mirror of https://github.com/ConsenSys/mythril
blockchainethereumsmart-contractssoliditysecurityprogram-analysissecurity-analysissymbolic-execution
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2.1 KiB
2.1 KiB
Mythril
Mythril is a security analysis tool for Ethereum smart contracts. It uses concolic analysis, taint analysis and control flow checking to detect a variety of security vulnerabilities. The analysis is based on laser-ethereum, a symbolic execution library for EVM bytecode.
Installation and setup
Build the Docker image:
$ git clone https://github.com/ConsenSys/mythril/
$ docker build mythril
Install from Pypi:
$ pip3 install mythril
See the Wiki for more detailed instructions.
Usage
Documentation has moved to the Wiki page.
Publications and Videos
- HITBSecConf 2018 - Smashing Ethereum smart contracts for fun and real profit
- HITBSecConf 2018 conference paper
- EDCon Toronto 2018 - Mythril: Find bugs and verify security properties in your contracts
Acknowledgements
-
JSON RPC library is adapted from ethjsonrpc (it doesn't seem to be maintained anymore, and I needed to make some changes to it).
-
The signature data in
signatures.jsonwas initially obtained from the Ethereum Function Signature Database. -
Many features, bugfixes and analysis modules have been added by contributors.