Slither is a Solidity static analysis framework written in Python 3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses.
It enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.
Features
Run Slither on a Truffle/Embark/Dapp/Etherlime application:
slither .
Run Slither on a single file:
$ slither tests/uninitialized.sol
For additional configuration, see the usage documentation.
Use solc-select if your contracts require older versions of solc.
By default, all the detectors are run.
Contact us to get access to additional detectors.
To run a printer, use --print
and a comma-separated list of printers.
Slither requires Python 3.6+ and solc, the Solidity compiler.
$ pip install slither-analyzer
$ git clone https://github.com/crytic/slither.git && cd slither
$ python setup.py install
We recommend using an Python virtual environment, as detailed in the Developer Installation Instructions, if you prefer to install Slither via git.
Use the eth-security-toolbox
docker image. It includes all of our security tools and every major version of Solidity in a single image. /home/share
will be mounted to /share
in the container. Use solc-select
to switch the Solidity version.
docker pull trailofbits/eth-security-toolbox
To share a directory in the container:
docker run -it -v /home/share:/share trailofbits/eth-security-toolbox
Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…
Docker is one of the most widely used containerization platforms. But there may come a…
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…