Skip to content

Releases: Deivitto/auditor-docker

0.1.1

16 Sep 14:34
56adcb5
Compare
Choose a tag to compare
  • Heimdall issue regarding ownership of .foundry and .bifrost folders solved by changing ownership in dockerfile
  • Updater route changed to be always $HOME rather than parent, what in case of being called with the symbolic link, was the wrong folder
  • Fix of the issuer regarding not using $HOME, so it couldn't find the template

0.1.0

08 Sep 16:26
7401c8d
Compare
Choose a tag to compare
  • Fixing code command issues
  • Adding pyrometer installer
  • Isolation of multiple tools into single installers: brownie, manticore, etheno, embark.
  • Corrected issues regarding codehawks in issue_creator
  • Decreased 2GB the size of the docker image by using a multistage approach for foundry and heimdall
  • Improved echidna installer timing by using the approach shared by GalloDaSballo and created by agfviggiano at twitter
  • Improved usage of different tools by removing aliases and now using symbolic links, what allows users to use some commands in bash scripts
  • Added -code and -d options to issue creator and solc_docs
  • Changed some comments
  • Corrected some paths that didn't start at /home/whitehat
  • Changes into installer order
  • Changes in README.md
  • Updated scripts updater
  • Added versions.sh to test all the available commands (first part are the default ones, last part are the ones from the installer)
  • Added more time to my agenda (^~^)

0.0.2

19 Aug 15:54
c9af46d
Compare
Choose a tag to compare
  • Added Picodes 4nalyz3r to add2 installer
  • Added analyze4 as a script to simplify UX regarding 4nalyz3r
  • Hot Fixed yarn is not recognized as command
  • Changed some texts and adding some missing descriptions (ganache, truffle)

0.0.1

16 Aug 13:24
efb3881
Compare
Choose a tag to compare

Base Setup:

  • Operating System: Ubuntu Jammy (22.04)
  • Utilities: Git, Curl/wget, gawk/ripgrep, z3, pandoc, openssh-client, texlive, solidity plugins for Vim, etc.
  • Ethereum dependencies.

Languages & Frameworks:

  • Python: Version 3.9
  • Rust: Comprehensive setup with Cargo
  • Julia: Built-in support.
  • Noir: Support for the Noir language (Nargo).
  • Circom: Framework for zkSNARK circuits.

Web3 Tools for security:

It includes not only dependencies but tools from well known companies, developers and contributooors:

  • Foundry as modular toolkit for Ethereum application development written in Rust. It includes: Forge, Anvil, Cast, and Chisel. Author Paradigm.
  • Halmos for Symbolic Bounded Model Checker for Ethereum Smart Contracts Bytecode. Author a16z.
  • Heimdall for advanced EVM smart contract toolkit specialized in bytecode analysis. Author Jon-Becker.
  • Slither, Echidna, Medusa Fuzzer, Manticore, and Etheno, solc-select and crytic compile. Author Trail of Bits.
  • Extra Slither detectors, specialized detectors for Slither. Author Pessimistic.io.
  • Prover tool for symbolic analysis. Author Certora.
  • Mythril for smart contract analysis. Author Consensys.
  • Spearbit Report Generator, all needed dependencies to use the report generator in Spearbit audits
  • Python developer kit: It includes Vyper, Ape-Vyper, Py-solc-x and pyevwasm, can be found in.

Package Management and Node:

  • NVM: Node Version Manager to switch between different Node.js versions.
  • Node: Long Term Support (LTS) version.
  • Package Managers: npm, yarn, and pnpm

VSCode Extensions:

  • There is also an option in the installer to install the most common extensions for Security Researchers. Really useful for beginners or new installations.

Custom scripts:

  • add2 / add2box: Shortcut to the installer which will do the whole installation for different tools without leaving the CMD.
  • add2-update: Shorcut to the updater which will sync the scripts and templates folder with the latest version of them in the repo. This is for useful for fixes or to get the installer of a new tool.
  • issue: For bug hunters mostly. Sometimes I was auditing some contest and I prefer to write first the issues locally, then submit them after reviewing all of them. The issue, is that the templates are different in the platforms, and sometimes you need to log in to get the template, so why not to run issue c4 or issue sh to create a Code4rena or Sherlock issue and open it in your editor instantly? It also have support for Spearbit and Codehawks templates.
  • solc-docs --book: Downloads the latest solidity lang documentation and tries to open the pdf file.

For more info go to the table with all the features or to the references page in the wiki, where all the links to the packages are included.