// the find
SunWeb3Sec/DeFiHackLabs
Reproduce DeFi hacked incidents using Foundry.
A collection of 714+ Foundry-based PoC reproductions of real DeFi exploits, spanning 2017 through mid-2026. It's a living reference for smart contract security researchers and auditors who want to run actual exploit code against mainnet forks, not just read post-mortems. Updated within the last two days, which tells you it's genuinely maintained.
Foundry is the right tool here — fork tests with cheat codes let each PoC actually execute against real on-chain state, not a simulated environment. The vulnerability categorization per entry (reentrancy, price manipulation, access control, etc.) makes it useful as a structured study reference rather than just a changelog of losses. The academy section goes beyond listing exploits: it walks you through writing your own PoCs for specific vulnerability classes with hands-on exercises in 5+ languages. Coverage is genuinely current — incidents from June 2026 are already in the list, which is unusual for a community-maintained repo of this scope.
With 714 entries contributed by many different authors, quality variance is real — some PoCs reproduce the mechanics without explaining the root cause accurately, and there's no visible review bar. The README index is a flat scrolling list with no way to filter by vulnerability class, loss amount, or protocol type without reading every line. The academy covers 7 narrow lessons; entire vulnerability classes like storage slot collisions, cross-chain bridge attacks, and proxy upgrade risks have no guided content. The repo is almost entirely EVM-focused — Solana, Sui, and Aptos DeFi incidents are absent despite representing a growing share of actual losses.