Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/quillhash/web3-security-tools
This repository contains a list of the most popular and widely used tools in web3 security. If you find any tools missing, you can create a pull request and be a contribute the project.
https://github.com/quillhash/web3-security-tools
auditing blockchain forensics smartcontracts tools web3 web3security
Last synced: 2 days ago
JSON representation
This repository contains a list of the most popular and widely used tools in web3 security. If you find any tools missing, you can create a pull request and be a contribute the project.
- Host: GitHub
- URL: https://github.com/quillhash/web3-security-tools
- Owner: Quillhash
- Created: 2022-12-06T07:29:41.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-03-03T05:53:35.000Z (9 months ago)
- Last Synced: 2024-11-08T23:34:36.907Z (4 days ago)
- Topics: auditing, blockchain, forensics, smartcontracts, tools, web3, web3security
- Homepage: https://quillaudits.com
- Size: 933 KB
- Stars: 387
- Watchers: 5
- Forks: 72
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Web3 Security Tools:
Web3 security tools are critical components of a secure blockchain infrastructure. They allow developers to secure the applications and networks running on the blockchain, as well as provide a way to detect and investigate any potential malicious activity.
Smart contract auditing tools help developers identify and fix any security vulnerabilities in their code before deployment.
Blockchian Forensics tools can be used to investigate cryptocurrency-related crimes, such as money laundering, fraud, and theft.This repository contains a list of the most popular and widely used tools in web3 security.
**If you find any tools missing, you can create a pull request and be a contribute the project.**
![](data/Web3_Security%20Tools.png)
Pdf Link: [Web3 Security Tools.pdf](data/Web3_Security%20Tools.pdf)
Xmind Link: https://xmind.works/share/zfdeD07U
---
### **VM with Security tools**
- [ZIION VM](https://www.ziion.org/)## **Blockchain Forensics Tools:**
### Blockchain Explorers:
- [Etherscan](https://etherscan.io/)
- [btc.com](https://btc.com/)
- [Bscscan](https://bscscan.com/)
- [Polygonscan](https://polygonscan.com/)
- *Universal Explorers*
1. [Blockchain.com](https://www.blockchain.com/explorer)
2. [Blockchair.com](https://blockchair.com/)### Smart contract Decompilers
- [Dedaub](https://library.dedaub.com/decompile)
- [Panoramix](https://github.com/palkeo/panoramix)
- [abi-decompiler](https://github.com/Decurity/abi-decompiler)### Browser Extensions:
- [Tenderly](https://chrome.google.com/webstore/detail/tenderly-debugger/miiolgcpknpjjfagkaddfgakbdenenfn)
- [MetaDock](https://chrome.google.com/webstore/detail/metadock/fkhgpeojcbhimodmppkbbliepkpcgcoo)
- [Sentio](https://chromewebstore.google.com/detail/sentio/kkdofmcnddcnldoingfpiojnnkdcbhnf)
- [Blockchair](https://chrome.google.com/webstore/detail/blockchair/fhhkkooikehnkaodebbfnkinedlllcfk)
- [Impersonator](https://chrome.google.com/webstore/detail/impersonator/hgihfkmoibhccfdohjdbklmmcknjjmgl)### Rug Checker Tools
- [Rug Pull Finder](https://www.rugpullfinder.io/confirmedrugpulls)
- [bscheck](http://bscheck.eu/)
- [rugscreen](http://rugscreen.com/)
- [QuillCheck](https://quillaudits.com/tools/quillcheck/)
- [poocoin’s rugcheck](https://poocoin.app/rugcheck)
- [tokensniffer](https://tokensniffer.com/)
- [rugpulldetector](http://rugpulldetector.com/)
- [rugdoc honeypot checker](https://rugdoc.io/honeypot/)### Txn Visualization Tools
- [MistTrack](https://misttrack.io/)
- [ethtx.info](https://ethtx.info/)
- [Front-running explorer](https://zeromev.org/)
- [Phalcon BlockSec](https://phalcon.blocksec.com/?s=09)
- [Bitquery Explorer](https://explorer.bitquery.io/)
- [Tx eth samczsun](https://tx.eth.samczsun.com/)
- [Tenderly](https://tenderly.co/)
- [Sentio](https://app.sentio.xyz/explorer)
- [Socketscan](https://socketscan.io/)
- [3D VR blockchain visualization](https://ethresear.ch/t/open-source-3d-and-vr-blockchain-visualizations/3297/2)
- [eigenphi.io](https://eigenphi.io/)
- [nansen.ai](https://nansen.ai)
- [**Officer CIA’s Investigation tools list**](https://github.com/OffcierCia/On-Chain-Investigations-Tools-List)### Toke Flow Visualizer:
- [breadcrumbs.app](https://www.breadcrumbs.app/)
- [bloxy.info](https://bloxy.info/)
- [ethtective.com](http://ethtective.com/)### Miscellaneous tools
- [ETH Toolbox](https://eth-toolbox.com/)
- [DethCode](https://github.com/dethcrypto/dethcode)
- [Cryptocurrencies OSINT](https://start.me/p/ek4rxK/cryptocurrency-osint)
