Agent skill

binary-reconnaissance

Initial reconnaissance on binaries including checksec, file analysis, strings, and symbols. First step for any new target.

View SKILL.md on GitHub Repository
Stars 163
Forks 31

Install this agent skill to your Project

npx add-skill https://github.com/majiayu000/claude-skill-registry/tree/main/skills/data/binary-reconnaissance

SKILL.md

Binary Reconnaissance

First-look analysis of any new binary target. Run these checks before deeper analysis.

Checklist

  1. File type: file target
  2. Security mitigations: checksec target
  3. Symbols: nm target or readelf -s target
  4. Strings: strings target | grep -i flag\|win\|shell
  5. Disassembly: objdump -M intel -d target > target.asm

Checksec Interpretation

Protection Enabled Disabled Bypass
NX Can't execute shellcode on stack Shellcode works ROP, ret2libc
Canary Stack smash detected No protection Leak canary, brute force
PIE Addresses randomized Fixed addresses Leak code address
RELRO GOT protected GOT writable Can't use GOT overwrite

Quick Wins to Look For

  • Functions named win, get_flag, shell, backdoor
  • Strings containing flag, /bin/sh, cat flag
  • system() or execve() in PLT
  • No canary + no PIE = likely simple overflow

Output

Produce context/binary-info.md using the template.

Didn't find tool you were looking for?

Be as detailed as possible for better results