Code Scanning

Code Scanning

Static code analysis tools such as Slither, 4naly3er, Aderyn (coming soon) and Mythril (coming soon) are available via the Scan tool.

After you have your contract imported and a specific solidity file chosen, open the Scan tool and select a scan tool to run. Some scans may take a while to complete. Projects must be able to compile in order to be scanned.

Additional detectors, such as Slitherin, can be added to Slither scans within the tool.

We are working on adding support for scanning all types of projects. Some projects may not be supported during the beta test. Please report any issues you encounter.

Opening the scan tool

After a tool is finished, you can view its results and filter them by severity. Moreover, you will find clickable links to the mentioned code lines, and Audit Wizard will highlight the vulnerable items you've selected in the code editor.

Viewing a tool result

On the left of each reported code block you will find a clickable bookmark that you can use to look up the finding details right next to the vulnerable code.

Viewing extra details from within the code editor

Each tool provides its own unique take, with different detectors, varying severities, recommendations etc., run your favorite tool, or run all of them and compare results for a fuller image.

Especially at the start of an audit, this process can help you discover the low-hanging fruits and ideate potential attack vectors.