Stats
Actions
Tags
'%20stop-opacity%3D'0.16'%2F%3E%3Cstop%20offset%3D'1'%20stop-color%3D'rgb(200%2C90%2C60)'%20stop-opacity%3D'0.03'%2F%3E%3C%2FlinearGradient%3E%3C%2Fdefs%3E%3Crect%20width%3D'320'%20height%3D'200'%20fill%3D'url(%23g)'%2F%3E%3Ccircle%20cx%3D'250'%20cy%3D'56'%20r%3D'92'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.06'%2F%3E%3Ccircle%20cx%3D'64'%20cy%3D'172'%20r%3D'58'%20fill%3D'rgb(200%2C90%2C60)'%20fill-opacity%3D'0.05'%2F%3E%3C%2Fsvg%3E)
From communitytools
Static-first analysis of compiled binaries (ELF/PE/Mach-O) and custom-VM bytecode for CTF and malware reverse engineering. Covers opcode inversion, callfuscation, MBA deobfuscation, and encrypted-handler decryption.
How this skill is triggered — by the user, by Claude, or both
Slash command
/communitytools:reverse-engineeringThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Reverse engineering compiled binaries (ELF, PE, Mach-O) and bytecode artifacts to recover algorithms, validate inputs, or build static solvers. Focused on the recurring CTF / malware-analysis pattern of a host binary that loads a "program" file under a custom ISA — recognising the dispatcher loop, mapping opcodes to Python lambdas, and inverting the transformation chain in pure Python without e...
reference/INDEX.mdreference/custom-vm-bytecode.mdreference/reverse-engineering-principles.mdreference/scenarios/anti-debug/int3-detection-bypass.mdreference/scenarios/anti-debug/isdebuggerpresent-bypass.mdreference/scenarios/anti-debug/ptrace-bypass.mdreference/scenarios/anti-debug/timing-checks-bypass.mdreference/scenarios/custom-vm/bytecode-disassembly.mdreference/scenarios/dynamic-analysis/frida-hooking.mdreference/scenarios/dynamic-analysis/gdb-scripting.mdreference/scenarios/dynamic-analysis/ltrace-strace.mdreference/scenarios/kernel/kernel-rootkit-module.mdreference/scenarios/obfuscation/callfuscation.mdreference/scenarios/obfuscation/d-fiber-callfuscation.mdreference/scenarios/obfuscation/hash-dispatcher-chain.mdreference/scenarios/obfuscation/mba-deobfuscation.mdreference/scenarios/obfuscation/packed-binaries.mdreference/scenarios/obfuscation/python-bytecode-payload.mdreference/scenarios/obfuscation/string-obfuscation.mdreference/scenarios/static-analysis/disassembly-recipe.mdReverse engineering compiled binaries (ELF, PE, Mach-O) and bytecode artifacts to recover algorithms, validate inputs, or build static solvers. Focused on the recurring CTF / malware-analysis pattern of a host binary that loads a "program" file under a custom ISA — recognising the dispatcher loop, mapping opcodes to Python lambdas, and inverting the transformation chain in pure Python without executing the host. Also covers callfuscation (control-flow chunking), MBA (mixed boolean-arithmetic) operator obfuscation, encrypted-handler tricks, and three-layer deobfuscation pipelines.
while(true){ op = mem[pc++]; switch(op){...}; } style loop or jump-table indexed by opcode..data decrypted to RWX at startup).npx claudepluginhub transilienceai/communitytoolsProvides a structured methodology for CTF reverse engineering challenges: triage, packing detection, decompiler selection, dynamic analysis, anti-debug bypass, custom VM disassembly, and symbolic execution.
Assists with binary analysis, disassembly, firmware reverse engineering, and protocol RE. Helps read and interpret x86/ARM/MIPS assembly, decompiled output from Ghidra/IDA/radare2, and CTF binary challenges.
Guides binary reverse engineering with disassembly, decompilation, static/dynamic analysis using IDA Pro, Ghidra, radare2, x64dbg, and scripting via IDAPython, r2pipe, pwntools.