Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From communitytools
Static analysis of ELF/PE/Mach-O binaries and custom bytecode for reverse engineering CTF challenges and malware. Recognizes dispatcher loops, maps opcodes, and deobfuscates without execution.
npx claudepluginhub transilienceai/communitytoolsHow this skill is triggered — by the user, by Claude, or both
Slash command
/communitytools:reverse-engineeringThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Reverse engineering compiled binaries (ELF, PE, Mach-O) and bytecode artifacts to recover algorithms, validate inputs, or build static solvers. Focused on the recurring CTF / malware-analysis pattern of a host binary that loads a "program" file under a custom ISA — recognising the dispatcher loop, mapping opcodes to Python lambdas, and inverting the transformation chain in pure Python without e...
reference/INDEX.mdreference/custom-vm-bytecode.mdreference/reverse-engineering-principles.mdreference/scenarios/anti-debug/int3-detection-bypass.mdreference/scenarios/anti-debug/isdebuggerpresent-bypass.mdreference/scenarios/anti-debug/ptrace-bypass.mdreference/scenarios/anti-debug/timing-checks-bypass.mdreference/scenarios/custom-vm/bytecode-disassembly.mdreference/scenarios/dynamic-analysis/frida-hooking.mdreference/scenarios/dynamic-analysis/gdb-scripting.mdreference/scenarios/dynamic-analysis/ltrace-strace.mdreference/scenarios/obfuscation/callfuscation.mdreference/scenarios/obfuscation/hash-dispatcher-chain.mdreference/scenarios/obfuscation/mba-deobfuscation.mdreference/scenarios/obfuscation/packed-binaries.mdreference/scenarios/obfuscation/python-bytecode-payload.mdreference/scenarios/obfuscation/string-obfuscation.mdreference/scenarios/static-analysis/disassembly-recipe.mdreference/scenarios/static-analysis/elf-analysis.mdreference/scenarios/static-analysis/pe-analysis.mdGuides binary reverse engineering with disassembly, decompilation, static/dynamic analysis using IDA Pro, Ghidra, radare2, x64dbg, and scripting via IDAPython, r2pipe, pwntools.
Solves CTF reverse engineering challenges using systematic analysis to extract flags, keys, or passwords from crackmes, binary bombs, key validators, and obfuscated code.
Reverse engineers malware binaries using Ghidra disassembler and decompiler to analyze internal logic, cryptographic routines, C2 protocols, and evasion techniques at assembly and pseudo-C level.
Share bugs, ideas, or general feedback.
Reverse engineering compiled binaries (ELF, PE, Mach-O) and bytecode artifacts to recover algorithms, validate inputs, or build static solvers. Focused on the recurring CTF / malware-analysis pattern of a host binary that loads a "program" file under a custom ISA — recognising the dispatcher loop, mapping opcodes to Python lambdas, and inverting the transformation chain in pure Python without executing the host. Also covers callfuscation (control-flow chunking), MBA (mixed boolean-arithmetic) operator obfuscation, encrypted-handler tricks, and three-layer deobfuscation pipelines.
while(true){ op = mem[pc++]; switch(op){...}; } style loop or jump-table indexed by opcode..data decrypted to RWX at startup).