This guide is for authorized security research and education only. All techniques must be practiced on testnets, forks, or with explicit written permission. Unauthorized access to any system is illegal. The authors are not responsible for misuse.
| # | Module | Topics | Difficulty |
|---|---|---|---|
| 01 | Blockchain Fundamentals | EVM internals, ABI, gas, L2, bridges | → |
| 02 | Recon & OSINT | Etherscan, Tenderly, Dune, proxy detection | → |
| 03 | Smart Contract Vulnerabilities | Reentrancy, flash loans, oracles, access control | → |
| 04 | Audit Methodology | Scoping, threat modeling, invariants, CEI | → |
| 05 | Tools & Frameworks | Foundry, Slither, Echidna, Certora | |
| 06 | Exploit Development | Foundry PoC writing, flash loan templates | |
| 07 | DeFi Protocol Attacks | AMM, lending, bridges, governance | → |
| 08 | Web3 dApp Pentesting | Wallet, frontend, RPC, ENS, phishing | → |
| 09 | MEV & Mempool | Sandwich attacks, Flashbots, PBS | → |
| 10 | CTF & Wargames | Ethernaut, DvD, Paradigm CTF, Code4rena | → |
| 11 | Reporting & Disclosure | Finding templates, Immunefi, severity scoring | |
| 12 | Advanced Topics | ZK security, ERC-4337, cross-chain, EigenLayer | |
| 13 | Missing Vuln Classes | Transient storage, read-only reentrancy, weird ERC-20 | → |
| 14 | Bug Bounty Playbook | Target selection, sprint methodology, income tactics | → |
| 15 | Exploit Recreations | DAO, Harvest, Beanstalk, Nomad, Curve/Vyper | → |
| 16 | Master Audit Checklist | Complete per-function and DeFi-specific checklists | All |
- Basic Solidity understanding
- Node.js / npm installed
- Familiarity with Ethereum basics (transactions, wallets, gas)
# Install Foundry (required for all PoC exercises)
curl -L https://foundry.paradigm.xyz | bash && foundryup
# Install Slither
pip3 install slither-analyzer
# Clone this guide
git clone https://github.com/SdxShadow/Hack_web3
cd web3-pentest-guide
# Start with [Module 01](./modules/BLOCKCHAIN_FUNDAMENTALS.md) Beginner (Weeks 1-4)
→ Modules 01, 02, 05, 10 (Fundamentals + Tools + CTFs)
Intermediate (Weeks 5-8)
→ Modules 03, 04, 08, 11 (Vulnerabilities + Audit + Disclosure)
Advanced (Weeks 9-14)
→ Modules 06, 07, 09, 13, 15 (Exploit Dev + DeFi + MEV)
Expert (Ongoing)
→ Modules 12, 14, 16 + Live Immunefi / Code4rena contests
| Tool | Purpose | Install |
|---|---|---|
| Foundry | Testing, fuzzing, PoC development | curl -L https://foundry.paradigm.xyz | bash |
| Slither | Static analysis | pip3 install slither-analyzer |
| Echidna | Property-based fuzzing | GitHub releases |
| Aderyn | Fast AST analysis | cargo install aderyn |
| Heimdall-rs | Bytecode decompilation | cargo install heimdall |
| Certora | Formal verification | pip3 install certora-cli |
- 17 modules covering the full Web3 security spectrum
- 200+ vulnerability patterns documented with PoC code
- 50+ real-world case studies from $70M to $624M exploits
- Foundry PoC templates for every major attack vector
- SEO-optimized for GitHub Pages with Jekyll
- Rekt News — DeFi exploit post-mortems
- DeFi Hack Labs — 200+ PoCs
- Immunefi — Bug bounty platform
- Code4rena — Competitive audits
- Secureum — Security education
- Phalcon Explorer — Transaction analysis
MIT License — See LICENSE for details.