Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ethnical/swek3
Web3 Security Toolbox
https://github.com/ethnical/swek3
ethereum rust security-tools solidity
Last synced: about 2 months ago
JSON representation
Web3 Security Toolbox
- Host: GitHub
- URL: https://github.com/ethnical/swek3
- Owner: Ethnical
- Created: 2022-07-10T10:06:26.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-04-29T07:19:24.000Z (9 months ago)
- Last Synced: 2024-04-29T08:33:39.927Z (9 months ago)
- Topics: ethereum, rust, security-tools, solidity
- Language: Rust
- Homepage: https://blog.mevsec.com/
- Size: 6.52 MB
- Stars: 72
- Watchers: 3
- Forks: 10
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## Swek the EVM Security Toolbox.
Swek is a Security toolbox focused on EVM written in Rust.
Most of the features are designed to help auditors to get faster in the daily works.
Feel free to contact me to add some features or found any bugs.
If you are intersted in Rust, MeV, Solidity Sec join us here => https://discord.gg/54Q9pnpQcV
![ezgif-4-a87ec11928](https://user-images.githubusercontent.com/23560242/196544426-0aa7462d-7d73-4a58-89f4-1f7136a406b9.gif)
---
### Convert Solidity to Interface
Convert Solidity file into an interface using the convert2interface (download the right version of the Solc then compile and extract the interface).
![image](https://user-images.githubusercontent.com/23560242/178570537-8974f67c-baa6-4e8d-b2e9-c4f8ad5ca9e5.png)
Just need to use the `--path` parameter.
---
## Onchain
> A lists of tools for onchain contracts and incidents response.
#### get-selectors
> Design to get all the selectors from the bytecode of a contract.|Paramaters| Informations|
|----------|-------------|
|`--address`| address of the contract|
|`--rpc`| Link to the rpc of the wanted blockchain|### Mempool Watcher
> A small Mempool Watcher written in Rust.- Need to add lots of features to filter every txs.
- Next step add a features to simulates txs.## ![image](https://user-images.githubusercontent.com/23560242/179367699-286e92ac-ce70-4f6e-9e20-434d8b565972.png)
## Contract-info.
Get informations using AST of the contract.
/!\ This doesn't compile the contract /!\
To have a quick overview of the (functions, modifiers, visibility, library etc...) you can use `-m` for **modifiers** and `-v` for the **visibility**._Usage :_
![image](https://user-images.githubusercontent.com/23560242/196519295-c9881b79-602d-43eb-bed8-bd8726750d3c.png)**Centralisation Risk**
- The `-c` set to `yes` will return some crisk ready to share in markdown (need to pass the modifier).
![image](https://user-images.githubusercontent.com/23560242/197516359-611afd0f-c342-4ca2-87fd-adeb56b764a7.png)_Usage :_
`swek --path /Users/ethnical/Sec/Rust/oz_implementations/contracts/OffShore.sol -m onlyOwner -c yes`---
### Implemented Features
- Visibility Checker : Display all functions in _red_ who has `_` but not `internal` visibility.
### Upcoming Features.
_Contracts Features:_
- [X] Analyze directly in (etherscan, snowtrace, moonscan, etc).
- [ ] Add the `view` `pure` etc in modifiers.
- [ ] Add a params for remapping like `--remaps @openzeppelin/contracts/=lib/openzeppelin-contracts/contracts/`
- [ ] Display all the contracts names inside the folder.
- [ ] Display all the externals calls._Others features:_
- [X] private key to address.
- [ ] Converter Wei Gas.
- [ ] ByteCode ASM deploy.
- [ ] Get interface from non compile contract
- [ ] Check the dif between OZ implentation and the implentation inside the sol file.
- [ ] Reorganise inside a file the interface and the contract to have them in correct order.
- [ ] Create a markdown option to store as a markdown file.
- [ ] Add a kind of "binwalk" on calldata (4bytes signatures).
---### TODO
- [ ] Reuse the Solang lib directly to get the `notice` through comments.
- [ ] Use the solang library## Install & Run
- There is the released version here (just need to run the binary) -> https://github.com/Ethnical/Swek3/releases
- If you don't want or the version is not supported you can build from source by the following steps:
```bash
git clone https://github.com/Ethnical/Swek3.git
cd Swek3
cargo build
./target/debug/swek --help #This is the binary `swek`
mv ./target/debug/swek /usr/bin/swek #move the binary to `/usr/bin/` to avoid to each time need to path or you need to update the path.
```