SolidityScan
online Free Trialsolidityscan.com
Quick Facts
What it does
Automated smart contract vulnerability scanning platform by CredShields that analyzes Solidity code for security issues and generates detailed PDF audit reports. Includes QuickScan, a free rug pull detector that checks deployed contracts for dangerous admin functions like hidden mints, burns, and fee manipulation across multiple EVM chains. Features a VS Code plugin for real-time security feedback while writing Solidity. Supports GitHub repo integration for automated scanning on code updates. Pricing ranges from free trial to $499.99 Pro tier for teams.
When to use it
- Quick automated security scans during smart contract development
- Detecting rug pull indicators in tokens (free QuickScan)
- Getting a preliminary audit report before engaging manual auditors
- Continuous security monitoring via automated scans on code updates
- Real-time security feedback in VS Code while writing Solidity
When not to use it
- Replacing a thorough manual security audit for high-value contracts
- Non-Solidity smart contracts (Vyper
- Rust
- Move)
- Deep symbolic execution or formal verification
- Investigating on-chain transactions or tracing funds
Limitations
- Pattern-based scanning
- not symbolic execution
- Solidity only
- Cannot analyze multi-contract interaction exploits
- Free tier limited to gas bugs only
Frequently Asked Questions
Is SolidityScan free to use?
What platforms does SolidityScan support?
Does SolidityScan require an account?
Is SolidityScan open source?
What are the limitations of SolidityScan?
What does SolidityScan do?
Related Tools
A curated directory and browser-based toolkit for security researchers. GhostKit combines 14+ client-side tools — JS deobfuscation, encoding/decoding, URL analysis, email header parsing, hash generation, JWT/SAML decoding, and more — with a comprehensive directory of external security tools.
Static analysis framework for Solidity and Vyper smart contracts with 90+ built-in vulnerability detectors, running in under one second per contract.
Symbolic execution engine for EVM bytecode that detects vulnerabilities like reentrancy and integer overflows by exploring multiple execution paths via SMT solving.
Browser-based smart contract scanner and DeFi security platform that checks tokens for rug pull indicators and vulnerability risk scores across 50+ blockchains.