Babysitter Ghidra/IDA Reverse Engineering Skill
Deep integration with Ghidra and IDA Pro for binary analysis and reverse engineering
install
source · Clone the upstream repo
git clone https://github.com/a5c-ai/babysitter
Claude Code · Install into ~/.claude/skills/
T=$(mktemp -d) && git clone --depth=1 https://github.com/a5c-ai/babysitter "$T" && mkdir -p ~/.claude/skills && cp -r "$T/library/specializations/security-research/skills/ghidra-ida-re" ~/.claude/skills/a5c-ai-babysitter-ghidra-ida-reverse-engineering-skill && rm -rf "$T"
manifest:
library/specializations/security-research/skills/ghidra-ida-re/SKILL.mdsource content
Ghidra/IDA Reverse Engineering Skill
Overview
This skill provides deep integration with Ghidra and IDA Pro for comprehensive binary analysis and reverse engineering tasks.
Capabilities
- Execute Ghidra headless analysis scripts
- Parse and interpret disassembly output
- Generate and run Ghidra Python scripts
- Analyze decompiled code for vulnerabilities
- Extract function signatures and data structures
- Create and apply Ghidra type definitions
- Export analysis artifacts (call graphs, data flows)
- Support IDA Pro scripting (IDAPython)
Target Processes
- binary-reverse-engineering.js
- firmware-analysis.js
- malware-analysis.js
- vulnerability-root-cause-analysis.js
Dependencies
- Ghidra CLI (analyzeHeadless)
- IDA Pro (optional, for IDAPython support)
- Python 3.x with ghidra_bridge or ghidrathon
- Java Runtime Environment (for Ghidra)
Usage Context
This skill is essential for:
- Static binary analysis workflows
- Vulnerability discovery in compiled code
- Malware reverse engineering
- Firmware extraction and analysis
- Protocol reverse engineering from binaries
Integration Notes
- Ghidra headless mode enables automated analysis pipelines
- Results can be exported as JSON, XML, or custom formats
- Supports both script-based and interactive analysis workflows
- Can generate Ghidra project files for manual follow-up