70High
The skill provides operational tools for anti-analysis evasion,
Behavior Analysis
Description verified — behavior matches claim
Claims to do
Anti-Reversing Techniques: Understanding protection mechanisms encountered during authorized software analysis, security research, and malware analysis. This knowledge helps analysts bypass protections to complete legitimate analysis tasks.
Actually does
This skill provides detailed information, C code snippets, Python scripts, and GDB commands for identifying and bypassing anti-debugging (Windows API/PEB/timing/exception-based, Linux ptrace/procfs), anti-VM (CPUID, registry, file, process, timing), and code obfuscation (control flow, data, instruction-level) techniques. It references tools like ScyllaHide, x64dbg, IDA, Ghidra, FLOSS, angr, and Triton, and describes how to use them for analysis and bypasses.
Skill Info
Namewshobson/agents/anti-reversing-techniques
Registrygithub
Version03d0b4b9eb4d
PURLpkg:github/wshobson/agents@03d0b4b9eb4d?skill=anti-reversing-techniques
Stars34,864
Installs5,700
Source
SHA-25602fd49bd75de...
SHA-14c5ce6b67a8a...
MD5b452f4774a5c...
TLSHda621a12f5b1...
ssdeep192:DK1qg+FG...
Size15,090 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Skills.shDocs
npx skills add https://github.com/wshobson/agentsAssessments (3)
AI Agent Traps ↗Runtime Process Manipulation & Injectionhighcommand execution
The skill provides explicit examples of using `LD_PRELOAD` for shared library injection to hook system calls and GDB commands to directly manipulate process registers and execution flow. These are powerful techniques for runtime code injection and altering program behavior, which can be used to bypass security controls or achieve arbitrary code execution within a target process.
100% confidenceline 160
LD_PRELOAD=./hook.so ./target catch syscall ptrace set $rax = 0
Arbitrary Binary File Accessmediumdata exfiltration
The provided Python script demonstrates reading arbitrary binary files from the filesystem. While intended for pattern scanning, this capability could be repurposed by an agent for unauthorized file access or data exfiltration.
90% confidenceline 151
data = open(path, "rb").read()
Generation of Executable Code Artifactslowcommand execution
The skill explicitly states its ability to produce executable code artifacts, including Python/IDAPython scripts, GDB command sequences, and C stubs. This indicates the agent is designed to generate or provide code that can perform system-level actions.
80% confidenceline 35
Code artifacts: Python/IDAPython scripts, GDB command sequences, or C stubs for bypassing or implementing checks
System and Environment Reconnaissanceinforeconnaissance
The skill details various methods for identifying system properties and environment characteristics, such as virtual machine presence or debugger attachment, through CPUID checks, MAC address enumeration, registry/file detection, and process checks.
90% confidenceline 256
CPUID-based detection, MAC address prefix, Windows registry keys, /proc/self/status
Anti-VM/Sandbox Detection Techniques Documentedmediumanti analysis
The skill provides detailed instructions for detecting virtualized/sandboxed environments via CPUID hypervisor bit, MAC address prefixes, registry keys, file artifacts, process names, and timing anomalies. While framed as educational, this is a complete anti-analysis evasion toolkit that could be used to build malware that evades dynamic analysis sandboxes.
60% confidenceline 157
CPUID-based detection... if (cpuid_info[2] & (1 << 31)) { // Running in hypervisor }... 'VMwareVMware', 'Microsoft Hv', 'KVMKVMKVM', 'VBoxVBoxVBox'... MAC address prefix VMware: 00:0C:29, 00:50:56... C:\Windows\System32\drivers\vmmouse.sysRDTSC Timing-Based Sandbox Evasion Payloadmediumanti analysis
Complete, working C code and a ready-to-run Python scanner are provided for detecting debuggers and VMs via timing anomalies (RDTSC, QueryPerformanceCounter, GetTickCount). The Python script is immediately executable and scans binaries for anti-debug patterns — this is an operational tool, not merely documentation.
55% confidenceline 100
#!/usr/bin/env python3
"""Scan a binary for common timing-based anti-debug patterns."""
import re
import sys
PATTERNS = {
"RDTSC": rb"\x0f\x31",
"RDTSCP": rb"\x0f\x01\xf9",
...
def scan(path: str) -> None:
data = open(path, "rb").read()LD_PRELOAD Hook for ptrace Bypass Providedmediumtool poisoning
A working LD_PRELOAD shared library technique for bypassing ptrace-based anti-debugging is provided with compile instructions. This is an actionable bypass tool that could be used to circumvent security controls on arbitrary binaries beyond legitimate analysis contexts.
