Web3 Security Tools

MythX

MythX™ by is the premier security analysis service for Ethereum smart contracts. Our mission is to ensure development teams avoid costly errors and make Ethereum a more secure and trustworthy platform..

Slither

Slither is a Solidity & Vyper static analysis framework written in Python3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.

Echidna

Echidna is a Haskell program designed for fuzzing/property-based testing of Ethereum smart contracts. It uses sophisticated grammar-based fuzzing campaigns based on a contract ABI to falsify user-defined predicates or Solidity assertions. We designed Echidna with modularity in mind, so it can be easily extended to include new mutations or test specific contracts in specific cases.

Foundry Fuzz

Forge supports property based testing. Property-based testing is a way of testing general behaviors as opposed to isolated scenarios.

Manticore

Manticore is a symbolic execution tool for analysis of binaries and smart contracts.

Aderyn

Aderyn is a Rust-based static analyzer specifically designed for Web3 smart contract security and development. It takes a bird's eye view over your smart contracts, traversing the Abstract Syntax Trees (AST) to pinpoint suspected vulnerabilities. Aderyn prints out these potential issues in an easy-to-consume markdown format.

Certora

Certora Prover is a powerful tool that compares your smart contract bytecode against a rule detailing how you expect your code to behave. This process, known as formal verification, will check every possible contract state and contract path to identify critical vulnerabilities that hackers can exploit.

4naly3er

Static smart contract code 4naly3er, enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.

Mythril

Security analysis tool for EVM bytecode. Supports smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains.

Scribble

Scribble is a runtime verification tool for Solidity that transforms annotations in the into concrete assertions that check the specification. In other words, Scribble transforms existing contracts into contracts with equivalent behaviour, except that they also check properties. .

Halmos

Halmos is a symbolic testing tool for EVM smart contracts. A Solidity/Foundry frontend is currently offered by default, with plans to provide support for other languages, such as Vyper and Huff, in the future.