• Stars
    star
    155
  • Rank 240,864 (Top 5 %)
  • Language
  • License
    MIT License
  • Created about 6 years ago
  • Updated over 5 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Ethereum Smart Contracts Security CheckList From Knownsec 404 Team

Ethereum Smart Contract Audit CheckList

Author:LoRexxar @Knownsec 404 Team

Translator: Liujx & Liufang & LoRexxar @Knownsec 404 Team

Time:2018.11.12

en

In the Ethereum contract audit checkList, I divided the problems encountered in the Ethereum contract audit into five major categories, including coding specification problems, design defect problems, coding security problems, coding design problems, and coding problems. It covers more than 29 issues that will arise during the Ethereum Smart Contract audit process. Help smart contract developers and security workers get started quickly with smart contract security.

This CheckList refers to and complies with the research results of the major blockchain security research teams in the completion process. If there are imperfections/errors in the CheckList, you are welcome to submit the issue.

Ethereum Smart Contract Audit CheckList

Ethereum Smart Contract Audit CheckList(PDF)

zh

在以太坊合约审计checkList中,我将以太坊合约审计中遇到的问题分为5大种,包括编码规范问题、设计缺陷问题、编码安全问题、编码设计问题、编码问题隐患。其中涵盖了超过29种会出现以太坊智能合约审计过程中遇到的问题。帮助智能合约的开发者和安全工作者快速入门智能合约安全。

本CheckList在完成过程中参考并整理兼容了各大区块链安全研究团队的研究成果,CheckList中如有不完善/错误的地方也欢迎大家提issue.

以太坊智能合约审计checkList

以太坊智能合约审计CheckList.pdf(PDF)

致谢

感谢

  • @王二#johnwick.io
  • @郭文生|成都链安科
  • @程君@创世安全
  • @余弦 | 慢雾
  • 404的小伙伴

在CheckList完善过程中提出的意见

More Repositories

1

404StarLink

404StarLink - 推荐优质、有意义、有趣、坚持维护的安全开源项目
8,436
star
2

KCon

KCon is a famous Hacker Con powered by Knownsec Team.
JavaScript
4,578
star
3

pocsuite3

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
Python
3,641
star
4

ksubdomain

无状态子域名爆破工具
Go
2,242
star
5

Pocsuite

This project has stopped to maintenance, please to https://github.com/knownsec/pocsuite3 project.
Python
1,828
star
6

shellcodeloader

shellcodeloader
C++
1,668
star
7

Kunyu

Kunyu, more efficient corporate asset collection
Python
1,011
star
8

RD_Checklist

知道创宇研发技能表
Python
828
star
9

404StarLink-Project

Focus on promoting the evolution of tools in different aspects of security research.专注于推动安全研究各个领域工具化.(项目收录逐步迁移至 https://github.com/knownsec/404StarLink)
813
star
10

rtcp

利用 Python 的 Socket 端口转发,用于远程维护
Python
709
star
11

ZoomEye-python

ZoomEye-python: The official Python library and CLI by Knownsec 404 Team.
Python
530
star
12

LSpider

LSpider 一个为被动扫描器定制的前端爬虫
Python
345
star
13

gsm

使用树莓派配合硬件来进行短信转发
Go
342
star
14

wam

Web App Monitor
JavaScript
228
star
15

VxPwn

VxWorks漏洞挖掘相关
Python
154
star
16

PortForward

The port forwarding tool developed by Golang solves the problem that the internal and external networks cannot communicate in certain scenarios
Go
135
star
17

ct

简单易用的域名爆破工具
Rust
102
star
18

Zoomeye-Tools

Zoomeye Tools是配合Zoomeye使用的Chrome插件
JavaScript
42
star
19

Decrypt-ransomware

Python
37
star
20

Minitools-bin_extractor

A simple script for quickly mining sensitive information in binary files.
Python
29
star
21

LBot

A simple xss bot template
Python
23
star
22

ZoomeyeGPT

JavaScript
21
star
23

404-Team-ShowCase

19
star
24

Minitools-cidrgen

cidrgen is based on cidr's subnet IP list generator
Go
15
star
25

Minitools-ipstatistics

ipstatistics is a script based on the ipip library that is used to quickly filter the ip list.
Python
14
star
26

workin

workin tornado
JavaScript
14
star
27

Minitools-CookieTest

A script used to quickly test APIs or required parameters and cookies for a certain request.
Python
9
star
28

helloworld

一些经典的笔试题目,进入知道创宇的 Hello World!
2
star