No project description provided
Project description
Template Based Smart Contracts Static Analyzer
Discord | Discussions | Feature request | Wiki | Twitter DM
What is eBurger
eBurger is a static analysis tool that provides a way to quickly query and analyze solidity smart contracts.
Create your template
Run your template
Running static analyzers won't win you competitions. What we provide instead with eburger is the ability to spin up custom templates tailored to your current audited project in minutes (Wiki) allowing you to orchestrate unique lookups through the codebase to empower your audits.
- How to install
- How to run
- How it looks like 👀
- SARIF support
- GitHub Action
- Contributing templates
- Comparison table
- Features
- What is missing
How to install
From PyPi
pip3 install eburger
eburger -h
From source
git clone https://github.com/forefy/eburger.git
cd eburger
pip3 install .
eburger -h
How to run
Simple examples
Simplest
cd MyProject/
eburger
cat eburger-output.json
SARIF output
eburger -f MyProject/ -o sarif
Markdown output (running from the project's directory)
eburger -o markdown
Focused scan of a single file and its dependencies
eburger -f ../ProjectToScan/src/SomeContract.sol
Only print nsloc count
eburger -f MyProject/ --nsloc
Run custom YAML templates
eburger -t MyCustomYAMLs/ -f MyProject/
Advanced usage
Refer to the Wiki.
How it looks like
Here's a demo video
https://github.com/forefy/eburger/assets/152717707/65bf6a6d-adbc-4664-84d4-73ac641a8307
Besides eburger-output.json
, above example will also generate extended info under the folder .eburger
.
SARIF support
SARIF (Static Analysis Results Interchange Format) is a standard format for static analysis tool results.
To have an interactive GUI open up in VSCode that can organinze and interact with the results found, follow these steps:
- Install Microsoft's SARIF Viewer VSCode extenstion
- Run
eburger --output sarif
- From within VSCode, click the resulted
eburger-output.sarif
file placed in the working directory
This will open an interactive vscode menu with the issues, description, navigation of vulnerable code lines, etc.
GitHub Action
CI pipelines are supported via the eburger-action GitHub Action, it helps continuously assessing your code and viewing the raised insights on your repo's security pane.
Visit the action's page for more information.
Contributing templates
Templates can be added by creating new YAML files and either load them with eburger -t mytemplate.yaml .
or by placing them under the templates/
directory.
If you prefer playing with eburger on the browser before installation, you can try the dedicated Jupyter notebook instance:
If you are using eburger as a python package (installed via pip install), the existing templates location can be found with running pip3 show eburger
or by running the tool on a contract and seeing the templates path printed to the console.
For template writing and documentation refer to the Wiki.
Comparison table
Comparison of actively maintained / popular solidity smart contract static analyzers
Static Analyzer | Language | 2 Minutes to write a custom template with ChatGPT | GitHub Action | Many findings that are already found before the contest began | Would want to eat |
---|---|---|---|---|---|
eBurger | Python | ✅ | ✅ | ✅ | |
Slither | Python | ✅ | ✅ | ||
4naly3er | TypeScript 🤮 | ✅ | |||
Mythril | Python | ||||
Aderyn | Rust |
Forgot one or made a mistake? open a pull request or an issue :)
Features
- YAML template support to query contract structure and raise insights for any matches
- Fast learning curve for creating templates, ability to customize templates to the current ongoing audit project
- Foundry and Hardhat support ❣️
- SARIF support & VSCode GUI integration
- GitHub Actions integration through eburger-action
- Markdown report
- Quick custom template generation via the eBurger Templates Generator GPT
- Community and free support via Discord
What is missing
What features would you like to see? let us know!
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file eburger-1.0.6.tar.gz
.
File metadata
- Download URL: eburger-1.0.6.tar.gz
- Upload date:
- Size: 43.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/4.0.2 CPython/3.11.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8ea605222a2a714627f6b09c585e40098c1ad44dbc408b4732163d499a9f4fb5 |
|
MD5 | a1da55cfbbbb67b94848a89e9913f345 |
|
BLAKE2b-256 | 01a4ec344918b3903de00e2ece653d2f8b2c588277ff5e32758eb7e32aa292aa |
File details
Details for the file eburger-1.0.6-py3-none-any.whl
.
File metadata
- Download URL: eburger-1.0.6-py3-none-any.whl
- Upload date:
- Size: 51.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/4.0.2 CPython/3.11.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | dd060b5e1ab0c1f8e6b2404f34ed9572167861dba573f77e27251b8bb0f191bb |
|
MD5 | c68927144f2a650708dfa4eb5324a1ae |
|
BLAKE2b-256 | 0de2c4446cea61099b31d8af616c7ef14764ad16ea397462bb7daf92216c3510 |