Autonomous reverse-engineering agent that automates RE workflows by combining a source-aware reverser/checker loop with Ghidra decompilation. It targets engineers and researchers needing to accelerate binary analysis by leveraging LLMs, retrieving project source context, and verifying generated code against binary structures. The agent aims to improve the accuracy and reliability of automated reverse engineering.

How It Works

re-agent automates reverse-engineering by orchestrating an LLM-driven reverser/checker loop integrated with Ghidra via ghidra-ai-bridge. It retrieves relevant project source code context during generation and employs a multi-stage verification process. This includes an objective verifier for structural sanity checks (call counts, control flow) and an 11-signal parity engine for heuristic verification before accepting generated code. This approach aims to improve accuracy by grounding LLM outputs in binary structure and available source code.

Quick Start & Requirements

• Primary install: pip install re-agent
• Prerequisites: Python 3.10+, ghidra-ai-bridge installed and configured with a Ghidra project, and an LLM setup (e.g., ANTHROPIC_API_KEY for Claude, OPENAI_API_KEY for OpenAI-compatible APIs, or local codex CLI login).
• Setup: Run re-agent init to generate re-agent.yaml, configure project settings, and then use commands like re-agent reverse --class CTrain.
• Links: Demo available on YouTube (link not provided). Configuration details in docs/configuration.md.

Highlighted Details

• 11-Signal Parity Engine: Verifies reversed code against the binary using configurable heuristics like "Missing source," "Stub markers," "FP sensitivity," and "Call count mismatch."
• Objective Verifier: A conservative structural check that flags significant call-count or control-flow discrepancies, preventing acceptance of obviously incorrect code.
• Source Context Retrieval: Dynamically fetches nearby project source code to provide relevant context to LLMs during the reversal process.
• Multi-LLM Support: Integrates with Claude, OpenAI-compatible APIs, and a local Codex CLI, offering flexibility in backend AI models.

Maintenance & Community

No specific details regarding maintainers, community channels (e.g., Discord, Slack), or roadmaps are provided in the README.

Licensing & Compatibility

• License: MIT.
• Compatibility: The MIT license permits commercial use and integration with closed-source projects.

Limitations & Caveats

The Ghidra backend relies on ghidra-ai-bridge and may exhibit "graceful degradation" in feature support. The Objective Verifier intentionally avoids full equivalence checking, focusing only on catching "obvious false positives" like missing branches or loops. LLM checkers can still produce plausible-looking code that misses subtle binary structures, requiring human oversight. The agent generates code but does not automatically commit or push changes, necessitating manual integration.