Tag
#security
832 repositories
Repos
OpenZeppelin Contracts is a library for secure smart contract development.
Cryptomator for Windows, macOS, and Linux: Secure client-side encryption for your cloud storage, ensuring privacy and control over your data.
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
Capstone disassembly/disassembler framework for ARM, ARM64 (ARMv8), Alpha, BPF, Ethereum VM, HPPA, LoongArch, M68K, M680X, Mips, MOS65XX, PPC, RISC-V(rv32G/rv64G), SH, Sparc, SystemZ, TMS320C64X, TriCore, Webassembly, XCore and X86.
A guide to smart contract security best practices
☁️ The Most Secure and Easy Selfhosted Home Server. Take control of your data and privacy without sacrificing security and stability (Authentication, anti-DDOS, anti-bot)
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
Mythril is a symbolic-execution-based securty analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum and other EVM-compatible blockchains.
🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3! Update to wolfSSL 5.9.1 for the latest CVE fixes.
Software sandbox for storage of sensitive information in memory.
FISCO BCOS(发音为/ˈfɪskl bi:ˈkɒz/)是一个稳定、高效、安全的许可区块链平台,已被广泛应用于现实的行业应用。截至目前,已拥有5000多家企事业单位,400多个产业数字化标杆应用,涵盖文化版权、司法服务、政府服务、物联网、金融、智慧社区、房地产建设、社区治理、乡村振兴等领域。FISCO BCOS (pronounced /ˈfɪskl bi:ˈkɒz/) is a stable, efficient, and secure permissioned blockchain platform that has been widely used in real-world industry applications.
A collection of smart contract vulnerabilities along with prevention methods
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
The ultimate, most advanced, security, DeFi, assembly, web3 auditor course ever created.
Central Repository for the Epoch 0 coursework and quizzes. Contains all the content, cross-referenced and linked.
HACL*, a formally verified cryptographic library written in F*
Here we collect and discuss the best DeFi, Blockchain and crypto-related OpSec researches and data terminals - contributions are welcome.
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
A chronological and (hopefully) complete list of reentrancy attacks to date.
Heimdall is an advanced EVM smart contract toolkit specializing in bytecode analysis and extracting information from unverified contracts.
Concrete: TFHE Compiler that converts python programs into FHE equivalent
Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
A collection of practical security-focused guides and checklists for smart contract development
An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction
OpenZeppelin Contracts written in Cairo for Starknet, a decentralized ZK Rollup
👩🏫 👨🏫 The open-source curriculum of Enki!
Filesystem in userspace (FUSE) with transparent authenticated encryption
A tool to quickly identify relevant, publicly-available open source intelligence ("OSINT") tools and resources, saving valuable time during investigations, research, and analysis.
A checklist of things to look for when auditing Solidity smart contracts.
A list of Blockchain Security audit companies, solo auditors and location of public audits.
Semgrep rules for smart contracts based on DeFi exploits
PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
A Collection of Vulnerabilities in ERC20 Smart Contracts With Tokens Affected
Smart Contract Auditor Roadmap | Learn Blockchain Security & Smart Contract Auditing
Checksec, but for Windows: static detection of security mitigations in executables
这个仓库收集了所有在 GitHub 上能找到的 CVE 漏洞利用工具。 This repository collects all CVE exploits found on GitHub.
State-of-the-art, highly opinionated, hyper-optimised, and secure 🐍Vyper smart contract building blocks.
Solidity language support and visual security auditor for Visual Studio Code
A collection of resources to help you build better and more secure Solana programs. Kept up to date.
:white_check_mark: .NET crypto done right. Professionally audited.
FIDO2(WebAuthn) server officially certified by FIDO Alliance and Relying Party examples.
Smart Contract security audit reports
An open-source cloud operating system and blockchain management platform, online demo: https://door.casvisor.com
Awesome list of all things oracle manipulation. Creating to help spread a better understanding of oracles and oracle manipulation.
A curated list of smart contract attack vectors
Smart Contract Vulnerabilities (SCV) List
Capillary is a library to simplify the sending of end-to-end encrypted push messages from Java-based application servers to Android clients.
This Repository contains list of Common Solidity SmartContract Attack Vectors. If you find any attack vectors missing, you can create a pull request and be a contributor of the project.
Security Analysis tool for WebAssembly module (wasm) and Blockchain Smart Contracts (BTC/ETH/NEO/EOS)
Namecoin full node + wallet based on the current Bitcoin Core codebase.
Minimalist secure text editor and binary encryptor that implements RFC 4880 Open PGP format: symmetrically encrypted, compressed and integrity protected. The editor can protect files with passwords, key files or both.
Meta-repository for Miscreant: misuse-resistant symmetric encryption library with AES-SIV (RFC 5297) and AES-PMAC-SIV support
QuillAudits — Smart Contract Audits for DeFi, RWA, DEXs, Tokens, DeAI & DApps
A modern and easy-to-use cryptographic library for .NET based on libsodium
A benchmark and harness for finding and exploiting smart contract bugs
A guide to EOS smart contract security best practices
Mock OAuth2/OpenID Connect server for JVM tests and Docker Compose. No security workarounds needed.
Different ASP.NET Core applications using OpenID Connect Hybrid flow Code Flow, Code Flow with PKCE, JWT APIs, MFA examples
A Solidity smart contract auditing checklist
Implementation of Universal Token for Assets and Payments