Logo NotOnly.Owner

Introduction to smart contract security and hacking in Ethereum


Welcome!

Here you'll find resources and complementary educational material to start your journey in security and hacking of smart contracts in Ethereum.

Even if you don't want to build smart contracts, but rather break them, you'll need to understand the basics of programming, the EVM and the Ethereum network. So prior to getting into the security rabbit-hole, you can start with the basics of Ethereum here.

Index

Books

Challenges

These challenges will help you learn about Ethereum, Solidity, the EVM, DeFi and other cool stuff about this ecosystem. Everything while you hack vulnerable implementation of contracts. If you're not fond of reading, but rather learn by doing, START HERE.

In order of difficulty and necessary knowledge:

Tools

Explorers

Vulnerabilities, common attacks and best practices

Take into account that these lists include vulnerabilities and attacks that are relatively basic. They're still pretty much valid, even after all these years. Still, this is definitely not everything there's to learn. To stay up-to-date with the latest type of attacks and vulnerabilities (which can be more complex and interesting), I highly recommend reading newsletters and public reports.

Reports

Newsletters

Forums and groups

Bug Bounties

Additional resources