The Auditware team is excited to announce that Audit Wizard, the all-in-one smart contract auditing tool, is now live for alpha testing. With Audit Wizard, auditors can import code from platforms including GitHub and Code4rena, access essential auditing tools (including Slither and Mythril), leverage AI to scan for vulnerabilities, and automatically generate detailed audit reports. Created for auditors and web3 developers, Audit Wizard streamlines the auditing process by providing a platform that eliminates the need for multiple tool downloads or setups.
We’re offering a free NFT to everyone who helps us test Audit Wizard! Don’t miss out on this chance to revolutionize your auditing work. Try Audit Wizard today!
Getting Started with Audit Wizard
Audit Wizard is an easy-to-use tool made for web3 auditors and developers. Audit Wizard offers a simple UI and removes the need to install and set up various security tools. Click here to access the Wizard.
Audit Wizard allows you to import projects from Github, Etherscan, contract addresses, and Code4rena — and access automatically resolved solidity imports alongside your project code. To get started, click “Sign in” and connect your web3 Ethereum wallet. You will then be asked to sign a message. Your wallet is the only login needed, and all your audit work will be associated with it — allowing you to pick back up where you left off.
Once you’ve logged in, click the + button under ‘my projects’ to import a project. You’ll then see a project URL box, where you can paste links from Github, Etherscan, contract addresses, and Code4rena. Once you’ve pasted a link, click the import button on the right of the URL bar.
The import section also displays current Code4rena and Immunify audit contests. Click the import button to add these contests to your imported projects and begin to work on them! Soon, you will be able to submit findings in Audit Wizard to platforms like Code4rena automatically!
Once you click the import button, the project files will load on the left-hand side of your screen in the project view. Any Solidity imports will be automatically detected and placed in the ‘imports’ folder. From there, you can open a solidity project and run any Audit Wizard tools on your code.
Using Audit Wizard Tools
The graph code tool allows you to generate graphs that visualize the relationship between functions and contracts — depending on the scope you select. Function scope will generate a graph that shows the relationship between the different function calls of each contract. Contract scope will generate a graph that shows the relationship between the contracts at a high level.
Scan Code
The scan code tool allows you to scan all of the Solidity code in a project with either Slither or Mythril (Mythril scanning is currently in development and will be added soon). Slither and Mythril are static code analysis tools that attempt to find security vulnerabilities in the code they scan. Additional code analysis tools will be added to Audit Wizard soon!
AI Assist
The AI Assist tool allows you to leverage AI to help your understanding of the code. Explain code, threat model, and find vulnerabilities in code with our GPT-3 based model. As we all know, AI is not perfect and is not suitable for generating entire reports — yet. AI vulnerability scanning is a priority as we continue to develop Audit Wizard, and we will continue to refine our model and increase its efficiency.
Abstract Syntax Tree (AST)
The AST tool shows you the abstract syntax tree for the Solidity file you have selected, allowing you to explore the structure of the code visually.
Notepad
The notepad feature allows you to take notes in a markdown editor, enabling you to keep track of your audit work as you go. You can export entire audit reports based on the notes you take — removing the need to format and compose them manually. Report formatting is currently in development, but soon you will be able to use Audit Wizard to create submissions suitable for clients, Code4rena, Immunify, your personal auditing portfolio, and more! Notes also automatically save as you type them.
Feedback and Free NFT!
Your feedback is crucial to the future of Audit Wizard. Please fill out this brief feedback form to claim your free POAP NFT!
That’s all— you just tested the Audit Wizard alpha! The goal of Audit Wizard is to make the process of auditing as easy as possible and consolidate all tools auditors need into a single place. If you’re an auditor or developer and have ideas for how we can improve the tool, we want to hear from you. Please report bugs, suggest ideas, and share feedback on our Discord server. The team is happy to answer any questions or concerns there too. Thank you to all our early testers! 🧙
Auditware is a company focused on building revolutionary web3 security tooling. We also offer operational security, application, and smart contract audits as a service. To learn more about us or to request an audit, check out our website and follow us on Twitter!