Ghidra/IDA Reverse Engineering Skill
SKILL.md
Ghidra/IDA Reverse Engineering Skill
Overview
This skill provides deep integration with Ghidra and IDA Pro for comprehensive binary analysis and reverse engineering tasks.
Capabilities
- Execute Ghidra headless analysis scripts
- Parse and interpret disassembly output
- Generate and run Ghidra Python scripts
- Analyze decompiled code for vulnerabilities
- Extract function signatures and data structures
- Create and apply Ghidra type definitions
- Export analysis artifacts (call graphs, data flows)
- Support IDA Pro scripting (IDAPython)
Target Processes
- binary-reverse-engineering.js
- firmware-analysis.js
- malware-analysis.js
- vulnerability-root-cause-analysis.js
Dependencies
- Ghidra CLI (analyzeHeadless)
- IDA Pro (optional, for IDAPython support)
- Python 3.x with ghidra_bridge or ghidrathon
- Java Runtime Environment (for Ghidra)
Usage Context
This skill is essential for:
- Static binary analysis workflows
- Vulnerability discovery in compiled code
- Malware reverse engineering
- Firmware extraction and analysis
- Protocol reverse engineering from binaries
Integration Notes
- Ghidra headless mode enables automated analysis pipelines
- Results can be exported as JSON, XML, or custom formats
- Supports both script-based and interactive analysis workflows
- Can generate Ghidra project files for manual follow-up