
Join the Empire Hacking Slack
- Discussions and Support
Slither is a Solidity & Vyper static analysis framework written in Python3. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.
Run Slither on a Hardhat/Foundry/Dapp/Brownie application:
slither .
This is the preferred option if your project has dependencies as Slither relies on the underlying compilation framework to compile source code.
However, you can run Slither on a single file that does not import dependencies:
slither tests/uninitialized.sol
Note Slither requires Python 3.10+. If you're not going to use one of the supported compilation frameworks, you need solc, the Solidity compiler; we recommend using solc-select to conveniently switch between solc versions.
uv is a fast Python package manager that's 10-100x faster than pip.
# Install uv if you haven't already
curl -LsSf https://astral.sh/uv/install.sh | sh
# Install slither as a tool
uv tool install slither-analyzer
# Or run slither without installation
uvx slither-analyzer <target>
To upgrade:
uv tool upgrade slither-analyzer
python3 -m pip install slither-analyzer
To upgrade:
python3 -m pip install --upgrade slither-analyzer
brew install slither-analyzer
git clone https://github.com/crytic/slither.git && cd slither
# Install as editable for development
uv tool install -e .
# Or use uv run for testing without installation
uv run slither <target>
The -e flag installs in editable mode, meaning changes to the source code are immediately reflected without reinstalling.
Use the eth-security-toolbox docker image. It includes all of our security tools and every major version of Solidity in a single image. /home/share will be mounted to /share in the container.
docker pull trailofbits/eth-security-toolbox
To share a directory in the container:
docker run -it -v /home/share:/share trailofbits/eth-security-toolbox
$GIT_TAG with real tag)
```YAMLslither [target] --checklist.slither [target] --checklist --markdown-root https://github.com/ORG/REPO/blob/COMMIT/ (replace ORG, REPO, COMMIT)$ claude mcp add slither \
-- python -m otcore.mcp_server <graph>