n  of the tools to allow for an automated analysis of the results across\n  tools.\n\n- *Automatic download of an appropriate Solidity compiler* matching\n  the contract under analysis, and injection into the Docker image.\n\n- *Output of results in SARIF format,* for integration into Github\n  workflows.\n\n- *Platform independence:* SmartBugs has been tested with Linux, MacOS\n  and Windows.\n\n## Supported Tools\n\n|      | version | Solidity | bytecode | runtime code |\n| :--- | :--- | :---: | :---: | :--: |\n| [ConFuzzius](https://github.com/christoftorres/ConFuzzius) | #4315fb7 v0.0.1 | :heavy_check_mark: |                    |                    |\n| [Conkas](https://github.com/smartbugs/conkas)        | #4e0f256 | :heavy_check_mark: |                    | :heavy_check_mark: |\n| [Ethainter](https://zenodo.org/record/3760403)               |  |                    |                    | :heavy_check_mark: |\n| [eThor](https://secpriv.wien/ethor)           | 2023 |                    |                    | :heavy_check_mark: |\n| [HoneyBadger](https://github.com/christoftorres/HoneyBadger) | #ff30c9a | :heavy_check_mark: |                    | :heavy_check_mark: |\n| [MadMax](https://github.com/nevillegrech/MadMax) | #6e9a6e9     |                    |                    | :heavy_check_mark: |\n| [Maian](https://github.com/smartbugs/MAIAN)          | #4bab09a | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |\n| [Manticore](https://github.com/trailofbits/manticore)   | 0.3.7 | :heavy_check_mark: |                    |                    |\n| [Mythril](https://github.com/ConsenSys/mythril)       | 0.24.7 | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |\n| [Osiris](https://github.com/christoftorres/Osiris)        | #d1ecc37 | :heavy_check_mark: |                    | :heavy_check_mark: |\n| [Oyente](https://github.com/smartbugs/oyente)        | #480e725 | :heavy_check_mark: |                    | :heavy_check_mark: |\n| [Pakala](https://github.com/palkeo/pakala)   | #c84ef38 v1.1.10 |                    |                    | :heavy_check_mark: |\n| [Securify](https://github.com/eth-sri/securify)              |  | :heavy_check_mark: |                    | :heavy_check_mark: |\n| [Semgrep](https://github.com/Decurity/semgrep-smart-contracts)  | #c3a9f40 | :heavy_check_mark: |                    |                    |\n| [sFuzz](https://github.com/duytai/sFuzz) | #48934c0 (2019-03-01) | :heavy_check_mark: |  |  |\n| [Slither](https://github.com/crytic/slither)  | 0.10.4 | :heavy_check_mark: |                    |                    |\n| [Smartcheck](https://github.com/smartdec/smartcheck)         |  | :heavy_check_mark: |                    |                    |\n| [Solhint](https://github.com/protofire/solhint)         | 3.3.8 | :heavy_check_mark: |                    |                    |\n| [teEther](https://github.com/nescio007/teether)      | #04adf56 |                    |                    | :heavy_check_mark: |\n| [Vandal](https://github.com/usyd-blockchain/vandal)  | #d2b0043 |                    |                    | :heavy_check_mark: |\n\n\n\n## Installation\n\nSmartBugs has been tested with Linux, MacOS and Windows. It depends on\nDocker and Python.  For details, see the [installation\ninstructions](doc/installation.md).\n\n## Usage\n\nSmartBugs provides a uniform command-line interface to all tools.  Two\nutilities allow the user to reparse analysis results at any time after\nthe analysis and to extract the data into a form suitable for a\ndatabase.\n\nAs an example, the following commands analyse the contracts in the `samples` folder with all available tools and write the parsed output to `results.csv`.\n\n```console\n./smartbugs -t all -f samples/* --timeout 600\n./reparse results\n./results2csv -p results \u003e results.csv\n```\n\nFor details, see the [usage notes](doc/usage.md) and the [SmartBugs wiki](https://github.com/smartbugs/smartbugs/wiki).\n\n## Smart Contract Datasets\n\nSee our [information on available datasets](doc/datasets.md) if you\nare looking for input data. The number of contracts\nin these datasets ranges from 10 to 250,000.\n\n## Academia: How to Cite\n\nIf you use SmartBugs or one of the datasets above, you may want to cite\nyour sources. See the [list of publications](doc/academia.md) for details.\n\n## Support and Donate\nYou can show your appreciation for the project and support future development by donating.\n\n**🙌 ETH Donations:** `0xA4FBA2908162646197aca90b84B095BE4D16Ae53` 🙌\n\n## License\n\nThe [license](LICENSE) applies to all files in the repository,\nwith the exception of the smart contracts in the `samples` folder.\nThe files there were obtained from [Etherscan](http://etherscan.io)\nand retain their original licenses.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsmartbugs%2Fsmartbugs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsmartbugs%2Fsmartbugs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsmartbugs%2Fsmartbugs/lists"}