ctf-reverse

The ctf-reverse skill provides a structured workflow and tool reference for reverse engineering compiled, obfuscated, or packed binaries in CTF competitions. It covers static and dynamic analysis, emulation, anti-analysis bypass, and platform-specific techniques for targets like APKs, WASM, and custom VMs.

6.0K
Installs
6
Use cases
5/10
Quality

Is ctf-reverse safe to install?

Review the source first

Review the source first: our audit of ctf-reverse's source files found 27 shell commands, 2 external URLs, file reads and writes (high risk). Every command and URL listed appears verbatim in the skill's source. The skill executes shell commands for tool installation and binary analysis, and it performs file operations including reading binaries and writing analysis scripts.

How we audit skills: our security review methodology.

Who is this skill for?

CTF participants performing reverse engineering on binary targets.

What can you do with it?

  • Analyzing compiled, obfuscated, or packed binaries
  • Reverse engineering Android APKs, WASM, and firmware
  • Bypassing anti-debug and anti-analysis logic
  • Performing symbolic execution with angr
  • Hooking functions with Frida
  • Emulating foreign-architecture binaries with Qiling

How good is this skill?

Quality score: 5/10. The skill provides a comprehensive and well-organized reference for CTF reverse engineering. It clearly defines its scope and provides actionable commands.

What does the skill file contain?

SKILL.md
# CTF Reverse Engineering

Quick reference for RE challenges. For detailed techniques, see supporting files.

## Prerequisites

**Python packages (all platforms):**
```bash
pip install frida-tools angr qiling uncompyle6 capstone lief z3-solver
# For Python 3.9+ bytecode: build pycdc from source
git clone https://github.com/zrax/pycdc && cd pycdc && cmake . && make
```

**Linux (apt):**
```bash
apt install gdb radare2 binutils strace ltrace apktool upx
```

**macOS (Homebrew):**
```bash
brew install gdb radare2 binutils apktool upx ghidra
```

**radare2 plugins:**
```bash
r2pm -ci r2ghidra   # ...

Frequently asked questions

When should I use this skill instead of ctf-pwn?

Use ctf-reverse to understand how a target works. Switch to ctf-pwn if the vulnerability is already understood and the task is exploitation.

What are the recommended initial steps for a binary?

Start with strings extraction, try ltrace or strace for dynamic analysis, use Frida for hooking, or attempt symbolic execution with angr.

How do I handle PIE binaries in GDB?

Use the start command to force PIE base resolution, then set breakpoints relative to main.

Data sourced from ljagiello/ctf-skills on GitHub. Install counts from skills.sh. The summary and security audit are derived from the skill's source files: every command and URL listed appears verbatim in the source.

Related skills

audit-website

58.0K

Developers, SEO specialists, and website administrators who need to automate website health monitoring, technical debugging, and performance optimization

The audit-website skill enables AI agents to perform comprehensive website audits using the squirrelscan CLI. It evaluates websites against 240+ rules across 22 categories, including SEO, performance, security, and accessibility. The skill generates LLM-optimized reports, identifies issues, and provides actionable recommendations for remediation.

highseoauditsquirrelscan

stripe-best-practices

52.1K

Developers building, modifying, or reviewing Stripe integrations

The stripe-best-practices skill provides guidance on Stripe API selection, integration patterns, and security configurations. It directs the agent to reference specific internal documentation files for payments, Connect, billing, tax, treasury, and security topics.

highstripepaymentsstripe

docker-expert

22.4K

Developers and DevOps engineers working with Docker containers and Docker Compose

The docker-expert skill provides guidance on Docker containerization, including optimization, security hardening, multi-stage builds, orchestration patterns, and production deployment strategies.

highdockerdevopssickn33

skill-vetter

20.1K

OpenClaw operators and security-conscious users who perform manual audits on new or existing skills

The skill-vetter provides a structured checklist for auditing OpenClaw skills before installation. It guides users through metadata verification, permission scope analysis, content inspection for security red flags, and typosquatting detection.

lowsecurityaudituseai-pro