About Us

QuillAudits has audited over 1M+ lines of code in the past eight years. We go beyond code analysis. We partner with you to protect your protocol, reputation, and users.

Every audit is conducted by a team of senior and mid-level auditors, supported by independent reviewers (Vigilant Squad) to ensure nothing is missed. Our approach blends manual review, automated tools, fuzzing, and logic testing.

<aside> <img src="/icons/barcode_lightgray.svg" alt="/icons/barcode_lightgray.svg" width="40px" />

Trusted by industry leaders like Optimism, Starkware, Soneium, BNB Chain, Alliance, CV Labs, Taiko, Metis, Zetachain, Plume, and many more

</aside>

Services

1. Multilayered Audit Process

Our multilayered audit process combines automated tools, manual code reviews, and threat modeling to identify both known and emerging attack vectors. Each audit undergoes multiple internal review rounds to ensure depth, accuracy, and actionable remediation.

2. Penetration Testing

We conduct black-box and grey-box penetration tests on both frontend and backend systems. Targets include DApp frontends, APIs, RPC endpoints, and cloud infrastructure. We also assess admin panels and private dashboards for vulnerabilities. Our approach follows OWASP standards, focusing on real-world threats.

3. Vigilant Squad / Bug Bounty (Add-on)

Vigilant Squad acts as an extra layer to identify vulnerabilities in the environment that might have been missed during the initial audit.

• 10+ elite security researchers will independently review your codebase post-initial audit.
• After the initial audit report is shared, your team can begin fixing the issues. During this time (typically up to a week), our Vigilant Squad conducts a deeper review to identify any additional issues, which we’ll promptly share with you.
• These are proven bounty hunters with $100,000+ wins on Sherlock, ImmuneFi and Cantina.