Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/Quillhash/Web3-Security-Tools

This repository contains a list of the most popular and widely used tools in web3 security. If you find any tools missing, you can create a pull request and be a contribute the project.
https://github.com/Quillhash/Web3-Security-Tools

auditing blockchain forensics smartcontracts tools web3 web3security

Last synced: 21 days ago
JSON representation

This repository contains a list of the most popular and widely used tools in web3 security. If you find any tools missing, you can create a pull request and be a contribute the project.

Host: GitHub
URL: https://github.com/Quillhash/Web3-Security-Tools
Owner: Quillhash
Created: 2022-12-06T07:29:41.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-02-07T12:16:22.000Z (5 months ago)
Last Synced: 2024-02-26T05:32:15.526Z (4 months ago)
Topics: auditing, blockchain, forensics, smartcontracts, tools, web3, web3security
Homepage: https://quillaudits.com
Size: 933 KB
Stars: 341
Watchers: 5
Forks: 67
Open Issues: 1
Metadata Files:
- Readme: README.md

Lists

awesome-stars - Quillhash/Web3-Security-Tools
awesome-web3-rug-check - Web3 Security Tools - contract-audit) (Security Lists / 2. Databases)

README

        # Web3 Security Tools:

Web3 security tools are critical components of a secure blockchain infrastructure. They allow developers to secure the applications and networks running on the blockchain, as well as provide a way to detect and investigate any potential malicious activity.

Smart contract auditing tools help developers identify and fix any security vulnerabilities in their code before deployment.

Blockchian Forensics tools can be used to investigate cryptocurrency-related crimes, such as money laundering, fraud, and theft.

This repository contains a list of the most popular and widely used tools in web3 security.

**If you find any tools missing, you can create a pull request and be a contribute the project.**

![](data/Web3_Security%20Tools.png)

Pdf Link: [Web3 Security Tools.pdf](data/Web3_Security%20Tools.pdf)

Xmind Link: https://xmind.works/share/zfdeD07U

---

### **VM with Security tools**

- [ZIION VM](https://www.ziion.org/)

## **Blockchain Forensics Tools:**

### Blockchain Explorers:

- [Etherscan](https://etherscan.io/)

- [btc.com](https://btc.com/)

- [Bscscan](https://bscscan.com/)

- [Polygonscan](https://polygonscan.com/)

- *Universal Explorers*

    1. [Blockchain.com](https://www.blockchain.com/explorer)

    2. [Blockchair.com](https://blockchair.com/)

### Smart contract Decompilers

- [Dedaub](https://library.dedaub.com/decompile)

- [Panoramix](https://github.com/palkeo/panoramix)

- [abi-decompiler](https://github.com/Decurity/abi-decompiler)

### Browser Extensions:

- [Tenderly](https://chrome.google.com/webstore/detail/tenderly-debugger/miiolgcpknpjjfagkaddfgakbdenenfn)

- [MetaDock](https://chrome.google.com/webstore/detail/metadock/fkhgpeojcbhimodmppkbbliepkpcgcoo)

- [Sentio](https://chromewebstore.google.com/detail/sentio/kkdofmcnddcnldoingfpiojnnkdcbhnf)

- [Blockchair](https://chrome.google.com/webstore/detail/blockchair/fhhkkooikehnkaodebbfnkinedlllcfk)

- [Impersonator](https://chrome.google.com/webstore/detail/impersonator/hgihfkmoibhccfdohjdbklmmcknjjmgl)

### Rug Checker Tools

- [Rug Pull Finder](https://www.rugpullfinder.io/confirmedrugpulls)

- [bscheck](http://bscheck.eu/)

- [rugscreen](http://rugscreen.com/)

- [QuillCheck](https://quillaudits.com/tools/quillcheck/)

- [poocoin’s rugcheck](https://poocoin.app/rugcheck)

- [tokensniffer](https://tokensniffer.com/)

- [rugpulldetector](http://rugpulldetector.com/)

- [rugdoc honeypot checker](https://rugdoc.io/honeypot/)

### Txn Visualization Tools

- [MistTrack](https://misttrack.io/)

- [ethtx.info](https://ethtx.info/)

- [Front-running explorer](https://zeromev.org/)

- [Phalcon BlockSec](https://phalcon.blocksec.com/?s=09)

- [Bitquery Explorer](https://explorer.bitquery.io/)

- [Tx eth samczsun](https://tx.eth.samczsun.com/)

- [Tenderly](https://tenderly.co/)

- [Sentio](https://app.sentio.xyz/explorer)

- [Socketscan](https://socketscan.io/)

- [3D VR blockchain visualization](https://ethresear.ch/t/open-source-3d-and-vr-blockchain-visualizations/3297/2)

- [eigenphi.io](https://eigenphi.io/)

- [nansen.ai](https://nansen.ai)

- [**Officer CIA’s Investigation tools list**](https://github.com/OffcierCia/On-Chain-Investigations-Tools-List)

### Toke Flow Visualizer:

- [breadcrumbs.app](https://www.breadcrumbs.app/)

- [bloxy.info](https://bloxy.info/)

- [ethtective.com](http://ethtective.com/)

### Miscellaneous tools

- [ETH Toolbox](https://eth-toolbox.com/)

- [DethCode](https://github.com/dethcrypto/dethcode)

- [Cryptocurrencies OSINT](https://start.me/p/ek4rxK/cryptocurrency-osint)

- [DeBank](https://debank.com/)

- [Tutela](https://tutela.xyz/)

