Mythril is an open source Ethereum smart contract and dapp (decentralized app) security analysis engine and platform that integrates with several commonly used IDEs.
It analyzes Ethereum smart contract source code as an nmap-style of black box blockchain scanner.
Mythril Detection Capabilities:
Mythril’s security analysis is structured into separate Python modules, and one file exists for each type of analysis. Detailed module info
Mythril uses the LASER-ethereum symbolic virtual machine which models most features of the EVM to detect the issues above.
By default, the Mythril IDE extensions connect to a public Mythril API hosted on Heroku. If a developer wants to run Mythril locally, they can install a Python package and this could possibly be containerized.
The IDE extension submits the contract byte code to the Mythril API which analyzes the bytecode and returns a of identified issues. The detected security problems are then mapped to particular positions in the Solidity code and displayed in the IDE. Currently, Mythril API access is free and does not require registration.