Quick list of Open Source tools that can be used to audit smart contracts written in Solidity language.
Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.
Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains. It uses symbolic execution, SMT solving and taint analysis to detect a variety of security vulnerabilities. It’s also used (in combination with other tools and techniques) in the MythX security analysis platform.
An Analysis Tool for Smart Contracts. Needs solc installed.
Control flow analysis
Dynamic code analysis
- Manticore Last commit: 904f336 15 days ago
- Oyente Last commit: 69dc0a9 on 6 Nov 2020
Taint analysis / symbolic execution
- Mythril Last commit: 8fbe2e2 5 days ago
- solidity-coverage Published a month ago
- Solium / Ethlint Published 3 years ago
- Solcheck Last commit: 682d3c6 on 5 Oct 2017
- Solint Last commit: 70b0b1b on 16 Aug 2016
- Solhint Last commit: 3443eee on 29 May 2021
- Slither Last commit: f11d896 yesterday
# npm installs ## Solidity Compiler tool: solcjs npm -g install solc ## Tools npm install solint npm install solidity-coverage #(No longer a shell command) npm install solhint npm install solgraph npm install solium npm install solcheck #(Fails) # pip3 installs pip3 install slither-analyzer pip3 install mythril # pip installs pip install manticore # pip2 installs pip2 install oyente
Debian Development Packages
The following method has become deprecated as of 2022:
$ sudo apt-get install software-properties-common $ sudo add-apt-repository -y ppa:ethereum/ethereum #(Fails on latest Debian) $ sudo apt-get update $ sudo apt-get install ethereum solc
In newer Linux systems, try the following to install solc:
apt-get install cmake libboost-all-dev git clone --recursive https://github.com/ethereum/solidity.git cd solidity/ git submodule update --init --recursive sudo ./scripts/build.sh
IMPORTANT: You will need to install cmake and libboost-all-dev dependencies before trying to build solc.
Learn more about how to build and install solc in this blog post: