A curated list of awesome smart contract analysis tools, including static analysis, dynamic analysis, fuzzing, formal verification and more.
The following two papers collected almost all existing smart contract security analysis tools back in 2021. However, the tools mentioned in these papers are now outdated, with some even deprecated, as newer tools have been developed. This repository aims to gather the most up-to-date smart contract security tools across various blockchains and smart contract languages.
S. S. Kushwaha, S. Joshi, D. Singh, M. Kaur and H. -N. Lee, "Ethereum Smart Contract Analysis Tools: A Systematic Review," in IEEE Access, vol. 10, pp. 57037-57062, 2022, doi: 10.1109/ACCESS.2022.3169902.
M. di Angelo and G. Salzer, "A Survey of Tools for Analyzing Ethereum Smart Contracts," 2019 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPCON), Newark, CA, USA, 2019, pp. 69-78, doi: 10.1109/DAPPCON.2019.00018.
Content
- Eth2Vec
- FEther - Archived
- Gas Gauge
- NeuCheck
- SIF
- Slither
- SmartBugs
- SmartCheck
- SmartEmbed
- SolAnalyzer - Archived
- solhint
- SolidityCheck
- SolMet
- EthIR
- HoneyBadger
- Osiris
- Oyente
- rattle
- Securify v2.0
- teEther
- Vandal
- Conkas
- Aderyn
- AChecker
- Clairvoyance
- ContractWard: Automated Vulnerability Detection Models for Ethereum Smart Contracts
- Ethainter: a smart contract security analyzer for composite vulnerabilities
- A Hybrid Formal Verification System in Coq for Ensuring the Reliability and Security of Ethereum-Based Service Smart Contracts
- Running on Fumes--Preventing Out-of-Gas Vulnerabilities in Ethereum Smart Contracts using Static Resource Analysis
- MuSC: A Tool for Mutation Testing of Ethereum Smart Contract
- Security Assurance for Smart Contract
- sCompile: Critical Path Identification and Analysis for Smart Contracts
- SESCon: Secure Ethereum Smart Contracts by Vulnerable Patterns’ Detection
- SmartAnvil: Open-Source Tool Suite for Smart Contract Analysis
- SmartGraph: Static Analysis Tool for Solidity Smart Contracts
- SmartInspect: solidity smart contract inspector
- SmartScan: An approach to detect Denial of Service Vulnerability in Ethereum Smart Contracts
- solc-verify: A Modular Verifier for Solidity Smart Contracts
- SolGuard: Preventing external call issues in smart contract-based multi-agent robotic systems
- VeriSolid: Correct-by-Design Smart Contracts for Ethereum
- DEFECTCHECKER: Automated Smart Contract Defect Detection by Analyzing EVM Bytecode
- Visual emulation for Ethereum's virtual machine
- ESCORT: Ethereum Smart COntRacTs Vulnerability Detection using Deep Neural Network and Transfer Learning
- S-gram: Towards Semantic-Aware Security Auditing for Ethereum Smart Contracts
- eThor: Practical and Provably Sound Static Analysis of Ethereum Smart Contracts
- ETHPLOIT: From Fuzzing to Efficient Exploit Generation against Smart Contracts
- KEVM: A Complete Formal Semantics of the Ethereum Virtual Machine
- VerX: Safety Verification of Smart Contracts
- SAFEVM: a safety verifier for Ethereum smart contracts
- ReGuard: Finding Reentrancy Bugs in Smart Contracts
- ContractGuard: Defend Ethereum Smart Contracts with Embedded Intrusion Detection
- Etherolic: a practical security analyzer for smart contracts
- HermHD: Enhancing smart contract security based on code obfuscation
- MANDO-GURU: vulnerability detection for smart contract source code by heterogeneous graph embeddings
- Lanturn: Measuring Economic Security of Smart Contracts Through Adaptive Learning
Please see Contribution Guideline for more details.