Skip to main content

No project description provided

Project description

Template Based Smart Contracts Static Analyzer

eBurger

eBurger releases eBurger GitHub repo size GitHub Actions Workflow Status eBurger GitHub commit activity GitHub last commit PyPI - Downloads Issues eBurger Jupyter Notebook Templates Playground Forefy Discord Forefy Twitter

Discord | Discussions | Feature request | Wiki | Twitter DM

What is eBurger

eBurger is a static analysis tool that provides a way to quickly query and analyze solidity smart contracts.

Create your template

eBurger YAML Template

Run your template

eBurger YAML Template

Running static analyzers won't win you competitions. What we provide instead with eburger is the ability to spin up custom templates tailored to your current audited project in minutes (Wiki) allowing you to orchestrate unique lookups through the codebase to empower your audits.

How to install

From PyPi

pip3 install eburger
eburger -h

From source

git clone https://github.com/forefy/eburger.git
cd eburger
pip3 install .
eburger -h

How to run

Simple examples

Simplest

cd MyProject/
eburger
cat eburger-output.json

SARIF output

eburger -f MyProject/ -o sarif

Markdown output (running from the project's directory)

eburger -o markdown

Focused scan of a single file and its dependencies

eburger -f ../ProjectToScan/src/SomeContract.sol

Only print nsloc count

eburger -f MyProject/ --nsloc

Run custom YAML templates

eburger -t MyCustomYAMLs/ -f MyProject/

Advanced usage

Refer to the Wiki.

How it looks like

Here's a demo video

https://github.com/forefy/eburger/assets/152717707/65bf6a6d-adbc-4664-84d4-73ac641a8307

Besides eburger-output.json, above example will also generate extended info under the folder .eburger.

SARIF support

SARIF (Static Analysis Results Interchange Format) is a standard format for static analysis tool results.

To have an interactive GUI open up in VSCode that can organinze and interact with the results found, follow these steps:

  • Install Microsoft's SARIF Viewer VSCode extenstion
  • Run eburger --output sarif
  • From within VSCode, click the resulted eburger-output.sarif file placed in the working directory

This will open an interactive vscode menu with the issues, description, navigation of vulnerable code lines, etc. eburger SARIF view

GitHub Action

CI pipelines are supported via the eburger-action GitHub Action, it helps continuously assessing your code and viewing the raised insights on your repo's security pane.

eburger-action

eburger-action

Visit the action's page for more information.

Contributing templates

Templates can be added by creating new YAML files and either load them with eburger -t mytemplate.yaml . or by placing them under the templates/ directory.

If you prefer playing with eburger on the browser before installation, you can try the dedicated Jupyter notebook instance:

eBurger Jupyter Notebook Templates Playground

If you are using eburger as a python package (installed via pip install), the existing templates location can be found with running pip3 show eburger or by running the tool on a contract and seeing the templates path printed to the console.

For template writing and documentation refer to the Wiki.

Comparison table

Comparison of actively maintained / popular solidity smart contract static analyzers

Static Analyzer Language 2 Minutes to write a custom template with ChatGPT GitHub Action Many findings that are already found before the contest began Would want to eat
eBurger Python
Slither Python
4naly3er TypeScript 🤮
Mythril Python
Aderyn Rust

Forgot one or made a mistake? open a pull request or an issue :)

Features

  • YAML template support to query contract structure and raise insights for any matches
  • Fast learning curve for creating templates, ability to customize templates to the current ongoing audit project
  • Foundry and Hardhat support ❣️
  • SARIF support & VSCode GUI integration
  • GitHub Actions integration through eburger-action
  • Markdown report
  • Quick custom template generation via the eBurger Templates Generator GPT
  • Community and free support via Discord

What is missing

What features would you like to see? let us know!

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

eburger-1.0.3.tar.gz (41.5 kB view details)

Uploaded Source

Built Distribution

eburger-1.0.3-py3-none-any.whl (48.2 kB view details)

Uploaded Python 3

File details

Details for the file eburger-1.0.3.tar.gz.

File metadata

  • Download URL: eburger-1.0.3.tar.gz
  • Upload date:
  • Size: 41.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/4.0.2 CPython/3.11.8

File hashes

Hashes for eburger-1.0.3.tar.gz
Algorithm Hash digest
SHA256 e89f3820e158744696e06cfb5ddffdcd4f997fabc3bdca090f0ba66ed1229b00
MD5 2b0dca7fb1fdd7f95ac5d6f80c26d8b7
BLAKE2b-256 4b0539b59fed3d83ca97317d69419a0214784d57a54308ca9ca16baa7db36509

See more details on using hashes here.

File details

Details for the file eburger-1.0.3-py3-none-any.whl.

File metadata

  • Download URL: eburger-1.0.3-py3-none-any.whl
  • Upload date:
  • Size: 48.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/4.0.2 CPython/3.11.8

File hashes

Hashes for eburger-1.0.3-py3-none-any.whl
Algorithm Hash digest
SHA256 43a3443dd8d30953273abbd77e65faf45d703769b13feadc6a5b8eec8c61b41c
MD5 03dcf0bc8b5a2f1caf3ed91c6df73ab2
BLAKE2b-256 12d2b352f680ea96acbb08dc5668c2a24b9f855d4d775dbe1c10a40a4fa4b9ac

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page