external-software-analysis

分类: 工具与效率 | 上传者: hssg1109 | 下载: 0 | 版本: v1.0（最新）

External software analysis workflows for binaries/packages (decompilation, reverse engineering, static analysis, fuzzing, and evidence collection). Use when analyzing third-party software without source access.

更新日志: Source: GitHub https://github.com/hssg1109/sec_audit_playbook

目录结构

当前层级: skills/external-software-analysis/

📁 agents/
- 📄 openai.yaml 228 B
📁 references/
- 📄 external_sources.md 256 B
- 📄 reporting_summary.md 299 B
- 📄 severity_criteria.md 201 B
📄 SKILL.md 1.2 KB

SKILL.md

---
name: external-software-analysis
description: External software analysis workflows for binaries/packages (decompilation, reverse engineering, static analysis, fuzzing, and evidence collection). Use when analyzing third-party software without source access.
---

# External Software Analysis

## Overview
Guide external software analysis from decompilation to vulnerability discovery and evidence collection. Output is a structured Markdown report.

## Workflow
1. Read `references/external_sources.md` for the canonical case template.
2. Apply the discovery process (decompile -> static scan -> flow tracing -> evidence).
3. Produce a Markdown report following the reference report structure.
4. When summarizing, map severity using `references/severity_criteria.md` and `skills/SEVERITY_CRITERIA_DETAIL.md`.

## Reporting
- Primary output: Markdown report (example reference provided).
- Use severity mapping from `references/severity_criteria.md` and detailed criteria in `skills/SEVERITY_CRITERIA_DETAIL.md`.
- Produce a common summary JSON per `references/reporting_summary.md`.

## Resources
### references/
- `references/external_sources.md`
- `references/severity_criteria.md`
- `references/reporting_summary.md`

登录后下载/点赞/收藏 ❤ 2 | ★ 0

external-software-analysis

目录结构

SKILL.md

举报内容

提示