Skip to content

fix(reverser): add radare2 and protector workflows#734

Open
NetVar1337 wants to merge 2 commits into
mainfrom
fix-reverser-radare2-fallback
Open

fix(reverser): add radare2 and protector workflows#734
NetVar1337 wants to merge 2 commits into
mainfrom
fix-reverser-radare2-fallback

Conversation

@NetVar1337

@NetVar1337 NetVar1337 commented Jun 27, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • Narrow the reversing workload requirement to Ghidra-only deep analysis paths.
  • Keep basic binary triage/Radare2 work dispatchable to reverser when opscontrol or Ghidra workload is unavailable.
  • Add Radare2/r2 fallback guidance to the reverser prompt, subagent spec, and skill catalog.
  • Add a VMProtect / VMP2 / Themida playbook inspired by Back Engineering Labs research:
    • avoid brittle VM-handler pattern matching,
    • prefer incremental lifting and control-flow recovery,
    • track VMEnter, VIP movement, VMEXIT behavior, handler-table clues, and branch behavior,
    • keep devirtualization claims conservative.
  • Regenerate skills.cypher so skill graph metadata matches.
  • Add prompt/spec/skill contract tests for Radare2 fallback and virtualized-protector routing.

Verification

  • uv run pytest packages/decepticon/tests/unit/agents/test_reverser_workload_fallback.py (6 passed)
  • uv run pytest packages/decepticon/tests/unit/agents/test_reverser_workload_fallback.py packages/decepticon/tests/unit/agents/test_build.py packages/decepticon/tests/unit/reversing/test_binary_strings_packer.py::TestScripts packages/decepticon/tests/unit/reversing/test_reversing_internals.py::TestScriptsExtended (60 passed)
  • uv run ruff check packages/decepticon/tests/unit/agents/test_reverser_workload_fallback.py packages/decepticon/decepticon/agents/standard/reverser.py
  • uv run ruff format --check packages/decepticon/tests/unit/agents/test_reverser_workload_fallback.py packages/decepticon/decepticon/agents/standard/reverser.py
  • make build-skill-graph
  • make check-skill-graph
  • make ci-lint

Review

  • Reviewer found the new virtualized-protectors skill file was untracked before commit.
  • Fixed by adding the file to the commit with the prompt/catalog/tests/generated graph update.
  • Reviewer found the RE guidance conservative and aligned with requested Back Engineering themes.

@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@NetVar1337 NetVar1337 changed the title fix(reverser): allow radare2 fallback fix(reverser): add radare2 and protector workflows Jun 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant