Reversecore_MCP
Verified Safeby sjkim1127
Overview
The Reversecore_MCP server provides a Micro-Capability Platform (MCP) enabling AI agents to perform comprehensive binary analysis, malware detection, vulnerability research, and security report generation using integrated tools like Radare2, Ghidra, LIEF, and YARA.
Installation
./scripts/run-docker.shEnvironment Variables
- MCP_TRANSPORT
- LOG_LEVEL
- REPORT_SMTP_SERVER
- REPORT_SMTP_PORT
- REPORT_SMTP_USERNAME
- REPORT_SMTP_PASSWORD
- REPORT_SMTP_USE_TLS
- REPORT_SENDER_NAME
- REPORT_QUICK_CONTACTS
- REVERSECORE_WORKSPACE
- LIEF_MAX_FILE_SIZE
- DEFAULT_TOOL_TIMEOUT
- R2_POOL_SIZE
- R2_POOL_TIMEOUT
- GHIDRA_MAX_PROJECTS
Security Notes
The server's core security model relies heavily on strict input validation, path sanitization, and allowlisting for external tool commands (e.g., Radare2). Dangerous commands and shell metacharacters are explicitly blocked, significantly mitigating command injection and path traversal risks. Ghidra interactions are managed through an internal service, reducing direct shell exposure. Email credentials for reporting are handled via environment variables, which is good practice. The extensive use of subprocesses remains a potential attack surface if any validation logic were to fail, but the current implementation shows robust defenses.
Similar Servers
mcp-server-code-execution-mode
This server enables LLM agents to execute Python code in a highly secure, isolated container environment, facilitating complex multi-tool orchestration and data analysis with minimal LLM context token usage.
TriageMCP
Enables an LLM to perform static analysis and triage of PE files using local security tools.
mcp-servers
An MCP server for fetching, cleaning, and intelligently extracting content from web pages, designed for agent-building frameworks.
MalwareBazaar_MCP
An AI-driven MCP server interfacing with Malware Bazaar for real-time threat intelligence and sample metadata, supporting cybersecurity research workflows.