Ghidra MCP Server
Bridges Ghidra's reverse engineering capabilities with AI tools through 179 specialized tools for automated binary analysis and documentation. It supports full read/write access for function decompilation, renaming, and cross-binary documentation tra
What is Ghidra MCP Server?
Ghidra MCP Server is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to bridges ghidra's reverse engineering capabilities with ai tools through 179 specialized tools for automated binary analysis and documentation. it supports full read/write access for function decompila...
Bridges Ghidra's reverse engineering capabilities with AI tools through 179 specialized tools for automated binary analysis and documentation. It supports full read/write access for function decompilation, renaming, and cross-binary documentation tra
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- Bridges Ghidra's reverse engineering capabilities with AI to
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx ghidra-mcp-serverConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Ghidra MCP Server
Ghidra MCP Server bridges NSA's Ghidra reverse engineering platform to AI tools through 249 specialized MCP tools covering binary analysis, function decompilation, P-code emulation, live debugging, data structure management, symbol renaming, and cross-binary documentation transfer. It supports both GUI and headless Ghidra modes, exposes read/write access so AI can rename functions and create structs directly, and achieves a 93% reduction in API calls through batch operations. Security researchers, malware analysts, and CTF players use it to automate tedious reverse engineering workflows with natural-language-driven AI assistance.
Prerequisites
- Java 21 LTS (OpenJDK recommended) installed and on PATH
- Apache Maven 3.9+ for building the Ghidra extension
- Ghidra 12.1 installed (download from ghidra-sre.org)
- Python 3.10+ with pip for the bridge script and setup tooling
- An MCP client such as Claude Desktop or Claude Code
Install system prerequisites
Install Java 21, Maven, Python 3, and Ghidra for your platform. The setup tooling handles the rest automatically.
# macOS (Homebrew)
brew install openjdk@21 maven python ghidra
# Ubuntu/Debian
sudo apt update && sudo apt install -y openjdk-21-jdk maven python3 python3-pipClone the repository and run preflight checks
Clone the ghidra-mcp repository and run the setup preflight to verify all prerequisites are met. Replace the Ghidra path with your actual installation directory.
git clone https://github.com/bethington/ghidra-mcp.git
cd ghidra-mcp
# macOS
python -m tools.setup preflight --ghidra-path /opt/homebrew/opt/ghidra/libexec
# Linux
python -m tools.setup preflight --ghidra-path ~/ghidra_12.1_PUBLICBuild and deploy the Ghidra extension
Build the Java extension with Maven and deploy it into your Ghidra installation. The setup script handles the Maven build and copies artifacts to the right place.
python -m tools.setup ensure-prereqs --ghidra-path ~/ghidra_12.1_PUBLIC
python -m tools.setup build
python -m tools.setup deploy --ghidra-path ~/ghidra_12.1_PUBLICSet environment variables for security configuration
Configure optional security settings. Set an auth token for non-localhost deployments and optionally enable script execution or restrict filesystem access.
# Generate a secure auth token
export GHIDRA_MCP_AUTH_TOKEN=$(openssl rand -hex 32)
# Restrict filesystem access (optional)
export GHIDRA_MCP_FILE_ROOT=/srv/ghidra/inputs
# Enable script execution endpoints (disabled by default)
export GHIDRA_MCP_ALLOW_SCRIPTS=1Configure your MCP client
Add the Ghidra MCP bridge to your MCP client config. The bridge script runs as a stdio MCP server. Adjust the Python path and bridge script path to match your setup.
{
"mcpServers": {
"ghidra": {
"command": "python",
"args": ["/path/to/ghidra-mcp/bridge_mcp_ghidra.py", "--transport", "stdio"]
}
}
}Open a binary in Ghidra and start analysis
Launch Ghidra, open or create a project, load a binary (EXE, ELF, APK, etc.), and run auto-analysis. With the extension active, the MCP bridge can now communicate with the running Ghidra instance. Verify connection with a quick HTTP check.
curl http://127.0.0.1:8089/check_connectionGhidra MCP Server Examples
Client configuration
Claude Desktop configuration for Ghidra MCP Server using stdio transport. The bridge_mcp_ghidra.py script must be the full absolute path.
{
"mcpServers": {
"ghidra": {
"command": "python",
"args": [
"/home/user/ghidra-mcp/bridge_mcp_ghidra.py",
"--transport", "stdio",
"--lazy", "off",
"--default-groups", "listing,function,program"
],
"env": {
"GHIDRA_MCP_AUTH_TOKEN": "your-token-here"
}
}
}
}Prompts to try
With Ghidra open and a binary loaded, use these prompts to leverage the 249 MCP tools for AI-assisted reverse engineering.
- "List the first 20 functions in the current binary and identify which ones look like initialization routines."
- "Decompile the function at address 0x401000 and explain what it does."
- "Search for all strings in the binary that look like URLs or API endpoints."
- "Rename all functions with generic names like FUN_ based on their behavior and document them."
- "Find all cross-references to the 'send' function and summarize what data is being transmitted."
- "Identify any anti-analysis or anti-debugging techniques in this binary."Troubleshooting Ghidra MCP Server
Build fails with Maven errors or Java version mismatch
Ensure Java 21 is the active JDK: run 'java -version' and 'mvn -version'. On macOS with Homebrew, run 'export JAVA_HOME=$(/usr/libexec/java_home -v 21)' before building. On Linux, use 'update-alternatives --config java' to select Java 21.
check_connection returns connection refused on port 8089
The Ghidra extension must be running inside a live Ghidra instance. Ensure you opened Ghidra, loaded a project and binary, and the MCP extension shows as active in Ghidra's plugin list. The extension starts the HTTP bridge on port 8089 only when Ghidra is running.
GHIDRA_MCP_ALLOW_SCRIPTS is not set and script tools return 403
Script execution endpoints are disabled by default for security. Set 'export GHIDRA_MCP_ALLOW_SCRIPTS=1' in the environment before starting the bridge, or add it to the env section of your MCP client config.
Frequently Asked Questions about Ghidra MCP Server
What is Ghidra MCP Server?
Ghidra MCP Server is a Model Context Protocol (MCP) server that bridges ghidra's reverse engineering capabilities with ai tools through 179 specialized tools for automated binary analysis and documentation. it supports full read/write access for function decompilation, renaming, and cross-binary documentation tra It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Ghidra MCP Server?
Follow the installation instructions on the Ghidra MCP Server GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Ghidra MCP Server?
Ghidra MCP Server works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Ghidra MCP Server free to use?
Yes, Ghidra MCP Server is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.
Ghidra MCP Server Alternatives — Similar Security Servers
Looking for alternatives to Ghidra MCP Server? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
★ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
★ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
★ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
★ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
★ 6.6k754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
★ 5.1k🔥🔥 hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Ghidra MCP Server in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Ghidra MCP Server?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.