Skill

analyze

Analyzes CTF challenge files with triage.sh (file, strings, binwalk, exiftool) to detect category (crypto, forensics, stego, web, pwn, reverse, OSINT, misc), confidence score, and suggest next skill via JSON. Use for unknown binaries or triage.

Bash

Linux

security

npx claudepluginhub mysterionrise/ctf-kit

Tool Access

This skill uses the workspace's default tool permissions.

Preview

Analyze challenge files to determine type and suggest approaches.

Supporting Assets

scripts/check-tools.shscripts/run-strings.shscripts/triage.sh

SKILL.md

Similar Skills

strategic-compact

179.0k

Suggests manual /compact at logical task boundaries in long Claude Code sessions and multi-phase tasks to avoid arbitrary auto-compaction losses.

1 file

ecc

Stats

Stars6

Forks0

Last CommitFeb 22, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

CTF Analyze

Analyze challenge files to determine type and suggest approaches.

When to Use

Use this command when you have new challenge files and need to:

Identify the challenge category (crypto, forensics, stego, web, pwn, reversing, OSINT, misc)
Detect file types and formats
Get initial suggestions for tools to use
Understand what you're working with

Bundled Scripts

check-tools.sh — Verify required analysis tools are installed
triage.sh — Multi-step triage pipeline: file type → strings → binwalk → category suggestion. Produces a JSON summary with detected category, confidence score, and recommended next skill.
run-strings.sh — Extract strings with pattern detection (flags, URLs, hashes, credentials). Outputs JSON with categorized findings.

Instructions

First check tool availability: bash scripts/check-tools.sh
Recommended: Run the full triage pipeline for automatic category detection:
```
bash scripts/triage.sh $ARGUMENTS
```
The triage script chains: file → strings → binwalk → exiftool, then outputs a JSON summary including:
- category: detected challenge type (crypto, forensics, stego, etc.)
- confidence: detection confidence (0-100%)
- suggested_skill: which /ctf-kit:* command to use next
- findings: flags, URLs, hashes, base64 strings found
- embedded_signatures: files hidden inside the challenge file
For strings-only analysis with pattern detection:
```
bash scripts/run-strings.sh $ARGUMENTS
```
Or run the CLI analysis:
```
ctf analyze $ARGUMENTS
```
Read the JSON output at the end of each script. It contains structured data you can use to decide next steps. The suggestions field tells you exactly what to do next.
Based on the triage results, use the recommended skill:
- /ctf-kit:crypto for cryptography challenges
- /ctf-kit:forensics for forensics challenges
- /ctf-kit:stego for steganography challenges
- /ctf-kit:web for web security challenges
- /ctf-kit:pwn for binary exploitation challenges
- /ctf-kit:reverse for reverse engineering challenges
- /ctf-kit:osint for OSINT challenges
- /ctf-kit:misc for miscellaneous challenges

Output Format

All scripts produce a === PARSED RESULTS (JSON) === section with structured data. Key fields:

Field	Description
`category`	Detected challenge category
`confidence`	Detection confidence (0.0-1.0)
`suggested_skill`	Which skill to invoke next
`findings.flags`	Any flags found in strings
`suggestions`	Actionable next steps

Example Usage

/ctf-kit:analyze challenge.bin
/ctf-kit:analyze ./challenge-folder/

Related Commands

/ctf-kit:crypto - Crypto-specific analysis
/ctf-kit:forensics - Forensics analysis
/ctf-kit:stego - Steganography analysis