-
Notifications
You must be signed in to change notification settings - Fork 979
Adding a new detector
Slither has a detector plugin architecture so you can integrate your new detector that run by default from the command line.
The skeleton for a detector is:
from slither.detectors.abstractDetector import AbstractDetector
from slither.detectors.detectorClassification import DetectorClassification
class Skeloton(AbstractDetector):
"""
Documentation
"""
ARGUMENT = 'mydetector' # slither will launch the detector with slither.py --mydetector
HELP = 'Help printed by slither'
CLASSIFICATION = DetectorClassification.HIGH
def detect(self):
return []
- ARGUMENT allows to run the detector from the command line
- HELP is the information printed from the command line
-
CLASSIFICATION indicates your confidence in the severity and precision of the issues, it can be:
- DetectorClassification.LOW
- DetectorClassification.MEDIUM
- DetectorClassification.HIGH
LOW vulnerabilities will be printed in green, MEDIUM in yellow and HIGH in red.
detect() needs to return a list of findings. To facilitate the automation of Slither, a finding is a dictionary containing a vuln key associated to the vulnerability name and additional information according of the vulnerability itself.
An AbstractDetector object has the slither attribute, which returns the current Slither object, and the log(str) function to print the result.
For example, backdoor.py will detect any function with backdoor
in its name.
In addition, you need to load the module in Slither in slither/detectors/detectors.py. For example, backdoor.py
is loaded here.