MChamrosh/Awesome-web3-Security

A curated list of web3Security materials and resources For Pentesters and Bug Hunters.

Awesome-web3-Security

A curated list of web3 Security materials and resources For Pentesters and Bug Hunters.

Vulnerable Web3 CTFs

• Capture the Ether
• The Ethernaut
• Damn Vulnerable DeFi
• Security Innovation Blockchain CTF
• GOAT Casino
• Paradigm CTF
• Blocksec CTFs

Common Vulnerabilities in Smart contracts MindMap

Open the mindmap in Xmind

How to become a smart contract auditor?

Open the MindMap

Web3 blogs and reports

• Immunefi Medium
• openzeppelin blogs
• consensys Audit

Crypto Bug Bounty Platforms

• Immunefi
• Hackenproof
• Code4rena
• Gitcoin
• HackerOne

Web3 Security Newsletter

• Blockchain Threat Intelligence
• REKT
• Week in Ethereum News

Web3 Security Conference Talks and Videos

• Overview of Web3 Smart Contract Hacking | IWCON-S22 Talk by Duncan Townsend
• hat Ethereum Smart Contract Hacking Looks Like by LiveOverFlow
• The Web3 Security Mindset with Corey Petty
• Security and Vulnerabilities in Web3 - Harry Papacharissiou
• Web3 Security Playlist
• Unstoppable - Damn Vulnerable DeFi | CTF
• Smart Contract Hacking - 0x0C - Attacking Authorization with Web3.js
• How to Audit a Smart Contract | Can you find the Solidity Security Vulnerabilities?
• Learn Blockchain, Solidity, and Full Stack Web3 Development with JavaScript – 32-Hour Course

// To be updated!

RoadMap to learn Solidity

• https://cryptozombies.io/
• https://www.learnweb3.io/
• https://www.smartcontract.engineer/
• https://solidity-by-example.org/
• https://www.web3.university/
• https://www.useweb3.xyz/

Smart Contract Security Audit Reports

• Chainsulting
• iskdrews
• Avastars Smart Contract Audit Public Report
• KubixSquare audit
• lemonade-audits
• Techrate
• Quillhash
• interfinetwork
• Decentraland audit
• Tech-Audit
• Sifchain

// To be updated! // RoadMap to be added