binary-analysis
Binary Analysis Skill
Quick Workflow
Progress:
- [ ] Run checksec (identify protections)
- [ ] Identify binary type and dangerous functions
- [ ] Find vulnerability (BOF/format string/heap)
- [ ] Calculate offsets
- [ ] Develop exploit with pwntools
- [ ] Test locally, then remote
Quick Analysis Pipeline
# 1. File identification
file <binary>
More from kiwamizamurai/cctf
web-security
Exploits web application vulnerabilities. Use when working with SQL injection, XSS, SSRF, SSTI, command injection, path traversal, authentication bypass, deserialization, or any web-based CTF challenge.
44mobile-security
Reverses and exploits mobile applications. Use when working with Android APK files, iOS IPA files, mobile app reversing, Frida hooking, or app security analysis challenges.
28osint
Gathers intelligence from public sources. Use when searching for usernames, geolocating images, investigating social media, analyzing domains, or solving information gathering challenges.
20pyjail
Escapes Python sandbox restrictions. Use when working with restricted Python eval/exec environments, sandbox escapes, filtered input challenges, or Python jail challenges.
9networking
Analyzes network traffic and exploits protocols. Use when working with PCAP files, Wireshark captures, packet analysis, protocol exploitation, traffic forensics, or data exfiltration detection.
7crypto-analysis
Breaks cryptographic systems and decrypts ciphertext. Use when working with RSA, AES, XOR, classical ciphers, hash functions, or when challenge involves encryption, decryption, keys, or mathematical crypto attacks.
7