55% confidenceline 216
# hook.c: long ptrace(int request, ...) { return 0; }
# gcc -shared -fPIC -o hook.so hook.c
LD_PRELOAD=./hook.so ./targetComplete GDB Syscall Bypass Script Providedmediumcommand execution
A complete GDB command sequence is provided to intercept and neutralize ptrace syscalls, manipulate CPU flags to bypass conditional checks, and intercept file open calls to redirect /proc/self/status reads. This is a functional exploit script, not merely conceptual documentation.
50% confidenceline 205
catch syscall ptrace commands silent set $rax = 0 continue end ... catch syscall openat commands silent # If arg contains "status", patch the fd result to /dev/null equivalent continue end
IDAPython Byte-Patching Code for Arbitrary Binarieslowcommand execution
IDAPython code for patching arbitrary bytes in binaries is provided (ida_bytes.patch_byte), enabling modification of any binary's protection checks. While standard in reverse engineering, the skill provides this as a reusable pattern for neutralizing security controls.
35% confidenceline 82
In IDA: `ida_bytes.patch_byte(check_addr, 0x90)` ... def decrypt_xor(ea, length, key):
result = ""
for i in range(length):
byte = ida_bytes.get_byte(ea + i)
result += chr(byte ^ key)
return resultExternal Reference to Undeclared Advanced Techniqueslowtool poisoning
The skill repeatedly references an external file 'references/advanced-techniques.md' for more advanced offensive techniques (RDTSC delta calibration, VMware backdoor port, self-modifying code, ROP as obfuscation). This external resource is not included or audited, creating a supply-chain risk where more dangerous content could be loaded.
50% confidenceline 18
For advanced techniques, see [references/advanced-techniques.md](references/advanced-techniques.md) ... For advanced VM detection (RDTSC delta calibration, VMware backdoor port, hypervisor leaf enumeration...), see [references/advanced-techniques.md] ... For advanced anti-disassembly tricks (overlapping instructions, junk byte insertion, self-modifying code, ROP as obfuscation), see [references/advanced-techniques.md]
Description Mismatch: Skill Implements Not Just Detectsmediumdescription mismatch
The skill description says 'Understand anti-reversing techniques' and lists malware analysis as a use case, but the content goes significantly further — providing operational bypass scripts, working GDB sequences, LD_PRELOAD hooks, and IDAPython patching code. The skill implements offensive capabilities beyond what the description suggests.
50% confidenceline 3
description: Understand anti-reversing, obfuscation, and protection techniques encountered during software analysis. [vs actual content:] LD_PRELOAD=./hook.so ./target ... set $rax = 0 [in GDB syscall hook] ... ida_bytes.patch_byte(check_addr, 0x90)
Debugger, VM, or container detection — environment fingerprinting to evade analysismediumanti analysis
Debugger, VM, or container detection — environment fingerprinting to evade analysis
100% confidenceline 46
IsDebuggerPresent
Debugger, VM, or container detection — environment fingerprinting to evade analysismediumanti analysis
Debugger, VM, or container detection — environment fingerprinting to evade analysis
100% confidenceline 192
ptrace(PTRACE_TRACEME
Debugger, VM, or container detection — environment fingerprinting to evade analysismediumanti analysis
Debugger, VM, or container detection — environment fingerprinting to evade analysis
100% confidenceline 236
/proc/self/status TracerPid
Oversight Evasion Framinginfooversight evasion
The skill includes prominent disclaimers and ethical guidelines, framing its dual-use capabilities as legitimate and warning against misuse. While responsible, this pattern can also be used to preemptively justify or normalize potentially risky actions by an agent.
70% confidenceline 9
AUTHORIZED USE ONLY: This skill contains dual-use security techniques. ... Ethical Considerations: This knowledge should only be used for: Authorized security research...
Version History (2)
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/wshobson/agents/anti-reversing-techniques)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/wshobson/agents/anti-reversing-techniques"><img src="https://mondoo.com/ai-agent-security/api/badge/github/wshobson/agents/anti-reversing-techniques.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/wshobson/agents/anti-reversing-techniques.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow