Scanner Catalog

Complete reference for all 17+ security scanners available in BlockSecOps.

Scanner Overview

Scanner	Type	Language	Detectors	Speed
Slither	Static	Solidity/Vyper	93	Fast
Aderyn	Static	Solidity	88	Very Fast
SolidityDefend	Static	Solidity	204+	Medium
Semgrep	Pattern	Solidity	47	Fast
Solhint	Linter	Solidity	20	Fast
Wake	Static	Solidity	-	Fast
Mythril	Symbolic	Solidity	4	Slow
Echidna	Fuzzer	Solidity	-	Slow
Medusa	Fuzzer	Solidity	-	Medium
Halmos	Symbolic	Solidity	-	Slow
Vyper	Static	Vyper	-	Fast
Moccasin	Fuzzer	Vyper	-	Medium

Static Analysis Scanners

Slither

The industry standard for Solidity security analysis.

Property	Value
Type	Static Analysis
Language	Solidity, Vyper
Detectors	93
Speed	Fast (~15 seconds)

What it finds:

Reentrancy vulnerabilities
Unchecked return values
Access control issues
Integer overflows
State variable shadowing
Code complexity issues

When to use:

Always. It's fast and comprehensive.
Good for development and CI/CD.

Aderyn

Rust-based analyzer for fast security feedback.

Property	Value
Type	Static Analysis
Language	Solidity
Detectors	88
Speed	Very Fast (~5 seconds)

What it finds:

Reentrancy patterns
Unchecked calls
Gas optimization issues
Best practice violations
Documentation gaps

When to use:

When you need the fastest feedback
Great for development phase
Complements Slither well

SolidityDefend

Maximum detector coverage for thorough analysis.

Property	Value
Type	Static Analysis
Language	Solidity
Detectors	204+
Speed	Medium (~2 minutes)
Availability	Developer tier and above

What it finds:

All common vulnerabilities
Advanced attack patterns
Business logic issues
Gas inefficiencies
Code quality problems

When to use:

Pre-audit checks
Maximum coverage scans
When thoroughness matters

Semgrep

Pattern-based analysis with custom rules.

Property	Value
Type	Pattern Matching
Language	Solidity
Detectors	47
Speed	Fast (~10 seconds)

What it finds:

Patterns matching security rules
Custom vulnerability patterns
Code style issues

When to use:

When using custom security rules
CI/CD enforcement
Consistent with Semgrep in other projects

Wake

Framework-aware analysis for Foundry/Hardhat projects.

Property	Value
Type	Static Analysis
Language	Solidity
Detectors	Variable
Speed	Fast

What it finds:

Cross-contract issues
Import/dependency problems
Framework-specific issues

When to use:

Project mode scans
Complex multi-contract systems
When using Foundry or Hardhat

Solhint

Linter for Solidity code quality.

Property	Value
Type	Linter
Language	Solidity
Rules	20+
Speed	Fast

What it finds:

Code style violations
Naming convention issues
Best practice deviations
Documentation gaps

When to use:

Code quality enforcement
Team consistency
Learning Solidity best practices

Symbolic Execution

Mythril

Deep symbolic execution for complex vulnerabilities.

Property	Value
Type	Symbolic Execution
Language	Solidity
Detectors	4 (deep)
Speed	Slow (~3 minutes)

What it finds:

Integer overflows
Reentrancy (deep patterns)
Arbitrary writes
Suicidal contracts

When to use:

Pre-audit deep analysis
When time permits
Complex contract logic

Halmos

Symbolic testing for mathematical proofs.

Property	Value
Type	Symbolic Testing
Language	Solidity
Speed	Slow
Requires	Project mode

What it finds:

Property violations
Invariant breaks
Edge case failures

When to use:

When you have formal specifications
DeFi protocols with invariants
Mathematical proofs needed

Fuzzing Scanners

Echidna

Property-based fuzzing for Solidity.

Property	Value
Type	Fuzzer
Language	Solidity
Speed	Slow (~10 minutes)
Requires	Project mode with tests

What it finds:

Property violations
Edge cases
Unexpected state transitions
Invariant breaks

When to use:

When you have property tests
DeFi protocols
Complex state machines

Requirements:

Echidna test functions (echidna_*)
Project upload (not single file)

Medusa

Fast parallel fuzzing for Solidity.

Property	Value
Type	Fuzzer
Language	Solidity
Speed	Medium (~5 minutes)
Requires	Project mode

What it finds:

Similar to Echidna
Faster through parallelization
Good for larger projects

When to use:

When Echidna is too slow
Larger test suites
CI/CD fuzzing

Vyper Scanners

Vyper Analyzer

Static analysis for Vyper contracts.

Property	Value
Type	Static Analysis
Language	Vyper
Speed	Fast

What it finds:

Vyper-specific vulnerabilities
Pattern violations
Security issues

When to use:

Any Vyper contract

Moccasin

Fuzzing for Vyper contracts.

Property	Value
Type	Fuzzer
Language	Vyper
Speed	Medium
Requires	Project mode

What it finds:

Property violations in Vyper
Edge cases
State issues

When to use:

Vyper projects with tests
When Echidna isn't available for Vyper

Rust/Solana Scanners (Coming Soon)

Sol-azy

Static analysis for Solana programs.

Sec3 X-Ray

Deep analysis for Solana programs.

Trident

Fuzzing for Solana programs.

These scanners are currently in development.

Scanner Selection Matrix

Goal	Recommended Scanners
Quick feedback	Slither, Aderyn
Standard coverage	Slither, Aderyn, Semgrep, Solhint
Maximum coverage	All static analyzers
Pre-audit	All scanners including fuzzers
CI/CD (fast)	Slither, Aderyn
CI/CD (thorough)	Standard preset
DeFi protocol	Deep scan + fuzzers

FAQ

Q: Which scanner is most important?
A: Slither. It's the industry standard and should always be included.

Q: Why do some scanners find the same issue?
A: Each scanner has different detection logic. BlockSecOps deduplicates similar findings.

Q: Can I request new scanners?
A: Yes! Contact support with scanner requests.

Q: Are scanner results always accurate?
A: Scanners may have false positives. Review findings carefully.

Next Steps

Scanner Selection - Choose optimal scanners
Starting a Scan - Run your scan
Understanding Results - Interpret findings