Penetration testing framework for smart contract Blockchain

Akashdeep Bhardwaj, Syed Bilal Hussian Shah, Achyut Shankar, Mamoun Alazab, Manoj Kumar, Thippa Reddy Gadekallu

    Research output: Contribution to journalArticlepeer-review

    55 Citations (Scopus)


    Smart contracts powered by blockchain ensure transaction processes are effective, secure and efficient as compared to conventional contacts. Smart contracts facilitate trustless process, time efficiency, cost effectiveness and transparency without any intervention by third party intermediaries like lawyers. While blockchain can counter traditional cybersecurity attacks on smart contract applications, cyberattacks keep evolving in the form of new threats and attack vectors that influence blockchain similar to other web and application based systems. Effective blockchain testing help organizations to build and utilize the technology securely withe connected infrastructure. However, during the course of our research, the authors detected that Blockchain technology comes with security considerations like irreversible transactions, insufficient access, and non-competent strategies. Attack vectors, like these are not found on web portals and other applications. This research presents a new Penetration Testing framework for smart contracts and decentralized apps. The authors compared results from the proposed penetration-testing framework with automated penetration test Scanners. The results detected missing vulnerability that were not reported during regular pen test process.

    Original languageEnglish
    Pages (from-to)2635–2650
    Number of pages16
    JournalPeer-to-Peer Networking and Applications
    Early online date5 Sept 2020
    Publication statusPublished - Sept 2021


    Dive into the research topics of 'Penetration testing framework for smart contract Blockchain'. Together they form a unique fingerprint.

    Cite this