reverse-engineering-malware-with-ghidra
CommunityReverse malware with Ghidra for deep insights.
AuthorYukiIto1999
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Malware reverse engineering requires deep understanding of program logic, obfuscated code, and C2 communications to develop effective defenses and detections.
Core Features & Use Cases
- Static and dynamic analysis workflows using Ghidra to identify entry points, deobfuscate code, and map C2 protocols.
- Scripted automation for batch analysis of samples, extraction of configuration data, and generation of reports for SOC teams.
- Use Case: When confronted with a suspicious Windows binary, run the analysis workflow to produce a decompiled view, identify C2 endpoints, and create a YARA rule for detection.
Quick Start
Run the agent against a malware binary to start headless Ghidra analysis and generate an initial report.
Dependency Matrix
Required Modules
r2pipe
Components
scriptsreferences
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: reverse-engineering-malware-with-ghidra Download link: https://github.com/YukiIto1999/ctf-sleuth/archive/main.zip#reverse-engineering-malware-with-ghidra Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.