vulnerability-analysis
SKILL.md
Vulnerability Analysis
Systematic identification and analysis of vulnerabilities in binary targets.
Vulnerability Classes
| Class | Signals | Typical Cause |
|---|---|---|
| Stack BOF | No bounds check on input | gets(), strcpy(), sprintf() |
| Format String | User input as format arg | printf(buf) instead of printf("%s", buf) |
| Heap Corruption | Dynamic allocation + free | UAF, double-free, heap overflow |
| Integer Overflow | Arithmetic on user input | Size calculations, array indexing |
| Race Condition | Multi-threaded or file ops | TOCTOU, signal handlers |
| Logic Bug | Unexpected program state | Auth bypass, incorrect checks |