Skip to content

Adding a new detector

Jump to bottom
Dan Guido edited this page Sep 6, 2018 · 30 revisions

Slither has a detector plugin architecture so you can integrate your new detector that run by default from the command line.

The skeleton for a detector is:

from slither.detectors.abstractDetector import AbstractDetector
from slither.detectors.detectorClassification import DetectorClassification

class Skeloton(AbstractDetector):
    """
    Documentation
    """

    ARGUMENT = 'mydetector' # slither will launch the detector with slither.py --mydetector
    HELP = 'Help printed by slither'
    CLASSIFICATION = DetectorClassification.HIGH

    def detect(self):
        return []
  • ARGUMENT allows to run the detector from the command line
  • HELP is the information printed from the command line
  • CLASSIFICATION indicates your confidence in the severity and precision of the issues, it can be:
    • DetectorClassification.LOW
    • DetectorClassification.MEDIUM
    • DetectorClassification.HIGH

LOW vulnerabilities will be printed in green, MEDIUM in yellow and HIGH in red.

detect() needs to return a list of findings. To facilitate the automation of Slither, a finding is a dictionary containing a vuln key associated to the vulnerability name and additional information according of the vulnerability itself.

An AbstractDetector object has the slither attribute, which returns the current Slither object, and the log(str) function to print the result.

For example, backdoor.py will detect any function with backdoor in its name.

In addition, you need to load the module in Slither in slither/detectors/detectors.py. For example, backdoor.py is loaded here.

Clone this wiki locally