// the find
SunWeb3Sec/DeFiVulnLabs
To learn common smart contract vulnerabilities using Foundry!
A Foundry-based lab for learning Solidity smart contract vulnerabilities, covering 48 attack patterns from reentrancy to oracle manipulation. Originally internal training at XREX, now public. Aimed at developers new to Web3 security who want runnable exploit POCs rather than just reading about bugs.
Each vulnerability is a self-contained Foundry test — clone, run `forge test`, see the exploit fire. No setup ceremony. Covers non-obvious patterns that actually caused real losses: read-only reentrancy, phantom permit functions, transient storage misuse (post-Cancun). References are linked directly to real incidents and postmortems, so you can trace each pattern back to actual money lost.
Last push was April 2025 and the list stopped at 48 — several high-frequency DeFi bug classes are missing entirely (cross-chain message spoofing, price oracle TWAP manipulation, governance flashloan attacks). The test files are named inconsistently (some kebab-case, some PascalCase) and there's no shared test harness, so each file reimplements boilerplate differently. No coverage of formal verification or fuzzing workflows despite Foundry supporting both natively — the repo teaches you to recognize known patterns but not how to find unknown ones.