MagicMirror is a white-box fuzzing tool written mainly in Python 3 for Solidity Smart Contracts. It supports the detection of 9 popular security vulnerabilities. It is easy to use and provides various informative reports as output. MagicMirror is fast and can generally achieve high code coverage on many contracts. MagicMirror utilizes techniques that include constraint solving, random test generation, random state exploration, coverage and data dependency guided fuzzing, and combinatorial testing.
DOWNLOADS: https://magic-mirror.gitbook.io/magicmi/
MagicMirror works on both Linux and Windows with minimal dependency requirements, as well as a Docker image that would work in any environment as long as Docker is supported.
Features
Detects 9 security vulnerabilities, e.g., reentrancy, exception disorder, and dangerous delegate call.
Achieve high code coverage on most contracts.
Fast transaction execution via production Geth EVM.
Supports contracts written with Solidity >= 0.4.0.
Multiplatform support, releases in Docker image, Windows executable, Linux executable.
Automatic solc compiler version detection and switching. Users do not need to manually install and switch solc compilers.
Geth EVM included and fully configured with a custom wrapper. Users do not need to configure EVM on their own.
Informative coverage reports, detailed test cases for reproducing every detected vulnerability.
Security and Privacy: assurance, modeling, testing & validation
Technologies: software & firmware