Minimalist resources to learn about security and pentesting smart contracts, from lab to practice, ctf and some recommendations. (Updated - 26/06/2022)
- fwhibbit.es/pentesting-smart-contract-introduccion - Pentesting a Smart Contracts.
- notonlyowner.com/learn/intro-seguridad-hacking-ethereum - Introducción a Seguridad y Hacking en Ethereum.
- consensys.github.io/smart-contract-best-practices - Ethereum Smart Contract Security Best Practices.
- github.com/tinchoabbate/intro-seguridad-smart-contracts - Introducción a Hacking y Seguridad en Smart Contracts.
- Docs.google.com - Example report - General Analysis and Compiler Audit.
- https://github.com/xf97/JiuZhou - JiuZhou is a data set of Ethereum bug smart contracts (ICSME 2020).
- github.com/5049504F/cryptocurrency-security - Document created to serve as a first step to learn about blockchain and smart contract security.
- a16z.com/2022/04/23/web3-security-crypto-hack-attack-lessons/ - Web3 Security: Attack Types and Lessons Learned.
- Smart contract security service for Ethereum - MythX - Smart contract security service for Ethereum
- damnvulnerabledefi.xyz/ - Damn Vulnerable DeFi is the wargame to learn offensive security of DeFi smart contracts.
- ethernaut.openzeppelin.com - The Ethernaut is a Web3/Solidity based wargame inspired on overthewire.org, played in the Ethereum Virtual Machine. Each level is a smart contract that needs to be 'hacked'.