Applications and Utilities Truffle Commands ZIION OS Commands

Bl ockchain & Smart

Starting Applications: Truffle Options: Contra ct Security
GANACHE Truffle is a tool used to make creating, compiling, and deploying _________________
Utility to run local ethereum blockchains. ethereum smart contracts e asy. POCKET REFERENCE GUIDE
www.sans.org/sec554
ganache-ui – Start graphical version. Steven Walbroehl: Twitter @HalbornSteve

ganache-cli – Start the CLI version. truffle <command> --options

truffle build Execute build pipeline in config
SOLC truffle compile Compile contract source files Bitcoin-Core CLI
Solidity compiler for Smart Contracts Truffle config Set user-level configuration options
solc-select --list Show installed compiler truffle console Run a console with contract commands available
truffle debug Interactively debug transaction on the blockchain Bitcoin Client Commands:
versions.
truffle exec Execute a JS module within this Truffle environment BITCOIN-CLI
solc-select <version> Select version.
truffle init Initialize new and empty Ethereum project A utility that allows a user to send RPC
solc <contract.sol> -- options truffle install Install a package from the Ethereum commands to bitcoind from a client command
solc --version Display current version of used. Package Registry line, locally and remotely.
solc --abi Get ABI specifications of contract truffle migrate Run migrations to deploy contracts
solc --asm Get EVM assembly of contract truffle networks Show addresses for deployed contracts on each bitcoin-cli <command> <arguments> --
solc --opcodes Get opcodes used in contract network options
solc --bin Print binary/hex of contract truffle opcode Print the compiled opcodes for a given contract
truffle run Run a third-party command BLOCKCHAIN RPCs WALLET RPCs
getblock abandontransaction
getclockcount backupwallet
Smart Contract Security and Vulnerability Detection Tools getblockhash createwallet
getdifficulty dumpprivkey
Security Tools - Static Analysis: Security Tools – Symbolic Execution: getmempoolinfo dumpwallet
SLITHER MANTICORE gettxout encryptwallet
Static analysis framework with vulnerability detectors Symbolic Execution Tool for analysis on contract binaries. getblockheader getaddressinfo
for smart contract code. getchaintips getbalance
slither <contract> --options getnewaddress
manticore <contract> --options
NETWORK RPCs getreceivedbyaddress
slither . Run default analysis manticore --txlimit TXLIMIT Maximum number of
addnode gettransaction
slither --list-detectors List of security symbolic transactions to run. getwalletinfo
disconnectnode
detections. manticore --detect Select the list of detectors to run, (i.e
getaddednodeinfo importaddress
uninitialized storage) importprivkey
MYTHRIL
Symbolic execution tool for
manticore –exclude
getpeerinfo
getconnectioncount importpubkey
Security Analysis tool for EVM bytecode. <low><medium><high><informational><optimization> importwallet
listbanned
sudo myth <command> --options Filter the output based on criticality level of finding. listreceivedbyaddress
sudo myth analyze Triggers the analysis of the listtransactions
UTILITY RPCs
smart contract There are also several options depending on development listwallets
createmultisig
sudo myth disassemble Disassembles the environment. See –h for options on: sendtoaddress
deriveaddresses
smart contract Compile options, Solc options, Truffle options, Dapp Options, signmessage
validateaddress
sudo myth list-detectors Lists available Waffle Options, and NPX options. walletpassphrase
verifymessage
detection modules signmessagewithprivkey
sudo myth read-storage Retrieves storage
slots from a given address through rpc