← Back to all products
$10
Exploit Monitor
Monitor for DeFi exploits, hacks, and abnormal on-chain activity with real-time alerts.
TOMLPythonMarkdown
📁 File Structure 12 files
exploit-monitor/
├── LICENSE
├── README.md
├── examples/
│ └── basic_usage.py
├── pyproject.toml
├── security-notes.md
├── src/
│ ├── __init__.py
│ ├── alerts.py
│ ├── formatters.py
│ ├── models.py
│ ├── monitor.py
│ └── patterns.py
└── tests/
└── test_patterns.py
📖 Documentation Preview README excerpt
Exploit Monitor — CryptoForge Coverage Vault
Monitoring agent for known exploit patterns in DeFi transactions. Detects reentrancy attacks, flash loan exploits, oracle manipulation, and sandwich attacks.
Features
- Reentrancy detection — Analyzes call traces for self-calls, deep stacks, value drain
- Flash loan detection — Identifies interactions with Aave, Balancer flash loan providers
- Oracle manipulation — Flags suspicious oracle read patterns and post-read extractions
- Sandwich detection — Identifies frontrun/backrun candidates via gas price and DEX patterns
- Pluggable patterns — Registry system for adding custom exploit patterns
- Alert pipeline — Console, file, and webhook handlers with dedup and cooldowns
- Batch processing — Analyze full blocks of transactions efficiently
- Statistics — Running counts by type, alert rate, block tracking
Installation
pip install -e .
Quick Start
from exploit_monitor import ExploitMonitor, MonitorConfig, Transaction, InternalCall
from exploit_monitor import AlertPipeline, ConsoleHandler
# Configure
config = MonitorConfig(
reentrancy_min_depth=3,
min_confidence=0.5,
)
# Set up alert pipeline
pipeline = AlertPipeline(
handlers=[ConsoleHandler()],
cooldown_seconds=60,
)
# Create monitor
monitor = ExploitMonitor(config=config, pipeline=pipeline)
# Analyze a transaction
tx = Transaction(
tx_hash="0xabc...",
from_addr="0x...",
to_addr="0x...",
internal_calls=[
InternalCall(from_addr="0xA", to_addr="0xA", depth=4, value=10**18),
],
)
alerts = monitor.process_transaction(tx)
for alert in alerts:
print(f"{alert.exploit_type.value}: {alert.confidence_pct}% confidence")
Pattern Types
| Pattern | Key Indicators |
... continues with setup instructions, usage examples, and more.
📄 Code Sample .py preview
src/alerts.py
"""
Exploit Monitor — Alert Dispatching
════════════════════════════════════
Alert handlers and pipeline for routing exploit alerts.
"""
from __future__ import annotations
import json
import time
from abc import ABC, abstractmethod
from typing import Optional
from .formatters import format_alert, to_json
from .models import ExploitAlert, Severity
class AlertHandler(ABC):
"""Abstract base class for alert output handlers."""
@abstractmethod
def handle(self, alert: ExploitAlert) -> bool:
"""
Handle an alert. Returns True if successfully processed.
"""
class ConsoleHandler(AlertHandler):
"""Prints formatted alerts to stdout."""
def __init__(self, min_severity: Severity = Severity.INFO) -> None:
self._min_severity = min_severity
self._severity_order = {Severity.INFO: 0, Severity.WARNING: 1, Severity.CRITICAL: 2}
def handle(self, alert: ExploitAlert) -> bool:
if self._severity_order.get(alert.severity, 0) < self._severity_order.get(self._min_severity, 0):
return False
print(format_alert(alert))
return True
class FileHandler(AlertHandler):
"""Appends JSON alerts to a log file."""
def __init__(self, filepath: str) -> None:
self._filepath = filepath
def handle(self, alert: ExploitAlert) -> bool:
try:
line = json.dumps(to_json(alert)) + "\n"
# ... 108 more lines ...