Awesome-web3-Security awesome

Awesome-web3-Security

A curated list of web3 Security materials and resources For Pentesters and Bug Hunters.

Vulnerable Web3 CTFs

• Capture the Ether

• The Ethernaut

• Damn Vulnerable DeFi

• Security Innovation Blockchain CTF

• GOAT Casino

• Paradigm CTF

• Blocksec CTFs

• ciphershastra CTF

• DeFiVulnLabs

• QuillCTF

• Vulnmachines - Blockchain hacking

• Web3Pwn - Web3 Security Training Platform

Common Vulnerabilities in Smart contracts MindMap

Open the mindmap in Xmind

How to become a smart contract auditor?

Open the MindMap

Web3 Security Tools

Open the MindMap Check the Quillhash Web3-Security-Tools Repo for more details

Check Remix Ethereum project here: https://remix-project.org/ (The Remix Project is a rich toolset which can be used for the entire journey of contract development by users of any knowledge level, and as a learning lab for teaching and experimenting with Ethereum.)

Web3 blogs and postmortem reports

• Immunefi Medium

• Openzeppelin Blogs

• QuillAudits Blogs

• Solidity Scan Blogs

• Beosin

• Neptune Mutual

• BlockSec

• CertiK

• mouse-run

Crypto Bug Bounty Platforms

• Immunefi

• Hackenproof

• Code4rena

• Gitcoin

• HackerOne

• Spearbit

• Sherlock

• The Saloon

• Hats Finance

Web3 Security Newsletter

• Blockchain Threat Intelligence

• REKT

• Week in Ethereum News

• HashingBits Newsletter

Complete Collection of Hacks, Trends, Resources

• Web3sec.news

Web3 Security Conference Talks and Videos

• Overview of Web3 Smart Contract Hacking | IWCON-S22 Talk by Duncan Townsend

• hat Ethereum Smart Contract Hacking Looks Like by LiveOverFlow

• The Web3 Security Mindset with Corey Petty

• Security and Vulnerabilities in Web3 - Harry Papacharissiou

• Web3 Security Playlist

• Unstoppable - Damn Vulnerable DeFi | CTF

• Smart Contract Hacking - 0x0C - Attacking Authorization with Web3.js

• How to Audit a Smart Contract | Can you find the Solidity Security Vulnerabilities?

• Learn Blockchain, Solidity, and Full Stack Web3 Development with JavaScript – 32-Hour Course

// To be updated!

Resources to learn Solidity

• https://cryptozombies.io/

• https://www.learnweb3.io/

• https://www.smartcontract.engineer/

• https://solidity-by-example.org/

• https://www.web3.university/

• https://www.useweb3.xyz/

Smart Contract Security Audit Reports

• Chainsulting

• Code4rena Audit Reports

• Consensys Audit Reports

• QuillAudits Audit Reports

• Spearbit Audit Reports

• iskdrews

• Sherlock

• Avastars Smart Contract Audit Public Report

• KubixSquare audit

• lemonade-audits

• Techrate

• interfinetwork

• Decentraland audit

• Tech-Audit

• Sifchain

• Complete List of Security Audit Reports

Smart Contract Security Certifications

• Certified Blockchain Practitioner (CBP) Use the coupon code 100-OFF to get 100% discount

• Certified Blockchain Security Professional (CBSP))

// To be updated! // RoadMap to be added

A star to the repo would be fantastic