GhidraMCP
by HK47196
Overview
GhidraMCP is a Model Context Protocol server that allows LLMs to autonomously reverse engineer applications by exposing numerous core Ghidra functionalities to MCP clients.
Installation
No command providedSecurity Notes
CRITICAL: The server starts an embedded HTTP server (default port 8080) without any visible authentication or authorization mechanisms. This exposes powerful Ghidra functionalities (modifying binaries, setting comments, manipulating structures, querying BSim databases, and arbitrary file imports) to any entity that can reach its IP:PORT. An attacker or compromised LLM client could load and analyze malicious binaries, modify loaded programs, or exfiltrate sensitive program data without user consent. The `importBinary` endpoint allows loading arbitrary files from the filesystem. The `bsim/select_database` endpoint allows connecting to arbitrary BSim databases. While no direct `eval` is present, the exposed APIs have significant side effects and should be heavily protected.
Similar Servers
ida-pro-mcp
An AI-powered reverse engineering assistant that integrates IDA Pro with Model Context Protocol clients for enhanced analysis.
GhidrAssistMCP
Enables AI assistants and other tools to interact with Ghidra's reverse engineering capabilities through a standardized Model Context Protocol (MCP) API.
jadx-mcp-server
A fully automated Model Context Protocol (MCP) server that acts as a bridge for LLMs (like Claude) to interact with a JADX-AI-MCP plugin for Android APK reverse engineering, vulnerability analysis, and manifest parsing.
tmcp
Build Model Context Protocol (MCP) servers for AI agents, providing schema-agnostic tools, resources, and prompts, with optional OAuth 2.1 authentication and distributed session management.