Reports and Vulnerability Intelligence¶

Finding Search and Public Reports¶

Resource	Tier	Use
Solodit	Must learn	Search public contest and audit findings.
Code4rena Reports	Use in real audits	Public competitive audit findings.
Sherlock Audits	Use in real audits	Reports from Sherlock contests and audits.
Cantina Competitions	Use in real audits	Contest scopes and findings.
Spearbit Portfolio	Use in real audits	Public reports and specialty checklists.
OpenZeppelin Audit Reports	Use in real audits	Mature report format and remediation style.
Trail of Bits Publications	Use in real audits	Public reports and research.
ConsenSys Diligence Audits	Use in real audits	EVM audit reports and tooling references.
Pashov Audits	Use in real audits	Large public archive of independent audit reports.

Resource	Tier	Use
DeFiHackLabs	Must learn	Reproduce exploits with runnable PoCs.
Rekt	Must learn	Incident narratives and loss context.
Immunefi Blog	Use in real audits	Vulnerability writeups and ecosystem loss reports.
ChainSecurity Blog	Use in real audits	Research and audit insights.
SlowMist Hacked Archive	Use in real audits	Incident database and trend tracking.
BlockSec Blog	Use in real audits	Exploit analysis and transaction traces.
DigiBastion Threat Intel	Use in real audits	Web3, DeFi, supply-chain, and OPSEC alert feed with subscriptions.
PeckShield Alerts	Watchlist	Fast incident signal; verify independently.

For each finding, extract: