headless-ghidra-frida-runtime-injection
Headless Ghidra Frida Runtime Injection
Use this phase skill when planning must support bounded Frida runtime capture without weakening the repository's headless-only and Markdown-first contract.
The canonical contract is ./planning-brief.md. Use it
to shape planning outputs, select reusable common Frida scripts, and audit
generated artifacts for missing capture-manifest or handoff requirements.
Phase Focus
This phase covers:
- reproducible CLI/headless Frida runtime capture
- selection of tracked reusable common Frida scripts
- capture-manifest generation and runtime artifact references
- explicit audit gates before evidence import can begin
Supported Runtime Evidence Scenarios
More from bytelandtechnology/headless-ghidra
headless-ghidra
Entry skill for the Headless Ghidra YAML-first reverse-engineering pipeline. Use when the user asks to analyze, decompile, triage, resume, or iterate on a binary target with Ghidra/headless-ghidra. Reads artifacts/<target>/pipeline-state.yaml, routes P0–P4 phase skills, runs gate checks, and manages review pauses. Performs zero analysis work itself.
37headless-ghidra-intake
P0 phase skill for Headless Ghidra intake. Use when a target binary/archive needs identity confirmation, workspace initialization, Ghidra discovery, binary inspection, or analysis scope setup before any Ghidra analysis runs.
35headless-ghidra-evidence
P2 phase skill for Headless Ghidra third-party evidence. Use after P1 to review baseline/runtime artifacts, identify or rule out third-party code, record pristine sources, classify functions, and capture evidence before metadata recovery.
35headless-ghidra-batch-decompile
P4 phase skill for Headless Ghidra selected function substitution. Use after P3 when an approved batch of functions should have metadata applied, be decompiled through Ghidra, and be recorded as per-function capture/substitution YAML.
35headless-ghidra-baseline
P1 phase skill for Headless Ghidra baseline and runtime evidence. Use after P0 when the target must be imported into Ghidra, auto-analyzed, exported to baseline YAML, and given reproducible runtime or hotpath observations without decompiling function bodies.
30headless-ghidra-discovery
P3 phase skill for Headless Ghidra metadata discovery. Use after P2, or after a P4 batch exposes missing context, to enrich function names, signatures, types, constants, strings, and hotpath metadata in YAML before serialized CLI apply.
30