binary-re-synthesislisted

Use when ready to document findings, generate a report, or summarize binary analysis results. Compiles analysis findings into structured reports - correlates facts from triage/static/dynamic phases, validates hypotheses, generates documentation with evidence chains. Keywords - "summarize findings", "generate report", "document analysis", "what did we find", "write up results", "export findings"
aiskillstore/marketplace · ★ 329 · Data & Documents · score 79

Install: claude install-skill aiskillstore/marketplace

# Analysis Synthesis (Phase 5) ## Purpose Compile all gathered knowledge into actionable intelligence. Validate hypotheses against evidence. Produce structured reports with traceable findings. ## When to Use - Sufficient facts gathered from triage + static + dynamic analysis - Ready to document understanding for handoff or archival - Need to present findings to stakeholders - Before closing analysis session ## Synthesis Process ### Step 1: Evidence Review Gather all recorded knowledge: ``` FACTS collected: - From triage: arch, ABI, dependencies, capabilities - From static: functions, xrefs, decompilation - From dynamic: syscalls, network, file access HYPOTHESES formed: - With supporting evidence - With contradicting evidence - Unresolved hypotheses QUESTIONS remaining: - Blocking questions (prevent conclusion) - Open questions (future investigation) ``` ### Step 2: Hypothesis Validation For each hypothesis, determine status: | Evidence State | Status | Action | |----------------|--------|--------| | Strong support, no contradictions | **Confirmed** | Include in conclusions | | Some support, some contradictions | **Uncertain** | Document both sides | | Strong contradictions | **Refuted** | Explain why wrong | | No evidence either way | **Unvalidated** | List as unknown | ### Step 3: Correlation Analysis Connect findings across phases: ``` Static finding: Function at 0x8400 calls socket(), connect(), SSL_read() Dynamic finding: connect() to 192.168.1.100:8443 ob