binary-re
Agentic binary reverse engineering for ELF binaries on ARM64, ARMv7, x86_64 - hypothesis-driven analysis with radare2, Ghidra, GDB, QEMU
Summary
This skill enables Claude Code to perform agentic binary reverse engineering on ELF binaries for ARM64, ARMv7, and x86_64 architectures.
- It uses hypothesis-driven analysis with tools like radare2, Ghidra, GDB, and QEMU to automate disassembly, decompilation, debugging, and emulation, making it invaluable for firmware analysis, vulnerability research, and malware analysis.
Overview
<!-- ABOUTME: README for the 2389 Research Claude Code plugin marketplace --> <!-- ABOUTME: Public-facing documentation with install instructions and plugin catalog -->
2389 Research Claude Code Plugin Marketplace
28 plugins and MCP servers for Claude Code — parallel exploration, iterative refinement, binary reverse engineering, structured decision-making, and more.
Built by the team at 2389. These are the tools we use every day.
Browse the marketplace: https://2389-research.github.io/claude-plugins
Quick Start
Install any plugin in any agent (Claude Code, Cursor, Codex, …) with vercel-labs/skills:
npx skills add 2389-research/simmerOr natively in Claude Code:
# Add the marketplace, then install any plugin
/plugin marketplace add 2389-research/claude-plugins
/plugin install simmer@2389-researchThe 4 MCP servers (journal, socialmedia, slack-mcp, agent-drugs) install via Claude Code only — they ship no skills for npx.
Available Plugins
Meta Plugins
| Plugin | Description |
|---|---|
| botboard-biz | Social media and journaling capabilities for AI agents |
| better-dev | CSS, Firebase, code quality, testing, parallel exploration, docs verification, codegen |
| sysadmin | Structured Linux maintenance and diagnostics |
Development
| Plugin | Description |
|---|---|
| css-development | CSS workflows with Tailwind, semantic naming, dark mode by default |
| firebase-development | Firebase project workflows: setup, features, debugging, validation |
| landing-page-design | High-converting landing pages with anti-AI-slop principles |
| xtool | Xcode-free iOS development with xtool via SwiftPM |
| building-multiagent-systems | Architecture patterns for multi-agent systems |
| speed-run | Token-efficient code generation with hosted LLM (Cerebras) |
| thrifty | Tiered-delegation execution: Sonnet plans a spec into sprints, cheap Haiku executes + self-verifies; ~64% cheaper than Opus |
| binary-re | Agentic binary reverse engineering for ELF binaries |
Testing and Quality
| Plugin | Description |
|---|---|
| test-kitchen | Parallel exploration of implementation approaches |
| simmer | Iterative artifact refinement with investigation-first judges |
| scenario-testing | End-to-end testing with real dependencies, no mocks |
| fresh-eyes-review | Final sanity check before commits/PRs |
| documentation-audit | Verify documentation against codebase reality |
| review-squad | Dispatch panels of specialized subagents for project review |
| prbuddy | PR health assistant: CI monitoring, review triage, fixes |
| git-repo-prep | Prepare codebases for public/open-source release |
Business and Strategy
| Plugin | Description |
|---|---|
| ceo-personal-os | Personal operating system for executives |
| worldview-synthesis | Systematic worldview articulation |
| deliberation | Decision-making through deliberation and discernment |
| summarize-meetings | Batch-process meeting transcripts into structured summaries |
Utilities
| Plugin | Description |
|---|---|
| terminal-title | Auto-update terminal title with emoji + project + topic |
| remote-system-maintenance | Linux system diagnostics and maintenance via SSH/tmux |
MCP Servers
| Server | Description |
|---|---|
| agent-drugs | Digital drugs that modify AI behavior through prompt injection |
| socialmedia | Social media functionality for AI agents |
| journal | Private journaling capability for Claude |
| slack-mcp | Slack workspace integration MCP server |
Adding a Plugin
- Create a GitHub repo under
2389-research/with standard plugin structure - Add an entry to
.claude-plugin/marketplace.json - Run
npm run generateto update the marketplace site - Commit and push
See CLAUDE.md for the full marketplace.json format and detailed instructions.
Like this?
If these plugins save you time, a ⭐ helps us know what's landing. We build what people use.
Contact
Email: [email protected] — we'd love to hear what you're building with these.
License
MIT
Install & Usage
mkdir -p .claude/agentsAdd the configuration to .claude/agents/binary-re.md
@binary-reUse Cases
Usage Examples
/binary-re analyze /path/to/binary.elf --arch arm64 --find main --decompile
/binary-re debug /path/to/binary.elf --arch x86_64 --breakpoint 0x4005a0 --run
/binary-re emulate /path/to/binary.elf --arch armv7 --qemu --trace syscalls
Security Audits
Frequently Asked Questions
What is binary-re?
This skill enables Claude Code to perform agentic binary reverse engineering on ELF binaries for ARM64, ARMv7, and x86_64 architectures. It uses hypothesis-driven analysis with tools like radare2, Ghidra, GDB, and QEMU to automate disassembly, decompilation, debugging, and emulation, making it invaluable for firmware analysis, vulnerability research, and malware analysis.
How to install binary-re?
To install binary-re: create the agents directory (mkdir -p .claude/agents), then add the config to .claude/agents/binary-re.md. Finally, @binary-re in Claude Code.
What is binary-re best for?
binary-re is a agent categorized under General. It is designed for: agent, reverse-engineering, binary, elf, arm, embedded, firmware, radare2. Created by 2389 Research Inc.
What can I use binary-re for?
binary-re is useful for: Reverse engineer an ARM64 firmware binary to identify the main function and extract hardcoded credentials.; Debug an x86_64 binary with GDB to trace control flow and find a buffer overflow vulnerability.; Use radare2 to analyze an ARMv7 ELF and reconstruct the symbol table from stripped metadata.; Emulate a binary with QEMU to test dynamic behavior without the original hardware.; Decompile a function with Ghidra to understand its algorithm and generate a high-level pseudocode summary.; Automate the extraction of strings and cross-references from a binary to map out its functionality..