ctf-reverse
The ctf-reverse skill provides a structured workflow and tool reference for reverse engineering compiled, obfuscated, or packed binaries in CTF competitions. It covers static and dynamic analysis, emulation, anti-analysis bypass, and platform-specific techniques for targets like APKs, WASM, and custom VMs.
Is ctf-reverse safe to install?
Review the source first: our audit of ctf-reverse's source files found 27 shell commands, 2 external URLs, file reads and writes (high risk). Every command and URL listed appears verbatim in the skill's source. The skill executes shell commands for tool installation and binary analysis, and it performs file operations including reading binaries and writing analysis scripts.
How we audit skills: our security review methodology.
Who is this skill for?
CTF participants performing reverse engineering on binary targets.
What can you do with it?
- Analyzing compiled, obfuscated, or packed binaries
- Reverse engineering Android APKs, WASM, and firmware
- Bypassing anti-debug and anti-analysis logic
- Performing symbolic execution with angr
- Hooking functions with Frida
- Emulating foreign-architecture binaries with Qiling
How good is this skill?
Quality score: 5/10. The skill provides a comprehensive and well-organized reference for CTF reverse engineering. It clearly defines its scope and provides actionable commands.
What does the skill file contain?
# CTF Reverse Engineering Quick reference for RE challenges. For detailed techniques, see supporting files. ## Prerequisites **Python packages (all platforms):** ```bash pip install frida-tools angr qiling uncompyle6 capstone lief z3-solver # For Python 3.9+ bytecode: build pycdc from source git clone https://github.com/zrax/pycdc && cd pycdc && cmake . && make ``` **Linux (apt):** ```bash apt install gdb radare2 binutils strace ltrace apktool upx ``` **macOS (Homebrew):** ```bash brew install gdb radare2 binutils apktool upx ghidra ``` **radare2 plugins:** ```bash r2pm -ci r2ghidra # ...
Frequently asked questions
When should I use this skill instead of ctf-pwn?
Use ctf-reverse to understand how a target works. Switch to ctf-pwn if the vulnerability is already understood and the task is exploitation.
What are the recommended initial steps for a binary?
Start with strings extraction, try ltrace or strace for dynamic analysis, use Frida for hooking, or attempt symbolic execution with angr.
How do I handle PIE binaries in GDB?
Use the start command to force PIE base resolution, then set breakpoints relative to main.
Related skills
audit-website
58.0KDevelopers, SEO specialists, and website administrators who need to automate website health monitoring, technical debugging, and performance optimization
The audit-website skill enables AI agents to perform comprehensive website audits using the squirrelscan CLI. It evaluates websites against 240+ rules across 22 categories, including SEO, performance, security, and accessibility. The skill generates LLM-optimized reports, identifies issues, and provides actionable recommendations for remediation.
stripe-best-practices
52.1KDevelopers building, modifying, or reviewing Stripe integrations
The stripe-best-practices skill provides guidance on Stripe API selection, integration patterns, and security configurations. It directs the agent to reference specific internal documentation files for payments, Connect, billing, tax, treasury, and security topics.
docker-expert
22.4KDevelopers and DevOps engineers working with Docker containers and Docker Compose
The docker-expert skill provides guidance on Docker containerization, including optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies.
skill-vetter
20.1KOpenClaw operators and security-conscious users who perform manual audits on new or existing skills
The skill-vetter provides a structured checklist for auditing OpenClaw skills before installation. It guides users through metadata verification, permission scope analysis, content inspection for security red flags, and typosquatting detection.