- [DeBank](https://debank.com/)
- [Tutela](https://tutela.xyz/)---
## Smart-contract Auditing Tools:
### Testing Frameworks:
- [Foundry](https://github.com/foundry-rs/foundry)
- [Hardhat](https://hardhat.org/)
- [Brownie](https://eth-brownie.readthedocs.io/en/stable/)
- [Truffle](https://trufflesuite.com/)### Fuzzers::
- [Echidna](https://github.com/crytic/echidna)
- [Foundry Fuzz](https://book.getfoundry.sh/forge/fuzz-testing)
- [ChainFuzz](https://github.com/ChainSecurity/ChainFuzz)
- [Harvey](https://mariachris.github.io/Pubs/FSE-2020-Harvey.pdf)
- [sFuzz](https://ink.library.smu.edu.sg/cgi/viewcontent.cgi?article=6068&context=sis_research)### VS Code Extensions
- [Solidity Visual Developer](https://marketplace.visualstudio.com/items?itemName=tintinweb.solidity-visual-auditor)
- [Slither VSC](https://marketplace.visualstudio.com/items?itemName=trailofbits.slither-vscode)
- [Inline Bookmarks](https://github.com/tintinweb/vscode-inline-bookmarks)
- [Solidity Metrics](https://marketplace.visualstudio.com/items?itemName=tintinweb.solidity-metrics)
- [EthOver](https://marketplace.visualstudio.com/items?itemName=tintinweb.vscode-ethover)
- [GraphViz Interactive Preview](https://marketplace.visualstudio.com/items?itemName=tintinweb.graphviz-interactive-preview)
- [Mythx VSC](https://marketplace.visualstudio.com/items?itemName=MythX.mythxvsc)
- [Remix VSC](https://marketplace.visualstudio.com/items?itemName=RemixProject.ethereum-remix)### Linters and Formatters:
- [EthLint](https://github.com/duaraghav8/Ethlint)
- [solidity-coverage](https://github.com/sc-forks/solidity-coverage)
- [Prettier](https://prettier.io/) + [Solidity Plugin](https://github.com/prettier-solidity/prettier-plugin-solidity)
- [Doc-Gen](https://mtmacdonald.github.io/docgen/docs/index.html)
- [Solhint](https://github.com/protofire/solhint)
- [sol function profiler](https://github.com/EricR/sol-function-profiler)### Visualization Tools:
- [Solidity Visual Developer](https://marketplace.visualstudio.com/items?itemName=tintinweb.solidity-visual-auditor)
- [Sūrya](https://github.com/ConsenSys/surya)
- [Solgraph](https://github.com/raineorshine/solgraph)
- [EVM Lab](https://github.com/ethereum/evmlab)
- [Ethereum-graph-debugger](https://github.com/fergarrui/ethereum-graph-debugger)### Dynamics Analysis & Static Analysis:
- [Slither](https://github.com/crytic/slither)
- [MythX](https://mythx.io/)
- [Mythril](https://github.com/ConsenSys/mythril)
- [Manticore](https://github.com/trailofbits/manticore)
- [securify2](https://github.com/eth-sri/securify2)
- [Eth Security Toolbox](https://github.com/trailofbits/eth-security-toolbox)
- [smartcheck](https://github.com/smartdec/smartcheck)
- [solidityscan.com](https://solidityscan.com/)
- [Fuzzinglab’s Octopus](https://github.com/FuzzingLabs/octopus)### Auditing Books and Guides:
- [The Auditors Book](https://theauditorbook.com/)
- [Solodit.xyz](https://solodit.xyz/dashboard)
- [Audit Hero](https://audit-hero.com/search-findings)
- [Solidity Attack Vectors](https://github.com/Quillhash/Solidity-Attack-Vectors)
- [Audit Checklist](https://github.com/tamjid0x01/SmartContracts-audit-checklist)
- [Awesome Solidity Gas Optimizations](https://github.com/iskdrews/awesome-solidity-gas-optimization)
- [Secureum Blogs](https://substack.com/profile/23643769-rajeev-secureum)
- [Diligence - Smart Contract Best Practices](https://consensys.github.io/smart-contract-best-practices/attacks/)
- [Blockchain Hacking QuickStart Guide](https://start.blockchainhax.com)
- [How to Become a Smart Contract Auditor by Cmichel](https://cmichel.io/how-to-become-a-smart-contract-auditor/)---
## Wallet Security:
- [Stelo Labs](https://stelolabs.com/)
- [BlowFish](https://blowfish.xyz/)
- [Pocket Universe](https://www.pocketuniverse.app/)
- [Wallet Guard](https://walletguard.app/)
- [Interlock](https://www.interlock.network/)
- [Revoke.cash](https://revoke.cash/)
- [Novus](https://www.usenovus.io)
- [Web3 Antivirus](https://web3antivirus.io/)
- [PeckShield Alert](https://chrome.google.com/webstore/detail/peckshieldalert/dakkielolpafjbgnjnakddabmbbkcioe)### Further References:
[https://github.com/OffcierCia/On-Chain-Investigations-Tools-List](https://github.com/OffcierCia/On-Chain-Investigations-Tools-List)
[https://github.com/shantanhunt/Smart-Contract-Auditor-Tools-and-Techniques](https://github.com/shantanhunt/Smart-Contract-Auditor-Tools-and-Techniques)
[https://github.com/Anugrahsr/Awesome-web3-Security](https://github.com/Anugrahsr/Awesome-web3-Security)
[https://github.com/RektifyAI/auditing-demystified](https://github.com/RektifyAI/auditing-demystified)