Skill

analyze

Analyzes CTF challenge files with triage.sh (file, strings, binwalk, exiftool) to detect category (crypto, forensics, stego, web, pwn, reverse, OSINT, misc), confidence score, and suggest next skill via JSON. Use for unknown binaries or triage.

Bash

Linux

security

Popularity

Stars

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/ctf-kit:analyze

User invocable

Model invocable

Inline context

Default effort

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Analyze challenge files to determine type and suggest approaches.

Supporting Files

scripts/check-tools.shscripts/run-strings.shscripts/triage.sh

SKILL.md

96 lines · ~858 tokens

Stats

LanguagePython

Stars7

MaintenanceExcellent

Last CommitMar 27, 2026

Actions

View Source View Plugin View on GitHub View README

CTF Analyze

Analyze challenge files to determine type and suggest approaches.

When to Use

Use this command when you have new challenge files and need to:

Identify the challenge category (crypto, forensics, stego, web, pwn, reversing, OSINT, misc)
Detect file types and formats
Get initial suggestions for tools to use
Understand what you're working with

Bundled Scripts

check-tools.sh — Verify required analysis tools are installed
triage.sh — Multi-step triage pipeline: file type → strings → binwalk → category suggestion. Produces a JSON summary with detected category, confidence score, and recommended next skill.
run-strings.sh — Extract strings with pattern detection (flags, URLs, hashes, credentials). Outputs JSON with categorized findings.

Instructions

First check tool availability: bash scripts/check-tools.sh
Recommended: Run the full triage pipeline for automatic category detection:
```
bash scripts/triage.sh $ARGUMENTS
```
The triage script chains: file → strings → binwalk → exiftool, then outputs a JSON summary including:
- category: detected challenge type (crypto, forensics, stego, etc.)
- confidence: detection confidence (0-100%)
- suggested_skill: which /ctf-kit:* command to use next
- findings: flags, URLs, hashes, base64 strings found
- embedded_signatures: files hidden inside the challenge file
For strings-only analysis with pattern detection:
```
bash scripts/run-strings.sh $ARGUMENTS
```
Or run the CLI analysis:
```
ctf analyze $ARGUMENTS
```
Read the JSON output at the end of each script. It contains structured data you can use to decide next steps. The suggestions field tells you exactly what to do next.
Based on the triage results, use the recommended skill:
- /ctf-kit:crypto for cryptography challenges
- /ctf-kit:forensics for forensics challenges
- /ctf-kit:stego for steganography challenges
- /ctf-kit:web for web security challenges
- /ctf-kit:pwn for binary exploitation challenges
- /ctf-kit:reverse for reverse engineering challenges
- /ctf-kit:osint for OSINT challenges
- /ctf-kit:misc for miscellaneous challenges

Output Format

All scripts produce a === PARSED RESULTS (JSON) === section with structured data. Key fields:

Field	Description
`category`	Detected challenge category
`confidence`	Detection confidence (0.0-1.0)
`suggested_skill`	Which skill to invoke next
`findings.flags`	Any flags found in strings
`suggestions`	Actionable next steps

Example Usage

/ctf-kit:analyze challenge.bin
/ctf-kit:analyze ./challenge-folder/

Related Commands

/ctf-kit:crypto - Crypto-specific analysis
/ctf-kit:forensics - Forensics analysis
/ctf-kit:stego - Steganography analysis

analyze

Popularity

Invocation

Context Preview

Supporting Files

SKILL.md

analyze

Popularity

Invocation

Context Preview

Supporting Files

SKILL.md

CTF Analyze

When to Use

Bundled Scripts

Instructions

Output Format

Example Usage

Related Commands

Similar Skills

CTF Analyze

When to Use

Bundled Scripts

Instructions

Output Format

Example Usage

Related Commands

Similar Skills