Loading...
Loading...
Found 104 Skills
Reverse engineer Single Page Applications built with React + Vite + Workbox — analyze SPA internals via Chrome DevTools Protocol (CDP), write browser extensions, intercept service workers, and extract runtime state for SDK integration.
Role of Web Security Testing and Penetration Engineer, focusing on JavaScript reverse engineering and browser security research. Trigger scenarios: (1) JS reverse analysis: identification of encryption algorithms (SM2/SM3/SM4/AES/RSA), obfuscated code restoration, Cookie anti-crawling bypass, WASM reverse engineering (2) Browser debugging: XHR breakpoints, event listening, infinite debugger bypass, Source Map restoration (3) Hook technology: writing XHR/Header/Cookie/JSON/WebSocket/Canvas Hooks (4) Security product analysis: Offensive and defensive analysis of JS security products such as Ruishu, Jiasule, Chuangyudun, etc. (5) Legal scenarios such as CTF competitions, authorized penetration testing, security research, etc.
Automatic mode - shift through all 6 gears sequentially without stopping. Like cruise control or automatic transmission, this runs the entire StackShift workflow from analysis to implementation in one go. Perfect for unattended execution or when you want to let StackShift handle everything automatically.
Analyze codebase structure for reverse engineering. Identify entry points, dependencies, modules, and components with file:line traceability. Creates manifest.json for pipeline chaining with Phase 2 (logic visualization). Language-agnostic with optional language reference files. Use when: reverse engineer, analyze structure, structure analysis, codebase analysis, re-structure-analysis.
AI-powered JavaScript reverse engineering tool. Senior JavaScript reverse engineering expert assistant. Actions: collect, search, deobfuscate, understand, summarize, detect-crypto, browser, debugger, breakpoint, debug-step, debug-eval, debug-vars, script, hook, stealth, dom, page. Capabilities: obfuscated code analysis, VM cracking, Webpack unpacking, AST transformation, Puppeteer/CDP automation, anti-detection, fingerprint spoofing, encryption identification, parameter extraction, algorithm restoration, Canvas/WebGL fingerprinting, WebDriver hiding, CDP debugging, breakpoint analysis, dynamic tracing, Hook injection, DOM inspection, page control.
Code obfuscation analysis and deobfuscation playbook. Use when reversing binaries protected by junk code, opaque predicates, self-modifying code, control flow flattening, VM protection, or string encryption.
Debug and emulate specific code fragments or functions using the Unicorn engine. Activate when the user wants to emulate a function with Unicorn, trace binary execution without running the full program, decrypt or decode data by emulating the algorithm, or bypass environment dependencies (JNI, syscalls, libc) during emulation.
Generate Frida hook scripts using modern Frida API. Activate when the user wants to write Frida scripts, hook functions at runtime, trace calls/arguments/return values, intercept native or ObjC/Java methods, or dump memory and exports.
Restore function symbols by analyzing code patterns, strings, constants, and cross-references
Query IDA disassembly. Use when asked about functions, segments, instructions, blocks, operands, control flow, or raw code structure.
Use GitHub Spec Kit's /speckit.implement and /speckit.tasks to systematically build missing features from specifications. Leverages implementation plans in specs/, validates against acceptance criteria, and achieves 100% spec completion. This is Step 6 of 6 in the reverse engineering process.
将 X (Twitter) 推文和文章转换为带 YAML front matter 的 Markdown。使用逆向工程 API,需要用户同意。当用户提到"X转markdown"、"保存推文"、或提供 x.com/twitter.com 链接时使用。