Stats
Actions
Tags
From vulhunt
Interact with Binarly Transparency Platform (BTP) via CLI to upload/scan firmware, download BA2 archives, push custom rules, list products/images/scans, and extract BA2 components.
How this skill is triggered — by the user, by Claude, or both
Slash command
/vulhunt:btp-ba2-cliThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
**Required environment variables** (must be set by the user, do not configure these):
Required environment variables (must be set by the user, do not configure these):
BTP_USERNAMEBTP_PASSWORDBTP_INSTANCE_SLUGvulhunt-ce btp list-products
vulhunt-ce btp create-product --name "Name" --description "Optional"
# Upload only
vulhunt-ce btp upload --product-id <pid> --name "Name" --version "1.0.0" file.bin
# Upload and scan
vulhunt-ce btp upload --product-id <pid> --name "Name" --version "1.0.0" --scan file.bin
vulhunt-ce btp list-images --product-id <pid>
vulhunt-ce btp list-scans --product-id <pid> --image-id <iid>
vulhunt-ce btp create-scan --product-id <pid> --image-id <iid>
vulhunt-ce btp get-scan --product-id <pid> --image-id <iid> --scan-id <sid>
vulhunt-ce btp get-findings --product-id <pid> --image-id <iid>
vulhunt-ce btp download-ba2 --product-id <pid> --image-id <iid>
vulhunt-ce btp download-ba2 --product-id <pid> --image-id <iid> --scan-id <sid>
vulhunt-ce btp download-ba2 --product-id <pid> --image-id <iid> -o output.ba2
# From platform directories (posix/ or uefi/)
vulhunt-ce btp push-rules -r "ruleset-name" -t "v1.0.0" ./posix ./uefi
# Individual .vh files (requires --platform)
vulhunt-ce btp push-rules -r "ruleset-name" -t "latest" --platform posix rule.vh
# Deploy to product or org
vulhunt-ce btp push-rules -r "ruleset-name" -t "latest" --deploy-to-product <pid> ./posix
vulhunt-ce btp push-rules -r "ruleset-name" -t "latest" --deploy-to-org <oid> ./posix
# With modules
vulhunt-ce btp push-rules -r "ruleset-name" -t "latest" --modules ./modules ./posix
# List components
vulhunt-ce ba2 list-components file.ba2
# Extract component by UUID
vulhunt-ce ba2 extract-component file.ba2 --component-id <UUID> -o output_file
BTP commands return:
{"status": "ok", "payload": {...}}
{"status": "error", "message": "..."}
BA2 commands return raw JSON arrays or objects.
npx claudepluginhub vulhunt-re/skills --plugin vulhuntShared safety and execution guidance for BPX skills. Provides workflows, command-selection heuristics, and output-reading tips for working with binary assets.
Analyzes firmware for embedded systems and IoT security via binwalk extraction, file system exploration, credential hunting, and binary checks with readelf and checksec.
Analyzes firmware images for malware, backdoors, and modifications in routers, IoT devices, UEFI/BIOS, and embedded systems. Covers extraction, filesystem analysis, binary reverse engineering, and bootkit detection.