Skip to content

feat(skills): IoT firmware leaf playbooks (acquisition, binwalk-extract, hardcoded-creds, U-Boot, dev-mem)#439

Open
VoidChecksum wants to merge 1 commit into
mainfrom
feat/skills-iot-firmware-leaves
Open

feat(skills): IoT firmware leaf playbooks (acquisition, binwalk-extract, hardcoded-creds, U-Boot, dev-mem)#439
VoidChecksum wants to merge 1 commit into
mainfrom
feat/skills-iot-firmware-leaves

Conversation

@VoidChecksum
Copy link
Copy Markdown
Collaborator

@VoidChecksum VoidChecksum commented May 30, 2026

Summary

Creates five leaf playbooks that were referenced in standard/iot/SKILL.md but did not exist, resolving all dangling catalog links in the IoT subdomain.

Leaves added

Slug Path Covers
firmware-acquisition standard/iot/firmware-acquisition/SKILL.md Vendor portals, OTA MITM proxy capture, SPI NOR dump (flashrom/CH341A + SOIC-8 clip), eMMC chip-off + dd, UART/JTAG console dumps with U-Boot tftp exfil
binwalk-extract standard/iot/binwalk-extract/SKILL.md binwalk recursive extraction, entropy analysis, squashfs (standard + sasquatch vendor variants), JFFS2 (jefferson + mtdram mount), UBIFS (ubireader), manual byte-pattern carving, firmware-mod-kit nested containers
hardcoded-creds standard/iot/hardcoded-creds/SKILL.md /etc/shadow + passwd parsing + hashcat/john cracking, busybox httpd + Dropbear key extraction, strings sweep + trufflehog FS scan, MQTT/cloud API token extraction, default-credential matrix, TLS private key harvesting
bootloader-uboot standard/iot/bootloader-uboot/SKILL.md Autoboot interrupt (manual + UART break), printenv/setenv, bootargs init=/bin/sh override, persistent saveenv modifications, secure-boot bypass (FDT patch, HAB status, rollback), fault injection with ChipWhisperer-Nano and crowbar glitch
dev-mem standard/iot/dev-mem/SKILL.md /dev/mem reads/writes (devmem2, dd), STRICT_DEVMEM bypass paths, MTD partition dump + erase + flashcp write, U-Boot env CRC-patching via MTD, /proc/kallsyms symbol resolution, live process memory access via /proc/pid/mem

Notes

  • Additive markdown only — no existing files modified.
  • standard/iot/SKILL.md routing table unchanged; these files fulfill its existing references.
  • All five SKILL.md files follow the frontmatter schema (name, description, allowed-tools, metadata.{subdomain,when_to_use,tags,mitre_attack}) copied from standard/wireless/wpa2-psk/SKILL.md.
  • ruff check/format and skills-registry pytest suite pass clean on this branch.

@VoidChecksum
feat(skills): IoT firmware leaf playbooks (acquisition, binwalk-extra…
456d90e 
…ct, hardcoded-creds, U-Boot, dev-mem)

Creates the leaf playbooks referenced by standard/iot/SKILL.md, resolving dangling catalog references.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PurpleCHOIms PurpleCHOIms Awaiting requested review from PurpleCHOIms PurpleCHOIms is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@VoidChecksum