Skip to content

Finguard Attack Lab

We don't guess bugs.
We actually break it.

AI generates attack paths from contract structure, then runs millions to tens of millions of security simulations — randomized transaction sequences, state combinations, fund flows, and extreme parameters — against a mainnet fork in a hardened sandbox.

Live Sandbox Replay

Watch Monte Carlo + Foundry Break an Invariant

AI-guided sampling runs randomized transaction sequences on a mainnet fork — the moment an invariant like asset conservation breaks, it emits a reproducible minimized PoC.

finguard://attack-lab/sandboxLIVE
$ forge test --match-contract InvariantPoC --fork bsc -vvvv
Attack samples
0
Branch coverage0%

Invariants

Asset conservationHolding
poolAssets ≥ Σ userDeposits
Supply integrityHolding
totalSupply == Σ balances
Oracle sanityHolding
|twap − spot| ≤ 5%
Sandbox running…

A scripted replay of a real workflow. Project name and address anonymized.

FinGuard-exclusive engine

AI-Guided Monte Carlo Attack

The AI plans a high-value attack search space, then Monte Carlo sampling fires millions of randomized exploit inputs into a hardened sandbox — coverage-tracked and feedback-learned each round, hunting the edge cases hand-written tests never reach.

  1. 1search-space-planner

    AI Search-Space Planning

    The AI reads contract structure and prior findings to map high-value attack surfaces, parameter dimensions, and boundary points.

  2. 2monte-carlo-sampler

    Monte Carlo Sampling

    Fires randomized inputs via four strategies — uniform, gaussian, boundary-weighted, and combinatorial — across the planned space.

  3. 3foundry-runner (fork)

    Forge-Fork Sandbox Execution

    Every sample is executed against a mainnet fork inside a hardened Docker sandbox — real state, real transactions, no guessing.

  4. 4coverage_map

    Coverage Tracking

    A per-dimension coverage heatmap records explored and hit bins, so you can see exactly what was tested — not a black box.

  5. 5feedback-learner

    Feedback-Guided Learning

    Hits and near-hits feed back to densify sampling around promising regions, chasing edge cases hand-written tests never reach.

  6. 6hit-confirmation

    AI Confirmation + Minimized PoC

    Each confirmed break is adjudicated by AI and reduced to a minimal, reproducible proof-of-concept with a fixed seed.

“Millions of attacks” is not a marketing number — every run is auditable and reproducible:

Reproducible
Deterministic Seed
Per-dimension %
Coverage Map
Every sample
Execution Log
Fully audited
Cost & Token Ledger

Attack Vector Library

Covering Real-World DeFi Exploits

10 attack templates, 6 of which can cause direct fund loss — each actually executed in the sandbox, not a checklist tick.

Critical
ATK-C001

Reentrancy — Standard / Cross-Function

Re-enters the target through an external call fired before state is updated, draining balances or corrupting the ledger.

Critical
ATK-C002

Flash Loan — Aave / Uniswap Path

Amplifies capital with a flash loan to manipulate price or force liquidations within a single block.

Critical
ATK-C003

Price Manipulation — TWAP / AMM

Distorts oracle prices via large swaps or short TWAP windows to trigger false liquidations or minting.

Critical
ATK-C004

Access Control — Missing onlyOwner / Proxy

Calls sensitive functions lacking permission guards, or hijacks the implementation via proxy delegatecall.

High
ATK-C005

Frontrunning — Sandwich / Liquidation

Watches the mempool to front-run trades, profiting from sandwich attacks or pre-emptive liquidations.

High
ATK-C006

Integer Overflow — unchecked / Solidity <0.8

Triggers arithmetic overflow inside unchecked blocks or legacy Solidity to bypass balance checks.

Critical
ATK-C007

Governance — Flash Vote / Timelock Bypass

Borrows voting power in-block to pass malicious proposals, or bypasses the timelock delay.

Critical
ATK-C008

Rug Pull Detection — Hidden Mint / Blacklist

Detects hidden mint, blacklist freezing, and fake pause traps, then simulates the exit-scam drain.

High
ATK-C009

ERC20 Approval — Unlimited Allowance Drain

Exploits unlimited user approvals to transfer tokens through a malicious or compromised spender.

High
ATK-C010

Cross-Contract — Callback Injection / Fake Token

Deceives target accounting through callback hooks or a forged token address.

Authorized Scope, Fully Isolated

The stronger the offense, the harder the guardrails. Attack Lab only runs within authorized scope — never touching real user assets.

Scope Verification

Runs only on contracts / hosts the project owner submitted and authorized; allowlist is fail-closed.

Sandboxed Execution

Attack scripts run only against a mainnet fork inside an isolated Docker sandbox — no arbitrary outbound requests.

Data Desensitization

Public output exposes only scores, severity, and vector class — PoC and bug locations never leak.

Evidence Retention

Seed, coverage, execution log, and cost ledger are all persisted — reproducible and auditable.

Responsible Disclosure

Follows standard disclosure: fix first, publish later. No unauthorized scanning.

No Real User Data

Never accesses or downloads real user data — simulation happens on fork snapshots only.

Let the AI Red Team Break It First

Find it before the hackers do. Full 7-layer defense + AI adversarial testing, flat 1599 USDT.