GhidraMCP
GhidraMCP is a Model Context Protocol server designed to enable autonomous reverse engineering of applications through large language models by leveraging Ghidra's decompiling capabilities. The project provides tools and instructions to integrate with various MCP clients, enhancing the reverse engineering process.
ghidraMCP
ghidraMCP is a Model Context Protocol server enabling LLMs to reverse engineer applications autonomously. It incorporates Ghidra functionality for decompiling and analyzing binaries, renaming methods and data, as well as listing various elements.
Features
- Decompile and analyze binaries in Ghidra
- Automatically rename methods and data
- List methods, classes, imports, and exports
Installation
Prerequisites
- Ghidra
- Python3
- MCP SDK
Ghidra Installation
- Download the latest release from the GitHub repository.
- Import the plugin into Ghidra by selecting 'File' -> 'Install Extensions'.
- Restart Ghidra and ensure the GhidraMCPPlugin is enabled.
MCP Clients
Examples include Claude Desktop, Cline, and 5ire, each requiring specific configurations for integration.
Building from Source
Copy necessary files from the Ghidra directory to the lib/ directory and build using Maven.