ghidraMCP provides a Model Context Protocol (MCP) server that integrates with Ghidra, enabling Large Language Models (LLMs) to autonomously reverse engineer applications. It exposes Ghidra's core functionalities, such as decompilation and analysis, to MCP clients, aiming to streamline the reverse engineering workflow for security researchers and developers.

How It Works

The project consists of a Ghidra plugin and a Python MCP server. The Ghidra plugin acts as an intermediary, exposing Ghidra's internal APIs to the MCP server. The Python script then bridges these Ghidra functionalities to the MCP protocol, allowing LLM-based clients to send commands for decompiling binaries, analyzing code, and renaming methods or data within Ghidra. This approach leverages Ghidra's robust analysis capabilities within an LLM-driven automation framework.

Quick Start & Requirements

• Installation: Download the release zip, install the Ghidra plugin via Ghidra's Extension Manager (File -> Install Extensions), and restart Ghidra.
• Prerequisites: Ghidra, Python 3, MCP SDK.
• Configuration: Optionally configure the server port in Ghidra (Edit -> Tool Options -> GhidraMCP HTTP Server).
• MCP Clients: Examples provided for Claude Desktop, Cline, and 5ire, requiring specific configuration to connect to the GhidraMCP server.
• Building from Source: Requires copying specific Ghidra JAR files into the project's lib/ directory and building with Maven (mvn clean package assembly:single).
• Documentation: Installation Guide video available.

Highlighted Details

• Enables LLMs to autonomously reverse engineer applications.
• Exposes Ghidra's decompilation and analysis tools via MCP.
• Supports automatic renaming of methods and data.
• Lists methods, classes, imports, and exports.
• Compatible with various MCP clients.

Maintenance & Community

No specific information on contributors, sponsorships, or community channels (Discord/Slack) is provided in the README.

Licensing & Compatibility

The README does not explicitly state a license. Compatibility for commercial use or closed-source linking is not specified.

Limitations & Caveats

The project appears to be in early stages, with installation requiring manual copying of Ghidra JARs for building from source. Absolute paths are required for client configurations, and the project does not specify a license, which may impact commercial adoption.