ghidra-mcp

ghidra-mcp

3.4

If you are the rightful owner of ghidra-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

The Ghidra MCP Server is a Ghidra Plugin that provides a Model Context Protocol (MCP) server to expose Ghidra functionalities, aiding LLM agents in reverse engineering tasks.

The Ghidra MCP Server is an innovative extension designed to enhance the capabilities of Ghidra, a popular software reverse engineering tool. By implementing a Model Context Protocol (MCP) server, this plugin allows for seamless interaction between Ghidra and AI agents, such as large language models (LLMs). This integration is particularly beneficial for reverse engineers who need to understand complex binaries efficiently. The server exposes various Ghidra functionalities, enabling LLMs to perform tasks like listing functions, decompiling code, and renaming variables. This not only saves time but also provides a more intuitive approach to reverse engineering. The plugin is built using Java and incorporates a Spring Boot application, making it a robust and scalable solution. While still in the experimental phase, the Ghidra MCP Server shows great promise in streamlining reverse engineering processes and enhancing the utility of AI in this domain.

Features

  • Exposes Ghidra functionalities via MCP server
  • Facilitates interaction between Ghidra and AI agents
  • Supports tasks like function listing and decompilation
  • Built with Java and Spring Boot for scalability
  • Aids in efficient reverse engineering of complex binaries

Tools

  1. List functions

    Lists all functions within the binary.

  2. Decompile functions

    Decompiles functions to provide a higher-level representation.

  3. Rename functions

    Allows renaming of functions for better clarity.

  4. Rename local variables

    Enables renaming of local variables within functions.

  5. Comment functions

    Adds comments to functions for documentation purposes.

  6. Get references from/to address

    Retrieves references from or to a specific address.

  7. Search for strings in memory

    Searches for specific strings within the memory.