from aboutsecurity1,142
Practical reverse-engineering techniques for CTFs: static & dynamic analysis, anti-debug bypasses, custom VM handling, and multi-platform tooling.
Provides a structured playbook for reverse-engineering challenges commonly seen in CTFs and pentesting: file identification, static decompilation (Ghidra/IDA), dynamic debugging (GDB/Frida), symbolic execution (angr), and anti-debug/anti-analysis bypass techniques. Includes references for platform-specific workflows (WASM/.NET/APK), common patterns (custom VM, obfuscation), and quick command snippets to get started.
Use this skill when you receive an unknown binary or challenge that requires analysis of algorithm logic, cracking client-side checks, or unpacking obfuscated code across multiple platforms (ELF/PE/Mach-O/APK/WASM/.NET). Ideal for CTF competitors, reverse engineers, and red-teamers tackling validation checks, license bypasses, or extraction tasks.
Likely useful to agents with code-analysis and binary tooling support (agents that can run shell commands, GDB, or integrate with Frida/angr).
This skill has not been reviewed by our automated audit pipeline yet.
Command Injection Methodology
Comprehensive methodology for detecting, exploiting, and bypassing OS command injection, including blind extraction and output-filtering workarounds.
Credential Spray Methodology
Methodology for credential spraying and reuse attacks: safe spray strategies, pass-the-hash, multi-service testing, and result analysis for lateral movement.
