Awesome-web3-Security awesome

Awesome-web3-Security

A curated list of web3 Security materials and resources For Pentesters and Bug Hunters.

Vulnerable Web3 CTFs

• Capture the Ether

• The Ethernaut

• Damn Vulnerable DeFi

• Security Innovation Blockchain CTF

• GOAT Casino

• Paradigm CTF

• Blocksec CTFs

• ciphershastra CTF

• DeFiVulnLabs

• QuillCTF

• Vulnmachines - Blockchain hacking

• Web3Pwn - Web3 Security Training Platform

Common Vulnerabilities in Smart contracts MindMap

Open the mindmap in Xmind

How to become a smart contract auditor?

Open the MindMap

Web3 Security Tools

Open the MindMap Check the Quillhash Web3-Security-Tools Repo for more details

Check Remix Ethereum project here: https://remix-project.org/ (The Remix Project is a rich toolset which can be used for the entire journey of contract development by users of any knowledge level, and as a learning lab for teaching and experimenting with Ethereum.)

Web3 blogs and postmortem reports

• Immunefi Medium
• Openzeppelin Blogs
• QuillAudits Blogs
• Solidity Scan Blogs
• Beosin
• Neptune Mutual
• BlockSec
• CertiK
• mouse-run

Crypto Bug Bounty Platforms

• Immunefi
• Hackenproof
• Code4rena
• Gitcoin
• HackerOne
• Spearbit
• Sherlock
• The Saloon
• Hats Finance

Web3 Security Newsletter

• Blockchain Threat Intelligence
• REKT
• Week in Ethereum News
• HashingBits Newsletter

Complete Collection of Hacks, Trends, Resources

• Web3sec.news

Web3 Security Conference Talks and Videos

• Overview of Web3 Smart Contract Hacking | IWCON-S22 Talk by Duncan Townsend
• hat Ethereum Smart Contract Hacking Looks Like by LiveOverFlow
• The Web3 Security Mindset with Corey Petty
• Security and Vulnerabilities in Web3 - Harry Papacharissiou
• Web3 Security Playlist
• Unstoppable - Damn Vulnerable DeFi | CTF
• Smart Contract Hacking - 0x0C - Attacking Authorization with Web3.js
• How to Audit a Smart Contract | Can you find the Solidity Security Vulnerabilities?
• Learn Blockchain, Solidity, and Full Stack Web3 Development with JavaScript – 32-Hour Course

// To be updated!

Resources to learn Solidity

• https://cryptozombies.io/

• https://www.learnweb3.io/

• https://www.smartcontract.engineer/

• https://solidity-by-example.org/

• https://www.web3.university/

• https://www.useweb3.xyz/

Smart Contract Security Audit Reports

• Chainsulting
• Code4rena Audit Reports
• Consensys Audit Reports
• QuillAudits Audit Reports
• Spearbit Audit Reports
• iskdrews
• Sherlock
• Avastars Smart Contract Audit Public Report
• KubixSquare audit
• lemonade-audits
• Techrate
• interfinetwork
• Decentraland audit
• Tech-Audit
• Sifchain
• Complete List of Security Audit Reports

Smart Contract Security Certifications

• Certified Blockchain Practitioner (CBP) Use the coupon code 100-OFF to get 100% discount
• Certified Blockchain Security Professional (CBSP))

// To be updated! // RoadMap to be added

A star to the repo would be fantastic