hackwatch
Get started
Real-time DeFi exploit intelligence

Know if the next DeFi exploit puts your protocol at risk

hackwatch tracks confirmed on-chain exploits the moment they break, classifies the root-cause vulnerability, and checks your own repositories for the same pattern — then emails you before it reaches you.

Start watchingSee how it works

Free public exploit feed · No credit card to browse · Cancel anytime

Correlates signals across the sources that matter

EtherscanGitHubOn-chain tracesEVM chainsOpenRouter AI

How it works

From exploit to your inbox in one pipeline

01

Detect

We ingest confirmed exploit signals as they surface on-chain and across security channels — not hours later from the news.

02

Classify

Each incident is analyzed against the attack transaction and source to pin down the root-cause vulnerability class.

03

Match

Your subscribed public repositories are reviewed for the same vulnerability pattern on the branch you care about.

04

Alert

If your protocol looks exposed, you get a clear email with the finding and the incident it maps to.

Features

Built for teams who can't afford to find out from Twitter

Real-time detection

Confirmed exploits land in your feed as they happen, with the protocol, chain, and attack transaction attached.

Root-cause classification

Every incident is tagged with its vulnerability class — reentrancy, access control, oracle manipulation, and more.

Your-repo matching

Point us at your public repositories and we check whether the same exploited pattern exists in your code.

Targeted alerts

Email alerts fire only when your protocol is plausibly exposed — signal, not noise.

Free public feed

Browse the full stream of triaged, confirmed incidents for free — paid plans add repo monitoring.

Private by design

Your subscriptions and alerts are isolated per account with row-level security. Your watchlist is yours alone.

Anatomy of an alert

What an incident looks like

Confirmed exploit
reentrancy

Chain

Ethereum

Attack tx

0x3a9f…c41d

Detected

< 1 min

Root cause

External call before state update in the withdrawal path allowed the attacker to recursively drain the vault before balances were decremented.

Your repo match: the same checks-effects-interactions violation was found in vault/Withdraw.sol on your watched branch. You were emailed within minutes.

Pricing

Start free. Upgrade when you have skin in the game.

Free

Stay informed on every confirmed exploit.

$0/ forever
  • Full confirmed-exploit feed
  • Root-cause vulnerability classes
  • Incident details & on-chain context
Browse the feed
For protocols

Pro

Get alerted before an exploit reaches you.

$50/ month
  • Everything in Free
  • Monitor your public repositories
  • Automated vulnerability matching
  • Targeted email alerts when exposed
  • Per-account private watchlist
Start watching

FAQ

Questions, answered

How fast are alerts?

Confirmed exploits appear in the feed within about a minute of detection, and repo-match alerts follow as soon as analysis completes.

Which repositories can I monitor?

Public repositories on any branch you specify. We don't need write access — just the public URL.

Which chains and contracts are covered?

EVM chains today. Each incident links the attack transaction and the affected protocol so you can verify it yourself.

Is the feed really free?

Yes. Browsing every confirmed, triaged incident is free. The $50/mo Pro plan adds monitoring of your own repositories and targeted alerts.

How is my watchlist kept private?

Subscriptions and alerts are isolated per account with row-level security. Incidents are shared; your watchlist is not.

Don't find out from the timeline.

Start with the free exploit feed, then watch your own repositories the moment it matters.

Get started free