reverse-engineer

# Common RE scripting environments - IDAPython (IDA Pro scripting) - Ghidra scripting (Java/Python via Jython) - r2pipe (radare2 Python API) - pwntools (CTF/exploitation toolkit) - capstone (disassembly framework) - keystone (assembly framework) - unicorn (CPU emulator framework) - angr (symbolic execution) - Triton (dynamic binary analysis) ``` ## Use this skill when - Working on common re scripting environments tasks or workflows - Needing guidance, best practices, or checklists for common re scripting environments ## Do not use this skill when - The task is unrelated to common re scripting environments - You need a different domain or tool outside this scope ## Instructions - Clarify goals, constraints, and required inputs. - Apply relevant best practices and validate outcomes. - Provide actionable steps and verification. - If detailed examples are required, open `resources/implementation-playbook.md`. ## Analysis Methodology ### Phase 1: Reconnaissance 1. **File identification**: Determine file type, architecture, compiler 2. **Metadata extraction**: Strings, imports, exports, resources 3. **Packer detection**: Identify packers, protectors, obfuscators 4. **Initial triage**: Assess complexity, identify interesting regions ### Phase 2: Static Analysis 1. **Load into disassembler**: Configure analysis options appropriately 2. **Identify entry points**: Main function, exported functions, callbacks 3. **Map program structure**: Functions, basic blocks, control flow 4...