Write or paste a Solidity contract and hit Audit. Real solc
compile + SWC vulnerability scan, 100% in your browser. Try the sample — it hides a
reentrancy and an ownership backdoor.
Pattern-level static analysis (SWC catalog) — surfaces known red flags, not a substitute for a full professional audit.
Vulnerability Academy
Each entry loads straight into the Auditor — run it and watch the detector catch (or clear) it.
Safe Token Builder
Generate a clean OpenZeppelin-pattern ERC-20, then audit it to learn what each power does.
Bytecode Scanner
No source published? Paste a deployed contract's runtime bytecode (0x… from eth_getCode) — flags backdoor opcodes (SELFDESTRUCT, DELEGATECALL) and known rug/honeypot function selectors, with zero Solidity. 100% in your browser.
Paste runtime bytecode and hit Scan. Pure opcode + selector analysis — no compiler, no backend. Useful for unverified coins where no source is available.
Shallow bytecode heuristics — surfaces dangerous opcodes and known selectors, not a decompilation or full audit.
Batch Scanner
Audit many real coins at once — each address is pulled live (verified source) and run through all detectors, then ranked worst-first so you see which coins are bad and exactly why. One address per line (Ethereum).
Each coin is compiled + audited 100% in your browser from its live verified source. Risk research, not financial advice.
Token Scanner
Vet a deployed token by address — rug-risk verdict from live on-chain data.
Risk research, not financial advice. A clean scan means no detected red flags — never a guarantee of safety.