المهارات protocol-reverse-engineering
📦
protocol-reverse-engineering
آمن ⚙️
الأوامر الخارجية🌐
الوصول إلى الشبكة📁
الوصول إلى نظام الملفات
Reverse Engineer Network Protocols
Protocol reverse engineering enables security researchers and developers to analyze, document, and understand proprietary network protocols for interoperability, security testing, and debugging purposes.
يدعم: Claude Codex Code(CC)
1
تنزيل ZIP المهارة
2
رفع في Claude
اذهب إلى Settings → Capabilities → Skills → Upload skill
3
فعّل وابدأ الاستخدام
اختبرها
استخدام "protocol-reverse-engineering". How do I identify if a protocol uses encryption?
النتيجة المتوقعة:
- Use entropy analysis to detect encryption. High entropy (>7.5) suggests encrypted or compressed data.
- Look for block cipher indicators like consistent 16-byte (AES) or 8-byte (DES) message lengths.
- Check for initialization vectors (IVs) at the start of encrypted payloads.
- Examine protocol headers for encryption flags or key exchange messages.
استخدام "protocol-reverse-engineering". What are common protocol field patterns?
النتيجة المتوقعة:
- Magic numbers: Fixed signatures at message start (e.g., 0x50524F54 for 'PROT')
- Length fields: Often precede variable data to indicate payload size
- Type/opcode fields: Identify message purpose (e.g., 0x01=HELLO, 0x02=DATA)
- Sequence numbers: Enable ordered delivery and reliability
- Checksums: Verify message integrity (CRC32, MD5, SHA variants)
التدقيق الأمني
آمنv1 • 2/24/2026
All 63 static findings are false positives. The skill contains legitimate protocol reverse engineering content including Wireshark, tcpdump, mitmproxy, Scapy, and fuzzing tools. The flagged items are standard security research techniques: bash commands in code blocks, Wireshark filter syntax, example IP addresses, TLS decryption setup (SSLKEYLOGFILE), protocol identification patterns, and warnings about deprecated cryptography. This is authorized security research content with no malicious intent.
2
الملفات التي تم فحصها
542
الأسطر التي تم تحليلها
3
النتائج
1
إجمالي عمليات التدقيق
عوامل الخطر
⚙️ الأوامر الخارجية (41)
resources/implementation-playbook.md:13-25 resources/implementation-playbook.md:25-29 resources/implementation-playbook.md:29-41 resources/implementation-playbook.md:41-45 resources/implementation-playbook.md:45-57 resources/implementation-playbook.md:57-63 resources/implementation-playbook.md:63-82 resources/implementation-playbook.md:82-86 resources/implementation-playbook.md:86-99 resources/implementation-playbook.md:99-103 resources/implementation-playbook.md:103-124 resources/implementation-playbook.md:124-130 resources/implementation-playbook.md:130-142 resources/implementation-playbook.md:142-146 resources/implementation-playbook.md:146-158 resources/implementation-playbook.md:158-164 resources/implementation-playbook.md:164-191 resources/implementation-playbook.md:191-195 resources/implementation-playbook.md:195-238 resources/implementation-playbook.md:238-242 resources/implementation-playbook.md:242-259 resources/implementation-playbook.md:259-265 resources/implementation-playbook.md:265-287 resources/implementation-playbook.md:287-291 resources/implementation-playbook.md:291-307 resources/implementation-playbook.md:307-311 resources/implementation-playbook.md:311-322 resources/implementation-playbook.md:322-328 resources/implementation-playbook.md:328-365 resources/implementation-playbook.md:365-371 resources/implementation-playbook.md:371-375 resources/implementation-playbook.md:375-379 resources/implementation-playbook.md:379-380 resources/implementation-playbook.md:380-384 resources/implementation-playbook.md:384-430 resources/implementation-playbook.md:430-436 resources/implementation-playbook.md:436-462 resources/implementation-playbook.md:462-466 resources/implementation-playbook.md:466-486 SKILL.md:27 SKILL.md:31
🌐 الوصول إلى الشبكة (4)
📁 الوصول إلى نظام الملفات (2)
تم تدقيقه بواسطة: claude
درجة الجودة
38
الهندسة المعمارية
100
قابلية الصيانة
87
المحتوى
50
المجتمع
100
الأمان
100
الامتثال للمواصفات
ماذا يمكنك بناءه
Security Researcher Analyzing Malware Communication
Reverse engineer custom protocols used by malware to understand command and control mechanisms, enabling better detection and mitigation strategies.
Developer Documenting Legacy System Protocol
Create formal documentation for proprietary protocols in legacy systems to enable modern replacements and ensure interoperability.
QA Engineer Testing Protocol Implementations
Use fuzzing and replay techniques to validate protocol implementations for vulnerabilities and conformance to specifications.
جرّب هذه الموجهات
Basic Protocol Analysis Request
Help me analyze a network protocol. I have a pcap file and need to understand the message structure. What are the key fields and how do messages flow?
Binary Protocol Parsing
I need to parse a custom binary protocol. The messages have a 4-byte magic number, 2-byte version, 2-byte type, and variable payload. How do I write a Python parser for this?
TLS Traffic Analysis
How can I analyze encrypted TLS traffic? What techniques can I use to identify the cipher suite, extract certificate information, and understand the handshake process?
Custom Protocol Documentation
Help me create a formal specification document for a custom protocol. Include message format, state machine, and examples. The protocol runs over TCP on port 8888.
أفضل الممارسات
- Capture multiple traffic samples across different scenarios to understand protocol behavior comprehensively
- Always verify your understanding by implementing a parser and successfully generating valid messages
- Document protocols with formal specifications including message formats, state machines, and error handling
تجنب
- Assuming protocol behavior from a single captured message sample
- Ignoring edge cases and error conditions in protocol analysis
- Attempting to reverse engineer encrypted protocols without proper authorization
الأسئلة المتكررة
Is protocol reverse engineering legal?
Protocol reverse engineering is legal for security research, interoperability, and debugging purposes in most jurisdictions. However, it may violate terms of service for some proprietary systems. Always consult legal counsel when in doubt.
What tools do I need for packet capture?
You will need Wireshark for GUI-based packet analysis, tcpdump for command-line capture, and potentially mitmproxy for HTTP/HTTPS interception. On some systems, you may need elevated privileges to capture network traffic.
Can I analyze encrypted traffic?
You can analyze TLS metadata (cipher suites, certificates, handshake details) without decryption. For full decryption, you need the server's private key or a pre-master secret log from the client.
How do I identify an unknown protocol?
Look for magic numbers, examine fixed versus variable fields, identify length prefixes, and analyze multiple messages to understand patterns. Use entropy analysis to detect encryption.
What is fuzzing in protocol analysis?
Fuzzing sends malformed or random input to a protocol implementation to discover vulnerabilities. Tools like Boofuzz help define protocol structure and generate test cases automatically.
How do I create a Wireshark dissector?
Write dissectors in Lua using the Proto API. Define fields with ProtoField, parse buffer data in the dissector function, and register the dissector to a specific TCP port.
تفاصيل المطور
المؤلف
sickn33الترخيص
MIT
المستودع
https://github.com/sickn33/antigravity-awesome-skills/tree/main/skills/protocol-reverse-engineeringمرجع
main
بنية الملفات