open-reverselab

Name: open-reverselab
Author: LING71671

Verified

Open-source reverse engineering lab: 197-article knowledge base + MCP tools + CTF/APK/PE automation toolchain. Agent-native.

227stars

73forks

Python

Installation

# Add to your Claude Code skills
git clone https://github.com/LING71671/open-reverselab

Getting Started

Guides for using ai agents skills like open-reverselab.

Caveman: Cut Claude Token Use by 65%
How agent-side prompt compression works, when to use it, and when not to.
What is an AI Skills Marketplace?
Definitions, how marketplaces work, and how to choose between them in 2026.
Getting Started with AI Skills

Security ReportVerified

Last scanned: 6/28/2026

{
  "issues": [],
  "status": "PASSED",
  "scannedAt": "2026-06-28T07:51:29.463Z",
  "npmAuditRan": true,
  "pipAuditRan": true,
  "promptInjectionRan": true
}

README.md

Frequently Asked Questions

What is open-reverselab?

open-reverselab is an open-source ai agents skill for AI coding assistants such as Claude Code, Codex CLI, and ChatGPT, built by LING71671. Open-source reverse engineering lab: 197-article knowledge base + MCP tools + CTF/APK/PE automation toolchain. Agent-native. It has 227 GitHub stars.

Is open-reverselab safe to use?

Yes. open-reverselab passed SkillsLLM's automated security scan — a dependency vulnerability audit plus prompt-injection heuristics — with no high-severity issues. You can read the full report in the Security Report section on this page.

How do I install open-reverselab?

Clone the repository with "git clone https://github.com/LING71671/open-reverselab" and add it to your Claude Code skills directory (see the Installation section above).

What programming language is open-reverselab written in?

open-reverselab is primarily written in Python. It is open-source under LING71671 on GitHub, so you can review or fork the full source.

Are there alternatives to open-reverselab?

Yes. SkillsLLM lists many other AI Agents skills you can browse and compare side by side. Open the AI Agents category from the badge at the top of this page, or use the Related Skills and comparison links further down to weigh open-reverselab against similar tools.

Agentic AI for Beginners

Build your first AI agent from scratch - tool use, ReAct pattern, memory, deployment

41 minBeginner

Comments (0)

to leave a comment.

No comments yet. Be the first to share your thoughts!

Related Skills

superpowers

by obra

An agentic skills framework & software development methodology that works.

234,966

claude-code-statusline-pro spellbook

ReverseLab

Open-source reverse engineering lab — 197-article knowledge base, 100+ MCP automation tools, covering CTF pentesting / APK reverse engineering / PE binary analysis / cryptography & protocol cracking / game cheating analysis. Agent-native, directory-as-convention.

中文版

Routing

Signal → kb_router(board=) → kb_read_file → Attack chain → MCP tool mapping → Execution

Signal Type	Board	KB Categories / Files	MCP Tool Family
HTTP/Web/API/CVE/CAPTCHA	`ctf-website`	23/97	`http_probe` `run_ctf_tool` `kb_router`
APK/DEX/SO/Frida/Java	`apk-reverse`	8/17	`android_app_baseline` `android_crypto_unpack_recipe` `android_frida_*`
PE/x64/x86/malware/driver	`pe-reverse`	8/18	`triage_pe` `ghidra_headless_analyze` `make_x64dbg_breakpoint_script` `sample_full_workup`
Crypto/Protocol/Cheat/IoT/Radio	`general`	4+4/12	`die_scan` `ghidra_` `rizin_` `python_re_tool_*`

Knowledge Base

kb/
├── ctf-website/techniques/   23 categories, 97 articles — Full web attack surface
├── apk-reverse/techniques/    8 categories, 17 articles — APK/DEX reverse engineering
├── pe-reverse/techniques/     8 categories, 18 articles — PE binary analysis
└── general/techniques/        4+4 categories, 12 articles — Cryptography / Protocols / Cheating / Methodology

Each technique file follows this structure: Scenario → Input signal → Method → Attack chain → MCP tool mapping

Agent workflow: detect signal → kb_router lookup → kb_read_file → execute via MCP tool mapping.

Boards

Board	Trigger Signals
`boards/ctf-website`	URL, HTTP, JWT, SQLi, SSRF, CVE, API, CSP, OAuth, CAPTCHA, Cloudflare, ReDoS, Slowloris, DoS, Paywall
`boards/android`	APK, DEX, adb, Frida, jadx, smali, SO, native
`boards/windows`	PE, EXE, DLL, x64dbg, Ghidra, Procmon, packer, malware
`boards/general`	AES/DES/RSA, protobuf, game cheat, EAC/BE/Vanguard, firmware, JTAG, SDR
`boards/misc`	MCP config, skill installation, environment health check

Directory Convention

samples/      → Original samples + _quarantine/ + unpacked/
exports/      → Tool outputs (triage / IOC / YARA / Sigma / Procmon / Ghidra summaries)
patches/      → Patch artifacts (original samples are never modified)
notes/        → Analysis notes
reports/      → Final reports
scripts/      → Automation scripts
projects/     → Ghidra project files
templates/    → Note / report / rule templates
kb/           → Reusable attack knowledge base
tools/        → Toolchain
cases/        → Lightweight index — no large file copies

Installation

git clone https://github.com/LING71671/open-reverselab.git
cd open-reverselab
.\scripts\misc\bootstrap.ps1              # Core script wrappers (no downloads)
.\scripts\misc\install_tools.ps1 -CTF       # Web tools
.\scripts\misc\install_tools.ps1 -Android   # APK tools
.\scripts\misc\install_tools.ps1 -Windows   # PE tools
.\scripts\misc\install_tools.ps1 -Common    # Ghidra + Maven

Post-install verification:

python scripts/misc/lab_healthcheck.py
python scripts/misc/ai_toolcheck.py --board misc
python scripts/misc/public_release_check.py

--board misc verifies the fresh-clone core Agent scripts and lightweight tools. Run the full python scripts/misc/ai_toolcheck.py only after installing the Android, Windows, and CTF board toolchains you need.

Context Chain

On startup the Agent loads context along this chain:

CLAUDE.md → AGENTS.md → AI-USAGE.md → boards/<board>/AI-USAGE.md

Pair with codex-session-patcher for one-click project-level .codex/ environment and MCP server configuration.

License

GPL-3.0-only. See LICENSE for details.