Made by Eonian Team.

<aside> ❗ Aggregation of valuable resources and knowledge about security in DeFI. Its primary focus is on smart contracts and DeFi protocols, but it also touches on blockchain-related hacks and common scams in the DeFi space.

</aside>

Hacks and Scam Timeline

• Rekt News - DeFi / Crypto - Investigative journalism
• Web3 is Going Just Great - A timeline of disasters happening in the crypto

Crypto Wallet Hacks List

• Hardware Wallets Hacks
• Approved wallets hacks
• Crypto Hacks Database

History of DeFi Hacks

Tools and Lists

• Dextools - allow check trading operations with a token
• Uncx - Check liquidity status of the token
• Smart Contracts Scanner - Scanner for vulnerabilities
• Token Sniffer - give info on exploits and contract audits around tokens.
• BSC Check - Give contract owner status, honeypot code, Developer's wallet info and etc. Support Ethereum and other blockchains
• Kryptoview - Token Review platforms
• Protocol Reviews and ratings
  • DefiSafety
  • RugDog
  • Smoothie
  • Magic Store
• Redefine - wallet address and transaction analytics
• DefiLama - DeFi Dashboard
• DappRadar - list of DeFi apps
• Remove wallet approves
  • Revoke
  • Shield
• DefiLama Hacks - list of DeFi hacks with stats of the reason for the hack.
• Audit Database
• Bad Dept Monitoring - list of dept issues of lending protocols
• Detect honeypot tokens
  • Honeypot
  • Detect Honeypot
  • RugDoc's Honeypot

Smart Contract Vulnerabilities Lists

• SWC Registry - Smart Contract Weakness Classification and Test Cases | github
• DASP - Decentralized Application Security Project | github
• ESCBP Attacks - List of common smart contract attacks | github
• **Solidity Security** - Comprehensive list of known attack vectors and common anti-patterns | github
• VSC List - List of Security Vulnerabilities

More info

Solidity Bugs and Vulnerabilities

• Etherscan - Solidity Bug Info
• Solidity Blog - Security Alerts
• Solidity Releases

Best Practices

• SCSVS - Smart Contract Security Verification Standard | github
• ESCBP - Ethereum Smart Contract Security Best Practices | github
• Crypto Scams to Avoid - 10 Tricks Scammers Use
• Ethereum security and scam prevention

Portfolio Trackers

• CoinStats

There is a list of currently known hacks and vulnerabilities which can be used by a bad actor to get control or somehow interfere normal logic flow of a smart contract or protocols. It is heavily based on SWC Registry but also has a few vulnerabilities that are not subject to the requirements of the SWC Registry.

All of the vulnerabilities have links where they are fully described with examples. Some of them have additional links to resources where they can be studied. Also, part of the cases are already abused and have links to the known case with the amount of lost money.

Last update: March 29, 2023

List of Vulnerabilities in Smart Contracts

Made by Eonian