mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-12 22:24:56 +03:00
mukul975
27c6414ca5
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
1.6 KiB
1.6 KiB
API Reference: Firmware Malware Analysis
binwalk CLI
| Command | Description |
|---|---|
binwalk <firmware> |
Scan and display embedded file signatures |
binwalk -e <firmware> |
Extract identified components |
binwalk -eM <firmware> |
Recursive extraction with signature scanning |
binwalk -E <firmware> |
Entropy analysis for encrypted/compressed regions |
binwalk -A <firmware> |
Scan for executable opcode signatures |
binwalk Python API
import binwalk
for module in binwalk.scan("firmware.bin", signature=True, extract=True):
for result in module.results:
print(f"0x{result.offset:X} {result.description}")
chipsec CLI (UEFI Analysis)
| Command | Description |
|---|---|
python chipsec_main.py -m common.bios_wp |
Check BIOS write protection |
python chipsec_main.py -m common.spi_lock |
Check SPI flash lock status |
python chipsec_main.py -m common.secureboot |
Verify Secure Boot configuration |
python chipsec_util.py spi dump <output> |
Dump UEFI firmware from SPI flash |
Python Libraries
| Library | Version | Purpose |
|---|---|---|
subprocess |
stdlib | Execute binwalk, file, and strings commands |
hashlib |
stdlib | SHA-256 hashing for firmware integrity |
re |
stdlib | Pattern matching for IOC extraction |
References
- binwalk: https://github.com/ReFirmLabs/binwalk
- Firmadyne: https://github.com/firmadyne/firmadyne
- UEFITool: https://github.com/LongSoft/UEFITool
- chipsec: https://github.com/chipsec/chipsec
- EMBA firmware analyzer: https://github.com/e-m-b-a/emba