OpenSec Atlas

Name: Pharaonik
Author: anubhav11156

Pharaonik: An Open Source Educational Resource for Application Security | OpenSec Atlas

Back to Browse

Application Security

Educational Resource

Pharaonik

Pharaonik is a set of hands-on exercises designed to teach and refine security auditing skills for Cairo smart contracts through real-world inspired vulnerability challenges.

View on GitHub

About This Tool

Smart Contract Security Auditing Exercises for Cairo

Primary Use Case

This tool is primarily used by developers and security auditors who want to learn and practice identifying and mitigating vulnerabilities in Cairo smart contracts. It provides structured exercises of varying difficulty levels to build proficiency in smart contract security auditing within the Starknet ecosystem.

Key Features

Exercises inspired by real-world smart contract exploits
Three difficulty levels: Easy, Medium, Hard
Tagged problems focusing on specific vulnerabilities and skills
Comprehensive exercise format with background, objectives, and instructions
Supports learning of vulnerabilities like reentrancy and access control
Integration with Scarb and Starknet-foundry tools
Constantly updated with new exercises

Insights & Recommendations

This repository is intended solely for educational purposes and should not be used in production environments. Users should have basic knowledge of Cairo and Starknet development. The exercises require installation of Scarb and Starknet-foundry tools. The repository is actively maintained with ongoing additions of new exercises.

Installation

Clone the repository using: git clone git@github.com:anubhav11156/Pharaonik.git
Update dependencies with: scarb update
Build the modules using: scarb build
Install Scarb from https://docs.swmansion.com/scarb/download.html
Install Starknet-foundry from https://github.com/foundry-rs/starknet-foundry

Usage

git clone git@github.com:anubhav11156/Pharaonik.git

Clone the Pharaonik repository to your local machine

scarb update

Update the project dependencies

scarb build

Build the Cairo modules and exercises

Smart Usage Notes

Ideal for purple team exercises to simulate attacker techniques and improve defender skills in smart contract environments.Can be integrated into developer CI pipelines to train and test secure coding practices for Cairo smart contracts.Supports building custom vulnerability scenarios to tailor training to organizational threat models in blockchain ecosystems.Useful to bridge knowledge gaps between blockchain developers and security auditors, enhancing cross-team collaboration.Leverage the tagging system to focus training on high-risk vulnerabilities like reentrancy and access control flaws.