GhidraMCP
StaleDescription
MCP server for Ghidra reverse engineering platform, enabling AI agents to autonomously perform binary analysis and vulnerability discovery.
Key Features
- MCP server for Ghidra enabling LLMs to autonomously perform binary reverse engineering
- Decompile and analyze binaries with automatic renaming of methods and data
- List all methods, classes, imports, and exports, exposing core Ghidra functionality to MCP clients
- Compatible with multiple MCP clients including Claude Desktop, Cline, and 5ire
- Open source under Apache 2.0 license with source build support and configurable port settings
Use Cases
π‘ Security researchers use AI-assisted analysis to quickly analyze malware and discover vulnerabilities
π‘ Reverse engineers drive binary code understanding and refactoring through natural language instructions
π‘ Accelerate binary function identification and analysis in CTF competitions and vulnerability research
π‘ Security teams automate auditing and compliance checking of closed-source software
π‘ Educational settings helping students understand reverse engineering concepts and binary analysis workflows
Quick Start
1. Install Ghidra and Python 3
2. Download the GhidraMCP plugin from Releases
3. Install the extension in Ghidra (File β Install Extensions)
4. Enable the GhidraMCP plugin and configure the port
5. Configure the MCP client (e.g., Claude Desktop) config to point to bridge_mcp_ghidra.py
6. Load a binary file and start analyzing via AI conversation