Gaining the most elusive of tips. Add your input and let’s collect them all!
-
Did you know that you can utilize VSCode on your iPad (preferably with a Magic Keyboard) using the Blink App? If not, watch the following video! I hope you find this tip useful in your work!
-
Clone any project, then upload extension into vscode, 2nd link -> add key from sourcegraph, select the contract and the AI analyzes the structure of your project for you! Check out this example!
-
Try auditwizard.io — revolutionize your workflow today!
-
Check out pre-built security properties for commonly forked DeFi protocols.
-
MEV / Sandwich / Front-run & Back-run: Compilation & advanced info.
-
Try Slither Detectors by Pessimistic.io & check out SolCurity.
-
Give a try: Pyrometer & Sporalyzer.
-
Explore Web3 with full confidence guarded by Web3Antivirus security browser extension & learn evm attacks! Consider auditing as part of a team.
-
Try using obsidian.md for notes!, set it up correctly & check out Audit Quality!
-
Follow my own blog & Hexens’ blog!
-
This project was created to support Code4rena Bot Races with useful stats and tools. Read more about it here & try 4naly3er!
-
Bot Racing: The Rise of Web3 Bots. & Code4Rena Bot Racing explained!
-
Check out GasBad which is an open-source project that evaluates gas efficiency in Solidity libraries!
-
Try out this tool — it scans constructor of solidity smart contract for checks to zero address.
-
There was also an incredible tool, and I really like this idea, since it is probably a logical continuation of an old script and this service, but this is actually lot better than another simulator (it probably uses simulation like in this list).
-
Try using Semgrep rules for smart contracts based on DeFi exploits!
-
Complete this set of tasks!
-
Check out this curated list of web3Security materials and resources For Pentesters and Bug Hunters!
-
Let’s break down such a concept as mind-mapping — study this list & check out AuditorsRoadmap mind-map!
-
Explorer Bookmark is a fantastic VS Code extension for all the code4rena Wardens, Sherlockdefi Watsons, and CodeHawks Hawks out there. No more struggling to find contracts in scope among a sea of others. With this extension, you can easily collect in one place and access all the contracts within the scope of your audit. Enjoy a more streamlined workflow!
-
Also use the “Hide Comments” VSCode extension when auditing. It helps you cut through the noise, remain unbiased and focus on what the code truly does! Study audits anomalies archive.
-
Use the “Solidity Visual Developer” extension which comes with the @audit, @audit-info, @audit-ok, @audit-issue to categorize your notes!
-
Also Use Inline Bookmarks VSCode Extension by ConsenSys Audits to organize all your audit comments & findings! Thoroughly document/explain each function using simple language to reason about it. How To Learn Fast? | How to make better decisions?
Also Check Out wiki.r.security:
… and visit my own repo here:
The best thing is to support me directly by donating to my address on Ethereum Main-net or any of the compatible networks or to any address from the list below:
-
0xB25C5E8fA1E53eEb9bE3421C59F6A66B786ED77A — ERC20 & ETH officercia.eth
-
4AhpUrDtfVSWZMJcRMJkZoPwDSdVG6puYBE3ajQABQo6T533cVvx5vJRc5fX7sktJe67mXu1CcDmr7orn1CrGrqsT3ptfds — Monero/XMR
-
You can also support me by minting one of my Mirror articles NFTs!