MCP HubMCP Hub
LaurieWired

GhidraMCP

by: LaurieWired

MCP Server for Ghidra

1050created 23/03/2025
Visit
Ghidra

📌Overview

Purpose: To enable large language models (LLMs) to autonomously reverse engineer applications using a Model Context Protocol (MCP) server integrated with Ghidra.

Overview: ghidraMCP serves as a bridge between Ghidra, a powerful open-source software reverse engineering tool, and MCP clients, providing access to core Ghidra functionalities for binary analysis through an intuitive server-client model.

Key Features:

  • Decompilation and Analysis: Facilitates the decompilation and detailed analysis of binaries within Ghidra, enhancing the reverse engineering process.

  • Automatic Renaming: Automatically renames methods and data, improving code readability and organization for easier comprehension when analyzing.

  • Data Listing: Offers capabilities to list methods, classes, imports, and exports, allowing users to efficiently navigate through the codebase.

ghidraMCP

ghidraMCP is a Model Context Protocol (MCP) server for allowing Large Language Models (LLMs) to autonomously reverse engineer applications. It exposes numerous tools from core Ghidra functionality to MCP clients.

Features

  • MCP Server + Ghidra Plugin
  • Decompile and analyze binaries in Ghidra
  • Automatically rename methods and data
  • List methods, classes, imports, and exports

Installation

Prerequisites

  • Mac / Windows
  • Install Ghidra
  • Python3

Ghidra

  1. Download the latest release from the repository. This contains the Ghidra plugin and Python MCP client.
  2. Run Ghidra.
  3. Select File -> Install Extensions.
  4. Click the + button.
  5. Select the GhidraMCP-1-0.zip (or your chosen version) from the downloaded release.
  6. Restart Ghidra.
  7. Ensure the GhidraMCPPlugin is enabled in File -> Configure -> Developer.

MCP Clients

Theoretically, any MCP client should work with ghidraMCP. Below are configurations for two examples:

Example 1: Claude Desktop

To set up Claude Desktop as a Ghidra MCP client:

  1. Navigate to Claude -> Settings -> Developer -> Edit Config -> claude_desktop_config.json and add the following:
{
  "mcpServers": {
    "ghidra": {
      "command": "python",
      "args": [
        "/ABSOLUTE_PATH_TO/bridge_mcp_ghidra.py"
      ]
    }
  }
}

Alternatively, you can edit this file directly:

/Users/YOUR_USER/Library/Application Support/Claude/claude_desktop_config.json

Example 2: 5ire

To set up GhidraMCP with 5ire:

  1. Open 5ire and navigate to Tools -> New.
  2. Set the following configurations:
    • Tool Key: ghidra
    • Name: GhidraMCP
    • Command: python /ABSOLUTE_PATH_TO/bridge_mcp_ghidra.py

Building from Source

Build with Maven by running:

mvn clean package assembly:single

The generated zip file includes the built Ghidra plugin and its resources, which are required for Ghidra to recognize the new extension:

  • lib/GhidraMCP.jar
  • extensions.properties
  • Module.manifest