Can I use this for standard Windows or Linux malware?

No, this skill is specifically designed for firmware and embedded systems. For OS-level malware like .exe or .elf files on conventional systems, you should use standard PE/ELF analysis tools.

What is firmware malware analysis?

It is the process of examining the software embedded in hardware devices (like routers, IoT sensors, or BIOS) to find malicious code, backdoors, or unauthorized changes.

Does this skill support UEFI bootkit detection?

Yes, it includes specialized workflows for analyzing UEFI firmware volumes, scanning for known malware families like BlackLotus, and using chipsec for platform security assessment.

What tools are required to use this skill effectively?

The skill utilizes industry-standard tools such as binwalk for extraction, UEFITool for UEFI parsing, Ghidra for reverse engineering, and QEMU for firmware emulation.

Is firmware emulation supported?

Yes, the skill provides detailed steps for using QEMU and Firmadyne to run extracted firmware in a virtual environment for dynamic analysis and network monitoring.

Firmware Malware Analysis

Name: Firmware Malware Analysis
Author: mukul975

bymukul975

•

4,120

•

セキュリティとテスト

Analyzes firmware images for embedded malware, backdoors, and unauthorized modifications in IoT and UEFI environments.

This skill provides specialized capabilities for investigating security compromises at the hardware and firmware level. It guides users through the complex process of firmware extraction, filesystem analysis, and binary reverse engineering for ARM, MIPS, and x86 architectures. Whether you are hunting for UEFI rootkits that persist across OS reinstalls or auditing IoT devices for supply chain vulnerabilities, this skill facilitates deep forensic inspection using industry-standard tools like binwalk, Ghidra, and chipsec to identify implants, hardcoded credentials, and malicious persistence mechanisms.

主な機能

014,120 GitHub stars

02Automated searching for backdoors, hardcoded credentials, and unauthorized SSH keys

03Reverse engineering guidance for embedded binaries using Ghidra and radare2

04Firmware extraction and filesystem identification using binwalk

05Dynamic analysis through firmware emulation with QEMU and Firmadyne

06UEFI/BIOS integrity verification and bootkit detection (e.g., LoJax, BlackLotus)

ユースケース

01Investigating compromised routers or IoT devices for persistent backdoors

02Detecting UEFI rootkits and bootkits that survive operating system reinstallation

03Auditing firmware updates for supply chain compromises or malicious implants

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills performing-firmware-malware-analysis

For use in Claude.ai and ChatGPT

主な機能

014,120 GitHub stars

02Automated searching for backdoors, hardcoded credentials, and unauthorized SSH keys

03Reverse engineering guidance for embedded binaries using Ghidra and radare2

04Firmware extraction and filesystem identification using binwalk

05Dynamic analysis through firmware emulation with QEMU and Firmadyne

06UEFI/BIOS integrity verification and bootkit detection (e.g., LoJax, BlackLotus)

ユースケース

01Investigating compromised routers or IoT devices for persistent backdoors

02Detecting UEFI rootkits and bootkits that survive operating system reinstallation

03Auditing firmware updates for supply chain compromises or malicious implants

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills performing-firmware-malware-analysis

For use in Claude.ai and ChatGPT