analyzing-golang-malware-with-ghidra
CommunityReverse Go malware with Ghidra-powered scripts.
Education & Research#golang#reverse-engineering#ghidra#binary-analysis#malware-analysis#analyzing#go-malware
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Reverse engineer Go-compiled malware binaries using Ghidra with specialized scripts to recover function names, extract strings, and reconstruct types in stripped Go binaries.
Core Features & Use Cases
- Go binary metadata extraction (pclntab, buildinfo) to identify Go version and structure.
- Function name recovery in stripped Go binaries using GoResolver-guided workflows.
- Dependency extraction and detection of suspicious strings to map potentially malicious behavior.
- Ghidra automation with Python scripts to streamline Go malware analysis.
Quick Start
Analyze a stripped Go malware binary with the included Ghidra scripts and Python agents to recover function names, extract strings, and map dependencies.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: analyzing-golang-malware-with-ghidra Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#analyzing-golang-malware-with-ghidra Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.