reverse-engineering-malware-with-ghidra

Installation
SKILL.md

Reverse Engineering Malware with Ghidra

When to Use

  • Static and dynamic analysis have identified suspicious functionality that requires deeper code-level understanding
  • You need to reverse engineer C2 communication protocols, encryption algorithms, or custom obfuscation
  • Understanding the exact exploit mechanism or vulnerability targeted by a malware sample
  • Extracting hardcoded configuration data (C2 addresses, encryption keys, campaign IDs) embedded in compiled code
  • Developing precise YARA rules or detection signatures based on unique code patterns

Do not use for initial triage of unknown samples; perform static analysis with PEStudio and behavioral analysis with Cuckoo first.

Prerequisites

Installs
89
GitHub Stars
24.2K
First Seen
Mar 15, 2026
reverse-engineering-malware-with-ghidra — mukul975/anthropic-cybersecurity-skills