---

## Smart-contract Auditing Tools:

### Testing Frameworks:

- [Foundry](https://github.com/foundry-rs/foundry)

- [Hardhat](https://hardhat.org/)

- [Brownie](https://eth-brownie.readthedocs.io/en/stable/)

- [Truffle](https://trufflesuite.com/)

### Fuzzers::

- [Echidna](https://github.com/crytic/echidna)

- [Foundry Fuzz](https://book.getfoundry.sh/forge/fuzz-testing)

- [ChainFuzz](https://github.com/ChainSecurity/ChainFuzz)

- [Harvey](https://mariachris.github.io/Pubs/FSE-2020-Harvey.pdf)

- [sFuzz](https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=6068&context=sis_research)

### VS Code Extensions

- [Solidity Visual Developer](https://marketplace.visualstudio.com/items?itemName=tintinweb.solidity-visual-auditor)

- [Slither VSC](https://marketplace.visualstudio.com/items?itemName=trailofbits.slither-vscode)

- [Inline Bookmarks](https://github.com/tintinweb/vscode-inline-bookmarks)

- [Solidity Metrics](https://marketplace.visualstudio.com/items?itemName=tintinweb.solidity-metrics)

- [EthOver](https://marketplace.visualstudio.com/items?itemName=tintinweb.vscode-ethover)

- [GraphViz Interactive Preview](https://marketplace.visualstudio.com/items?itemName=tintinweb.graphviz-interactive-preview)

- [Mythx VSC](https://marketplace.visualstudio.com/items?itemName=MythX.mythxvsc)

- [Remix VSC](https://marketplace.visualstudio.com/items?itemName=RemixProject.ethereum-remix)

### Linters and Formatters:

- [EthLint](https://github.com/duaraghav8/Ethlint)

- [solidity-coverage](https://github.com/sc-forks/solidity-coverage)

- [Prettier](https://prettier.io/) + [Solidity Plugin](https://github.com/prettier-solidity/prettier-plugin-solidity)

- [Doc-Gen](https://mtmacdonald.github.io/docgen/docs/index.html)

- [Solhint](https://github.com/protofire/solhint)

- [sol function profiler](https://github.com/EricR/sol-function-profiler)

### Visualization Tools:

- [Solidity Visual Developer](https://marketplace.visualstudio.com/items?itemName=tintinweb.solidity-visual-auditor)

- [Sūrya](https://github.com/ConsenSys/surya)

- [Solgraph](https://github.com/raineorshine/solgraph)

- [EVM Lab](https://github.com/ethereum/evmlab)

- [Ethereum-graph-debugger](https://github.com/fergarrui/ethereum-graph-debugger)

### Dynamics Analysis & Static Analysis:

- [Slither](https://github.com/crytic/slither)

- [MythX](https://mythx.io/)

- [Mythril](https://github.com/ConsenSys/mythril)

- [Manticore](https://github.com/trailofbits/manticore)

- [securify2](https://github.com/eth-sri/securify2)

- [Eth Security Toolbox](https://github.com/trailofbits/eth-security-toolbox)

- [smartcheck](https://github.com/smartdec/smartcheck)

- [solidityscan.com](https://solidityscan.com/)

- [Fuzzinglab’s Octopus](https://github.com/FuzzingLabs/octopus)

### Auditing Books and Guides:

- [The Auditors Book](https://theauditorbook.com/)

- [Solodit.xyz](https://solodit.xyz/dashboard)

- [Audit Hero](https://audit-hero.com/search-findings)

- [Solidity Attack Vectors](https://github.com/Quillhash/Solidity-Attack-Vectors)

- [Audit Checklist](https://github.com/tamjid0x01/SmartContracts-audit-checklist)

- [Awesome Solidity Gas Optimizations](https://github.com/iskdrews/awesome-solidity-gas-optimization)

- [Secureum Blogs](https://substack.com/profile/23643769-rajeev-secureum)

- [Diligence - Smart Contract Best Practices](https://consensys.github.io/smart-contract-best-practices/attacks/)

- [Blockchain Hacking QuickStart Guide](https://start.blockchainhax.com)

- [How to Become a Smart Contract Auditor by Cmichel](https://cmichel.io/how-to-become-a-smart-contract-auditor/)

---

## Wallet Security:

- [Stelo Labs](https://stelolabs.com/)

- [BlowFish](https://blowfish.xyz/)

- [Pocket Universe](https://www.pocketuniverse.app/)

- [Wallet Guard](https://walletguard.app/)

- [Interlock](https://www.interlock.network/)

- [Revoke.cash](https://revoke.cash/)

- [Novus](https://www.usenovus.io)

- [Web3 Antivirus](https://web3antivirus.io/)

- [PeckShield Alert](https://chrome.google.com/webstore/detail/peckshieldalert/dakkielolpafjbgnjnakddabmbbkcioe)

### Further References:

[https://github.com/OffcierCia/On-Chain-Investigations-Tools-List](https://github.com/OffcierCia/On-Chain-Investigations-Tools-List)   

[https://github.com/shantanhunt/Smart-Contract-Auditor-Tools-and-Techniques](https://github.com/shantanhunt/Smart-Contract-Auditor-Tools-and-Techniques)   

[https://github.com/Anugrahsr/Awesome-web3-Security](https://github.com/Anugrahsr/Awesome-web3-Security) 

[https://github.com/RektifyAI/auditing-demystified](https://github.com/RektifyAI/auditing-demystified)