Windows native PE reversing (.exe/.dll, x86/x64) on macOS and Linux. Static triage (pefile, entropy, imports/exports, MITRE capa tags, obfuscated strings via FLOSS), Ghidra headless decompilation with cached projects, and Qiling-based PE emulation with one-shot anti-debug bypass hooks for crackmes, CTF challenges, and packed binaries — no Windows host required.
Installation
1
Add the marketplace
/plugin marketplace add s3cr1z/capabilities
2
Install plugins
/plugin
Run these commands in Claude Code to add this plugin to your environment. The marketplace must be added before you can install its plugins.