← Back to all products

Exploit Monitor — CryptoForge Coverage Vault

$10

Monitoring agent for known DeFi exploit patterns — reentrancy, flash loans, oracle manipulation.

📁 18 files
TOMLMarkdownPython

📄 Product Preview

Try the interactive reader and demo tools below, or get the full product with all content unlocked.

📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample

📁 File Structure 18 files

exploit-monitor/ ├── LICENSE ├── README.md ├── examples/ │ └── basic_usage.py ├── free-sample.zip ├── guide/ │ ├── 01_exploit-monitor-cryptoforge-coverage-vau.md │ ├── 02_features.md │ ├── 04_quick-start.md │ └── 05_pattern-types.md ├── index.html ├── pyproject.toml ├── security-notes.md ├── src/ │ ├── __init__.py │ ├── alerts.py │ ├── formatters.py │ ├── models.py │ ├── monitor.py │ └── patterns.py └── tests/ └── test_patterns.py

📖 Documentation Preview README excerpt

Exploit Monitor — CryptoForge Coverage Vault

Monitoring agent for known exploit patterns in DeFi transactions. Detects reentrancy attacks, flash loan exploits, oracle manipulation, and sandwich attacks.

Features

  • Reentrancy detection — Analyzes call traces for self-calls, deep stacks, value drain
  • Flash loan detection — Identifies interactions with Aave, Balancer flash loan providers
  • Oracle manipulation — Flags suspicious oracle read patterns and post-read extractions
  • Sandwich detection — Identifies frontrun/backrun candidates via gas price and DEX patterns
  • Pluggable patterns — Registry system for adding custom exploit patterns
  • Alert pipeline — Console, file, and webhook handlers with dedup and cooldowns
  • Batch processing — Analyze full blocks of transactions efficiently
  • Statistics — Running counts by type, alert rate, block tracking

Installation


pip install -e .

Quick Start


from exploit_monitor import ExploitMonitor, MonitorConfig, Transaction, InternalCall
from exploit_monitor import AlertPipeline, ConsoleHandler

# Configure
config = MonitorConfig(
    reentrancy_min_depth=3,
    min_confidence=0.5,
)

# Set up alert pipeline
pipeline = AlertPipeline(
    handlers=[ConsoleHandler()],
    cooldown_seconds=60,
)

# Create monitor
monitor = ExploitMonitor(config=config, pipeline=pipeline)

# Analyze a transaction
tx = Transaction(
    tx_hash="0xabc...",
    from_addr="0x...",
    to_addr="0x...",
    internal_calls=[
        InternalCall(from_addr="0xA", to_addr="0xA", depth=4, value=10**18),
    ],
)

alerts = monitor.process_transaction(tx)
for alert in alerts:
    print(f"{alert.exploit_type.value}: {alert.confidence_pct}% confidence")

Pattern Types

| Pattern | Key Indicators |

... continues with setup instructions, usage examples, and more.

📄 Code Sample .py preview

src/alerts.py """ Exploit Monitor — Alert Dispatching ════════════════════════════════════ Alert handlers and pipeline for routing exploit alerts. """ from __future__ import annotations import json import time from abc import ABC, abstractmethod from typing import Optional from .formatters import format_alert, to_json from .models import ExploitAlert, Severity class AlertHandler(ABC): """Abstract base class for alert output handlers.""" @abstractmethod def handle(self, alert: ExploitAlert) -> bool: """ Handle an alert. Returns True if successfully processed. """ class ConsoleHandler(AlertHandler): """Prints formatted alerts to stdout.""" def __init__(self, min_severity: Severity = Severity.INFO) -> None: self._min_severity = min_severity self._severity_order = {Severity.INFO: 0, Severity.WARNING: 1, Severity.CRITICAL: 2} def handle(self, alert: ExploitAlert) -> bool: if self._severity_order.get(alert.severity, 0) < self._severity_order.get(self._min_severity, 0): return False print(format_alert(alert)) return True class FileHandler(AlertHandler): """Appends JSON alerts to a log file.""" def __init__(self, filepath: str) -> None: self._filepath = filepath def handle(self, alert: ExploitAlert) -> bool: try: line = json.dumps(to_json(alert)) + "\n" # ... 108 more lines ...
Buy Now — $10 Back to Products