Open Skills Logo
Open Skills

reverse-engineer

Expert reverse engineer specializing in binary analysis, disassembly, decompilation, and software analysis. Masters IDA Pro, Ghidra, radare2, x64dbg, and modern RE toolchains. Handles executable analysis, library inspection, protocol extraction, and vulnerability research. Use PROACTIVELY for binary analysis, CTF challenges, security research, or understanding undocumented software.

Author

@sickn33

Category

Other Tools

Install

Hot:13

Download and extract to your skills directory

Copy command and send to OpenClaw for auto-install:

Download and install this skill https://openskills.cc/api/download?slug=sickn33-skills-reverse-engineer&locale=en&source=copy

Reverse Engineer - Binary Reverse Analysis Expert

Skill Overview


A reverse engineering analysis expert specializing in binary file analysis, disassembly, decompilation, and software security research. Proficient with mainstream tools such as IDA Pro, Ghidra, and radare2.

Suitable Scenarios


  • CTF competition analysis: Quickly analyze CTF reverse engineering challenges, identify encryption algorithms, reconstruct logic, and locate key validation points

  • Malware research: Analyze the behavioral characteristics of suspicious binaries, extract network protocols, and identify injection and persistence mechanisms

  • Software vulnerability hunting: Discover security vulnerabilities through reverse analysis, understand previously unreleased file formats and network protocols

    • Core Functions


  • Static and dynamic analysis: Combine IDA Pro and Ghidra for static decompilation, use x64dbg and radare2 for dynamic debugging, and comprehensively restore program logic

  • Automated script development: Use frameworks such as IDAPython, r2pipe, and pwntools to write analysis scripts, batch process samples, and automatically extract data

  • Protocol and algorithm reconstruction: Reconstruct custom network protocols, file formats, encryption algorithms, and anti-debugging protection mechanisms from binaries

    • Common Questions

    Is reverse engineering legal?


    The legality of reverse engineering depends on the specific purpose. It is lawful in the following scenarios: security research with authorization, CTF competitions, malware analysis (for defense), responsible vulnerability disclosure, and implementing software interoperability. However, it is illegal to crack software protections, steal intellectual property, or engage in other wrongdoing.

    How should I approach CTF reverse engineering challenges?


    First, use the file command to identify the file type and architecture, use strings to extract readable strings, and use checksec to check protection mechanisms. Then load the program into Ghidra or IDA Pro, find the main function, pay attention to string comparisons, encryption functions, and input validation logic, and use dynamic debugging to observe the actual runtime behavior.

    Which should I choose: IDA Pro or Ghidra?


    Both have their strengths. IDA Pro is commercial software with high-quality decompilation, powerful debugging features, and a mature plugin ecosystem, making it suitable for professional analysis. Ghidra is an NSA open-source free tool with an excellent disassembly engine, support for multiple architectures, and is suitable for learning or situations with limited budget. It is recommended that beginners start with Ghidra, and use IDA Pro when available.

    What tools are needed for malware analysis?


    For static analysis, use IDA Pro/Ghidra to inspect code logic. For dynamic analysis, use x64dbg/Wireshark to monitor behavior. Use a sandbox environment (Cuckoo Sandbox) to isolate execution and Procmon to monitor file and registry changes. Use Frida for API hooking, and combine it with VirusTotal to obtain community analysis reports.