MR
Mayur Rathi
@mayurrathi
⭐ 40.7k GitHub stars

Firmware Analyst

Firmware Analyst is an code AI skill with a core value of |. It helps developers solve real-world problems in the code domain, boosting efficiency, automating repetitive tasks, and optimizing workflows.

|

Last verified on: 2026-07-07

Quick Facts

Category code
Works With Claude
Source sickn33/antigravity-awesome-skills
Stars ⭐ 40.7k
Last Verified 2026-07-07
Risk Level Low
mkdir -p ./skills/firmware-analyst && curl -sfL https://raw.githubusercontent.com/sickn33/antigravity-awesome-skills/main/skills/firmware-analyst/SKILL.md -o ./skills/firmware-analyst/SKILL.md

Run in terminal / PowerShell. Requires curl (Unix) or PowerShell 5+ (Windows).

Skill Content

# Download from vendor

wget http://vendor.com/firmware/update.bin


# Extract from device via debug interface

# UART console access

screen /dev/ttyUSB0 115200

# Copy firmware partition

dd if=/dev/mtd0 of=/tmp/firmware.bin


# Extract via network protocols

# TFTP during boot

# HTTP/FTP from device web interface

text

### Hardware Methods

UART access - Serial console connection

JTAG/SWD - Debug interface for memory access

SPI flash dump - Direct chip reading

NAND/NOR dump - Flash memory extraction

Chip-off - Physical chip removal and reading

Logic analyzer - Protocol capture and analysis

text

## Use this skill when

- Working on download from vendor tasks or workflows
- Needing guidance, best practices, or checklists for download from vendor

## Do not use this skill when

- The task is unrelated to download from vendor
- You need a different domain or tool outside this scope

## Instructions

- Clarify goals, constraints, and required inputs.
- Apply relevant best practices and validate outcomes.
- Provide actionable steps and verification.
- If detailed examples are required, open `resources/implementation-playbook.md`.

## Firmware Analysis Workflow

### Phase 1: Identification

# Basic file identification

file firmware.bin

binwalk firmware.bin


# Entropy analysis (detect compression/encryption)

# Binwalk v3: generates entropy PNG graph

binwalk --entropy firmware.bin

binwalk -E firmware.bin # Short form


# Identify embedded file systems and auto-extract

binwalk --extract firmware.bin

binwalk -e firmware.bin # Short form


# String analysis

strings -a firmware.bin | grep -i "password\|key\|secret"

text

### Phase 2: Extraction

# Binwalk v3 recursive extraction (matryoshka mode)

binwalk --extract --matryoshka firmware.bin

binwalk -eM firmware.bin # Short form


# Extract to custom directory

binwalk -e -C ./extracted firmware.bin


# Verbose output during recursive extraction

binwalk -eM --verbose firmware.bin


# Manual extraction for specific formats

# SquashFS

unsquashfs filesystem.squashfs


# JFFS2

jefferson filesystem.jffs2 -d output/


# UBIFS

ubireader_extract_images firmware.ubi


# YAFFS

unyaffs filesystem.yaffs


# Cramfs

cramfsck -x output/ filesystem.cramfs

text

### Phase 3: File System Analysis

# Explore extracted filesystem

find . -name "*.conf" -o -name "*.cfg"

find . -name "passwd" -o -name "shadow"

find . -type f -executable


# Find hardcoded credentials

grep -r "password" .

grep -r "api_key" .

grep -rn "BEGIN RSA PRIVATE KEY" .


# Analyze web interface

find . -name "*.cgi" -o -name "*.php" -o -name "*.lua"


# Check for vulnerable binaries

checksec --dir=./bin/

text

### Phase 4: Binary Analysis

# Identify architecture

file bin/httpd

readelf -h bin/httpd


# Load in Ghidra with correct architecture

# For ARM: specify ARM:LE:32:v7 or similar

# For MIPS: specify MIPS:BE:32:default


# Set up cross-compilation for testing

# ARM

arm-linux-gnueabi-gcc exploit.c -o exploit

# MIPS

mipsel-linux-gnu-gcc exploit.c -o exploit

text

## Common Vulnerability Classes

### Authentication Issues

Hardcoded credentials - Default passwords in firmware

Backdoor accounts - Hidden admin accounts

Weak password hashing - MD5, no salt

Authentication bypass - Logic flaws in login

Session management - Predictable tokens

text

### Command Injection

// Vulnerable pattern

char cmd[256];

sprintf(cmd, "ping %s", user_input);

system(cmd);


// Test payloads

; id

| cat /etc/passwd

`whoami`

$(id)

text

### Memory Corruption

Stack buffer overflow - strcpy, sprintf without bounds

Heap overflow - Improper allocation handling

Format string - printf(user_input)

Integer overflow - Size calculations

Use-after-free - Improper memory management

text

### Information Disclosure

Debug interfaces - UART, JTAG left enabled

Verbose errors - Stack traces, paths

Configuration files - Exposed credentials

🎯 Best For

  • Claude users
  • Software engineers
  • Development teams
  • Tech leads

💡 Use Cases

  • Code quality improvement
  • Best practice enforcement

📖 How to Use This Skill

  1. 1

    Install the Skill

    Copy the install command from the Terminal tab and run it. The SKILL.md file downloads to your local skills directory.

  2. 2

    Load into Your AI Assistant

    Open Claude and reference the skill. Paste the SKILL.md content or use the system prompt tab.

  3. 3

    Apply Firmware Analyst to Your Work

    Open your project in the AI assistant and ask it to apply the skill. Start with a small module to verify the output quality.

  4. 4

    Review and Refine

    Review AI suggestions before committing. Run tests, check for regressions, and iterate on the skill output.

❓ Frequently Asked Questions

Is Firmware Analyst compatible with Cursor and VS Code?

Yes — this skill works with any AI coding assistant including Cursor, VS Code with Copilot, and JetBrains IDEs.

Do I need specific dependencies for Firmware Analyst?

Check the install command and Works With section. Most code skills only require the AI assistant and your codebase.

How do I install Firmware Analyst?

Copy the install command from the Terminal tab and run it. The skill downloads to ./skills/firmware-analyst/SKILL.md, ready to use.

Can I customize this skill for my team?

Absolutely. Edit the SKILL.md file to add team-specific instructions, examples, or workflows.

⚠️ Common Mistakes to Avoid

Skipping validation

Always test AI-generated code changes, even for simple refactors.

Missing dependency updates

Check if the skill requires updated dependencies or new packages.

🔗 Related Skills