Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
ethpwn
A swiss army knife package to help with ethereum smart contract exploit interaction, designed with CTF challenges in mind. Some might call it a set of pwn tools for ethereum exploitation.
- 1.0.0
- PyPI
- Maintainers
- 2
ethpwn
ethpwn is a project inspired by the widely popular CTF exploitation framework pwntools, and the amazing enhanced GDB utility GEF. In other words, ethpwn is all you ever wanted for debugging and interacting with smart contracts on EVM-based blockchains.
More practically, this package includes a kick-ass command line debugger for simulating and re-playing Ethereum transactions (ethdbg), and a set of convenient wrappers for many web3 functionalities that are useful for interacting with smart contracts.
⚡️ Quick Setup
Release Installation
pip install ethpwn
Developer Installation
Make sure your pip version is >= 23.1.2, then:
git clone git@github.com:ethpwn/ethpwn.git && cd ./ethpwn && pip install -e .
| ❗️ Note |
|---|
To start out, if you haven't created your global config before, you should run ethpwn config create to generate your initial configuration file. This command will interactively prompt you for the most important settings, including the Ethereum node URL to use and wallets you want to use. |
⚡️ Jump Start for ethdbg
ethdbg --txid 0x82a11757c3f34c2882e209c6e5ae96aff3e4db7f7984d54f92b02e1fed87e834 --node-url https://mainnet.infura.io/v3/38eb4be006004da4a89315232040e222
📖 Documentation
⚙️ Currently Supported EVM-based Chains
| Chain Name | Chain Id | Supported |
|---|---|---|
| mainnet | 1 | ✅ |
| sepolia (testnet) | 11155111 | ✅ |
FAQs
A swiss army knife package to help with ethereum smart contract exploit interaction, designed with CTF challenges in mind. Some might call it a set of pwn tools for ethereum exploitation.
We found that ethpwn demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025