Quick list of Open Source tools that can be used to audit smart contracts written in Solidity language.
By Name
Slither
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.
Mythril
Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains. It uses symbolic execution, SMT solving and taint analysis to detect a variety of security vulnerabilities. It’s also used (in combination with other tools and techniques) in the MythX security analysis platform.
Oyente
An Analysis Tool for Smart Contracts. Needs solc installed.
By Category
Control flow analysis
Dynamic code analysis
- Manticore Last commit: 904f336 15 days ago
Vulnerability analysis
- Oyente Last commit: 69dc0a9 on 6 Nov 2020
Taint analysis / symbolic execution
- Mythril Last commit: 8fbe2e2 5 days ago
Test coverage
- solidity-coverage Published a month ago
Linting
- Solium / Ethlint Published 3 years ago
- Solcheck Last commit: 682d3c6 on 5 Oct 2017
- Solint Last commit: 70b0b1b on 16 Aug 2016
- Solhint Last commit: 3443eee on 29 May 2021
Static Analysis
- Slither Last commit: f11d896 yesterday
Quick Install
# npm installs ## Solidity Compiler tool: solcjs npm -g install solc ## Tools npm install solint npm install solidity-coverage #(No longer a shell command) npm install solhint npm install solgraph npm install solium npm install solcheck #(Fails) # pip3 installs pip3 install slither-analyzer pip3 install mythril # pip installs pip install manticore # pip2 installs pip2 install oyente
Debian Development Packages
The following method has become deprecated as of 2022:
$ sudo apt-get install software-properties-common $ sudo add-apt-repository -y ppa:ethereum/ethereum #(Fails on latest Debian) $ sudo apt-get update $ sudo apt-get install ethereum solc
In newer Linux systems, try the following to install solc:
apt-get install cmake libboost-all-dev git clone --recursive https://github.com/ethereum/solidity.git cd solidity/ git submodule update --init --recursive sudo ./scripts/build.sh
IMPORTANT: You will need to install cmake and libboost-all-dev dependencies before trying to build solc.
Learn more about how to build and install solc in this blog post: