├── .github └── FUNDING.yml ├── README.md ├── attack-vectors ├── Access_Control.md ├── Account_Existence_Check_for_low_level_calls.md ├── Arbitrary_Jumps_with_Function_Variables.md ├── Assert_Violation.md ├── Bypass_Contract_Size_Check.md ├── Code_With_No_Effects.md ├── Complex_Modifiers.md ├── DOS.md ├── Dirty_Higher_Order_Bits.md ├── Entropy_Illusion.md ├── Experimental_Language_Features.md ├── External_Contrac_Referencing.md ├── Flash_Loan_Attack.md ├── Floating_Point_Arithmetic.md ├── Force_Feeding.md ├── Frontend_(Off_Chain)_Attacks.md ├── Function_Selector_Abuse.md ├── Griefing.md ├── Hidden_malicious_code.md ├── Historic_Attacks.md ├── Improper_Array_Deletion.md ├── Incorrect_Interface.md ├── Insufficient_Gas_Attacks.md ├── Integer_Arithmetic.md ├── Loop_through_long_arrays.md ├── Message_call_with_hardcoded_gas_amount.md ├── Miners_Attack.md ├── Offline_Owner.md ├── Oracle_Manipulation.md ├── Outdated_Compiler.md ├── Payable_Multicall.md ├── Precision_Loss_in_Calculations.md ├── Privacy_Illusion.md ├── Proxy_Storage_Collision.md ├── Reentrancy.md ├── Right-To-Left-Override_control_character_(U+202E).md ├── Sandwich_Attack.md ├── Signature_Replay.md ├── Unchecked_External_Calls.md ├── Uninitialized_Storage_Pointers.md ├── Unprotected_Upgrades.md ├── Unsafe_Delegatecall.md ├── Unused_Variable.md ├── Use_of_Deprecated_Solidity_Functions.md ├── Variable_Shadowing.md ├── Writes_to_Arbitrary_Storage_Locations.md └── Wrong_inheritance.md └── tools-and-ctfs ├── CTFs.md └── Web3_Security_Tools.md /.github/FUNDING.yml: -------------------------------------------------------------------------------- 1 | github: harendra-shakya 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/README.md -------------------------------------------------------------------------------- /attack-vectors/Access_Control.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Access_Control.md -------------------------------------------------------------------------------- /attack-vectors/Account_Existence_Check_for_low_level_calls.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Account_Existence_Check_for_low_level_calls.md -------------------------------------------------------------------------------- /attack-vectors/Arbitrary_Jumps_with_Function_Variables.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Arbitrary_Jumps_with_Function_Variables.md -------------------------------------------------------------------------------- /attack-vectors/Assert_Violation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Assert_Violation.md -------------------------------------------------------------------------------- /attack-vectors/Bypass_Contract_Size_Check.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Bypass_Contract_Size_Check.md -------------------------------------------------------------------------------- /attack-vectors/Code_With_No_Effects.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Code_With_No_Effects.md -------------------------------------------------------------------------------- /attack-vectors/Complex_Modifiers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Complex_Modifiers.md -------------------------------------------------------------------------------- /attack-vectors/DOS.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/DOS.md -------------------------------------------------------------------------------- /attack-vectors/Dirty_Higher_Order_Bits.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Dirty_Higher_Order_Bits.md -------------------------------------------------------------------------------- /attack-vectors/Entropy_Illusion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Entropy_Illusion.md -------------------------------------------------------------------------------- /attack-vectors/Experimental_Language_Features.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Experimental_Language_Features.md -------------------------------------------------------------------------------- /attack-vectors/External_Contrac_Referencing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/External_Contrac_Referencing.md -------------------------------------------------------------------------------- /attack-vectors/Flash_Loan_Attack.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Flash_Loan_Attack.md -------------------------------------------------------------------------------- /attack-vectors/Floating_Point_Arithmetic.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Floating_Point_Arithmetic.md -------------------------------------------------------------------------------- /attack-vectors/Force_Feeding.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Force_Feeding.md -------------------------------------------------------------------------------- /attack-vectors/Frontend_(Off_Chain)_Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Frontend_(Off_Chain)_Attacks.md -------------------------------------------------------------------------------- /attack-vectors/Function_Selector_Abuse.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Function_Selector_Abuse.md -------------------------------------------------------------------------------- /attack-vectors/Griefing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Griefing.md -------------------------------------------------------------------------------- /attack-vectors/Hidden_malicious_code.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Hidden_malicious_code.md -------------------------------------------------------------------------------- /attack-vectors/Historic_Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Historic_Attacks.md -------------------------------------------------------------------------------- /attack-vectors/Improper_Array_Deletion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Improper_Array_Deletion.md -------------------------------------------------------------------------------- /attack-vectors/Incorrect_Interface.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Incorrect_Interface.md -------------------------------------------------------------------------------- /attack-vectors/Insufficient_Gas_Attacks.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Insufficient_Gas_Attacks.md -------------------------------------------------------------------------------- /attack-vectors/Integer_Arithmetic.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Integer_Arithmetic.md -------------------------------------------------------------------------------- /attack-vectors/Loop_through_long_arrays.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Loop_through_long_arrays.md -------------------------------------------------------------------------------- /attack-vectors/Message_call_with_hardcoded_gas_amount.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Message_call_with_hardcoded_gas_amount.md -------------------------------------------------------------------------------- /attack-vectors/Miners_Attack.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Miners_Attack.md -------------------------------------------------------------------------------- /attack-vectors/Offline_Owner.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Offline_Owner.md -------------------------------------------------------------------------------- /attack-vectors/Oracle_Manipulation.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Oracle_Manipulation.md -------------------------------------------------------------------------------- /attack-vectors/Outdated_Compiler.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Outdated_Compiler.md -------------------------------------------------------------------------------- /attack-vectors/Payable_Multicall.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Payable_Multicall.md -------------------------------------------------------------------------------- /attack-vectors/Precision_Loss_in_Calculations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Precision_Loss_in_Calculations.md -------------------------------------------------------------------------------- /attack-vectors/Privacy_Illusion.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Privacy_Illusion.md -------------------------------------------------------------------------------- /attack-vectors/Proxy_Storage_Collision.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Proxy_Storage_Collision.md -------------------------------------------------------------------------------- /attack-vectors/Reentrancy.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Reentrancy.md -------------------------------------------------------------------------------- /attack-vectors/Right-To-Left-Override_control_character_(U+202E).md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Right-To-Left-Override_control_character_(U+202E).md -------------------------------------------------------------------------------- /attack-vectors/Sandwich_Attack.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Sandwich_Attack.md -------------------------------------------------------------------------------- /attack-vectors/Signature_Replay.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Signature_Replay.md -------------------------------------------------------------------------------- /attack-vectors/Unchecked_External_Calls.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Unchecked_External_Calls.md -------------------------------------------------------------------------------- /attack-vectors/Uninitialized_Storage_Pointers.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Uninitialized_Storage_Pointers.md -------------------------------------------------------------------------------- /attack-vectors/Unprotected_Upgrades.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Unprotected_Upgrades.md -------------------------------------------------------------------------------- /attack-vectors/Unsafe_Delegatecall.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Unsafe_Delegatecall.md -------------------------------------------------------------------------------- /attack-vectors/Unused_Variable.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Unused_Variable.md -------------------------------------------------------------------------------- /attack-vectors/Use_of_Deprecated_Solidity_Functions.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Use_of_Deprecated_Solidity_Functions.md -------------------------------------------------------------------------------- /attack-vectors/Variable_Shadowing.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Variable_Shadowing.md -------------------------------------------------------------------------------- /attack-vectors/Writes_to_Arbitrary_Storage_Locations.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Writes_to_Arbitrary_Storage_Locations.md -------------------------------------------------------------------------------- /attack-vectors/Wrong_inheritance.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/attack-vectors/Wrong_inheritance.md -------------------------------------------------------------------------------- /tools-and-ctfs/CTFs.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/tools-and-ctfs/CTFs.md -------------------------------------------------------------------------------- /tools-and-ctfs/Web3_Security_Tools.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/harendra-shakya/smart-contract-attack-vectors/HEAD/tools-and-ctfs/Web3_Security_Tools.md --------------------------------------------------------------------------------