Automated smart contract vulnerability detection framework for EVM-based blockchains.
EVM Security Toolkit is a modular Python framework designed for automated vulnerability detection in Solidity smart contracts. It analyzes bytecode patterns, ABI structures, and contract state to identify critical security flaws before they become exploits.
Built by a security researcher for security researchers.
| Module | Description |
|---|---|
| Bytecode Analyzer | Detects dangerous opcode patterns (DELEGATECALL, SELFDESTRUCT, unprotected SSTORE) |
| ABI Parser | Extracts and analyzes function signatures, access control patterns, and state mutability |
| Vulnerability Detector | Pattern-matching engine for reentrancy, oracle manipulation, flash loan vectors |
| Storage Analyzer | Maps storage slots, detects uninitialized proxies and slot collisions |
| Vault Detector | ERC-4626 inflation attack, share manipulation, missing virtual offset (Cancun+) |
| Transient Storage | EIP-1153 TLOAD/TSTORE analysis, reentrancy guard validation, stale state detection |
| Contract Scanner | Full pipeline: fetches verified source → analyzes → reports findings |
evm-security-toolkit/
├── src/
│ ├── analyzers/ # Bytecode & storage analysis engines
│ │ ├── bytecode.py # Opcode pattern detection
│ │ └── storage.py # Storage layout analysis
│ ├── parsers/ # ABI & source code parsers
│ │ └── abi_parser.py # ABI extraction & function analysis
│ ├── detectors/ # Vulnerability detection modules
│ │ ├── reentrancy.py # Cross-function & cross-contract reentrancy
│ │ ├── access.py # Missing access control checks
│ │ ├── vault.py # ERC-4626 vault inflation & share manipulation
│ │ └── transient.py # EIP-1153 TLOAD/TSTORE analysis (Cancun)
│ └── utils/ # Shared utilities
│ ├── config.py # Configuration management
│ ├── rpc.py # EVM RPC client
│ └── reporter.py # Finding report generator
├── tests/ # Test suite
├── examples/ # Example usage & sample contracts
└── scanner.py # CLI entry point
git clone https://github.com/eawhitehat/evm-security-toolkit.git
cd evm-security-toolkit
pip install -r requirements.txt# Scan a verified contract on Etherscan
python scanner.py --address 0x7a250d5630B4cF539739dF2C5dAcb4c659F2488D --chain ethereum
# Scan from local Solidity source
python scanner.py --file ./contracts/Vault.sol
# Scan bytecode directly
python scanner.py --bytecode 0x6080604052...
# Output JSON report
python scanner.py --address 0x... --chain bsc --output report.jsonfrom src.analyzers.bytecode import BytecodeAnalyzer
from src.detectors.reentrancy import ReentrancyDetector
from src.parsers.abi_parser import ABIParser
# Analyze bytecode for dangerous patterns
analyzer = BytecodeAnalyzer(bytecode="0x6080604052...")
findings = analyzer.scan()
# Parse ABI for unprotected functions
parser = ABIParser.from_address("0x...", chain="ethereum")
unprotected = parser.detect_unprotected_externals()
# Run reentrancy detection
detector = ReentrancyDetector(source_code=solidity_source)
vulns = detector.analyze()| Chain | RPC | Explorer |
|---|---|---|
| Ethereum | ✅ | Etherscan |
| BNB Chain | ✅ | BscScan |
| Polygon | ✅ | PolygonScan |
| Arbitrum | ✅ | Arbiscan |
| Base | ✅ | BaseScan |
- Reentrancy — Cross-function, cross-contract, and read-only reentrancy patterns
- ERC-4626 Vault Inflation — First depositor attack, share manipulation, exchange rate hijack
- Proxy Vulnerabilities — Uninitialized UUPS/Transparent proxies, storage collisions
- Access Control — Missing
onlyOwner, unprotectedselfdestruct, open initializers - Transient Storage (EIP-1153) — TLOAD/TSTORE misuse, missing reset, stale reentrancy locks
- Arithmetic — Precision loss in division-before-multiplication, unchecked downcasts
- State Inconsistency — Missing CEI pattern, cross-function state leaks
- Input Validation — Unchecked return values, missing zero-address checks
- Vault Share Rounding — Missing minimum deposit, zero-share minting edge cases
- Fork the repository
- Create a feature branch (
git checkout -b detector/new-vuln-type) - Add tests for your detector
- Submit a PR with a clear description of the vulnerability pattern detected
This tool is designed for authorized security assessments only. Always obtain proper authorization before scanning smart contracts. The authors are not responsible for misuse of this software.
MIT License — see LICENSE for details.
Author: @eawhitehat — Web3 Security Researcher & Bug Bounty Hunter