GhidraMCP is an innovative Model Context Protocol (MCP) server designed as a plugin for Ghidra, the open-source reverse engineering framework. Its primary purpose is to empower Large Language Models (LLMs) with the capability to autonomously reverse engineer applications by exposing core Ghidra functionalities to MCP clients.
This tool streamlines tasks such as decompiling and analyzing binaries, automatically renaming methods and data, and comprehensively listing methods, classes, imports, and exports within Ghidra. This integration significantly enhances the automation of reverse engineering workflows.
Installation requires Ghidra, Python 3, and the MCP SDK. Users simply import the GhidraMCP plugin into Ghidra and ensure it’s enabled, with an option to configure the port. The project offers detailed setup examples for various MCP clients like Claude Desktop, Cline, and 5ire, demonstrating its versatility. Developers can also build GhidraMCP from source using Maven after configuring necessary Ghidra JAR files. Licensed under Apache-2.0, GhidraMCP has gained substantial community traction, evident from its high number of stars and forks.