reverse-engineering-dotnet-malware-with-dnspy
CommunityDecompile and dissect .NET malware with dnSpy.
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill enables security researchers and defenders to systematically reverse-engineer .NET malware samples, understand their behavior, and extract actionable indicators for defense.
Core Features & Use Cases
- Decompilation & Analysis: Use dnSpy to inspect C# / VB.NET sources, deobfuscate code, and trace execution paths.
- Configuration Discovery: Identify hardcoded C2 endpoints, mutexes, and encryption keys to map the malware's operations.
- Threat Research & Documentation: Produce structured reports and IOCs for incident response, red team, and OSINT research.
Quick Start
Load a .NET malware sample in dnSpy and begin step-by-step analysis to reveal deobfuscated logic and hardcoded IOCs.
Dependency Matrix
Required Modules
None requiredComponents
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: reverse-engineering-dotnet-malware-with-dnspy Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#reverse-engineering-dotnet-malware-with-dnspy Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.