ctf-reverse

Solid

Provides reverse engineering techniques for CTF challenges. Use when the main job is to understand how a compiled, obfuscated, packed, or virtualized target works before exploiting or solving it, including binaries, APKs, WASM, firmware, custom VMs, bytecode, game clients, malware-like loaders, and anti-debug or anti-analysis logic. Do not use it when the vulnerability is already understood and the remaining task is exploitation; use pwn instead. Do not use it for pure web workflows, log or disk forensics, or standalone crypto problems unless reversing the implementation is the real blocker.

AI & Automation 2,227 stars 274 forks Updated 4 weeks ago MIT

Install

View on GitHub

Quality Score: 97/100

Stars 20%
100
Recency 20%
90
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# CTF Reverse Engineering Quick reference for RE challenges. For detailed techniques, see supporting files. ## Prerequisites **Python packages (all platforms):** ```bash pip install frida-tools angr qiling uncompyle6 capstone lief z3-solver # For Python 3.9+ bytecode: build pycdc from source git clone https://github.com/zrax/pycdc && cd pycdc && cmake . && make ``` **Linux (apt):** ```bash apt install gdb radare2 binutils strace ltrace apktool upx ``` **macOS (Homebrew):** ```bash brew install gdb radare2 binutils apktool upx ghidra ``` **radare2 plugins:** ```bash r2pm -ci r2ghidra # Native Ghidra decompiler for radare2 ``` **Manual install:** - pwndbg — Linux: [GitHub](https://github.com/pwndbg/pwndbg), macOS: `brew install pwndbg/tap/pwndbg-gdb` ## Additional Resources - [tools.md](tools.md) - Static analysis tools (GDB, Ghidra, radare2, IDA, Binary Ninja, dogbolt.org, RISC-V with Capstone, Unicorn emulation, Python bytecode, WASM, Android APK, .NET, packed binaries) - [tools-dynamic.md](tools-dynamic.md) (includes Intel Pin instruction-counting side channel for movfuscated binaries, opcode-only trace reconstruction, LD_PRELOAD memcmp side-channel for byte-by-byte bruteforce) - Dynamic analysis tools: Frida (hooking, anti-debug bypass, memory scanning, Android/iOS), angr symbolic execution (path exploration, constraints, CFG), lldb (macOS/LLVM debugger), x64dbg (Windows), Qiling (cross-platform emulation with OS support), Triton (dynamic symbolic execution) - [t...

Details

Author
ljagiello
Repository
ljagiello/ctf-skills
Created
3 months ago
Last Updated
4 weeks ago
Language
Python
License
MIT

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Listed

ctf-rev

Use when solving a CTF reverse engineering challenge — stripped binaries, packed binaries, anti-debug, custom VMs, .NET/Java decomp, Android dex, obfuscated JS, ELF/PE/Mach-O analysis. Provides workflow and tool ordering from the reversing module. Triggers on "ctf rev", "reversing", "reverse engineer", "decompile", "stripped binary".

6 Updated today
26zl
Data & Documents Listed

reverse-engineer

Expert reverse engineer specializing in binary analysis, disassembly, decompilation, and software analysis. Masters IDA Pro, Ghidra, radare2, x64dbg, and modern RE toolchains. Handles executable analysis, library inspection, protocol extraction, and vulnerability research. Use PROACTIVELY for binary analysis, CTF challenges, security research, or understanding undocumented software.

335 Updated today
aiskillstore
AI & Automation Solid

ctf-pwn

Provides binary exploitation techniques for CTF challenges. Use when you already have a vulnerable native target or service and need to turn memory corruption or low-level primitives into code execution or privilege escalation, such as buffer overflows, format strings, heap bugs, ROP, ret2libc, shellcode, kernel exploitation, seccomp bypass, sandbox escape, or Windows/Linux exploit chains. Do not use it when the main blocker is understanding what the binary does; use reverse engineering first. Do not use it for pure web bugs, disk or packet forensics, or standalone crypto/math challenges.

2,227 Updated 4 weeks ago
ljagiello
AI & Automation Featured

reverse-engineer

Expert reverse engineer specializing in binary analysis, disassembly, decompilation, and software analysis. Masters IDA Pro, Ghidra, radare2, x64dbg, and modern RE toolchains.

39,227 Updated today
sickn33
Web & Frontend Solid

reverse-engineering--binary-analysis

Binary analysis, assembly interpretation, disassembly, decompilation, firmware RE, and protocol reverse engineering

47 Updated today
Masriyan