Reverse Engineering Assistant
MCP server for reverse engineering tasks in Ghidra ๐ฉโ๐ป
What is Reverse Engineering Assistant?
Reverse Engineering Assistant is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp server for reverse engineering tasks in ghidra ๐ฉโ๐ป
MCP server for reverse engineering tasks in Ghidra ๐ฉโ๐ป
This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.
Features
- MCP server for reverse engineering tasks in Ghidra ๐ฉโ๐ป
Use Cases
Maintainer
Works with
Installation
Manual Installation
npx reverse-engineering-assistantConfiguration
Configuration Details
claude_desktop_config.json
Performance
Response Metrics
Resource Usage
How to Set Up and Use Reverse Engineering Assistant
Reverse Engineering Assistant (ReVa) is an MCP server that bridges Ghidra โ the NSA's open-source binary analysis tool โ with AI clients such as Claude, enabling natural-language decompilation, variable renaming, cross-reference analysis, and CTF challenge solving. It installs as a Ghidra extension and exposes the active project's disassembly and decompiled pseudocode to any connected MCP client over HTTP on port 8080, with multiple simultaneous client support. Security researchers and CTF players use it to dramatically accelerate binary analysis by asking Claude to explain code, rename variables, detect algorithms, and generate exploit scripts.
Prerequisites
- Ghidra 12.0 or later installed (set GHIDRA_INSTALL_DIR environment variable)
- Java 21 or later (required by Ghidra)
- Python 3.10+ and uv package manager for the MCP server component
- An MCP-compatible client such as Claude Desktop or Claude Code
- A binary/executable opened in a Ghidra project before connecting
Set the Ghidra installation path
Export the GHIDRA_INSTALL_DIR environment variable pointing to your Ghidra installation. This is required for both building and running the extension.
export GHIDRA_INSTALL_DIR=/path/to/ghidra_12.0Install the ReVa MCP server
Install the reverse-engineering-assistant Python package using uv, which provides the mcp-reva command for running the MCP server.
uv tool install reverse-engineering-assistantBuild and install the Ghidra extension
Build the Ghidra plugin from the source repository using Gradle, then install it via the Ghidra extension manager. Alternatively, download a pre-built release from the releases page.
git clone https://github.com/cyberkaida/reverse-engineering-assistant.git
cd reverse-engineering-assistant
export GHIDRA_INSTALL_DIR=/path/to/ghidra
gradle installOpen a binary in Ghidra and start the server
Launch Ghidra, open a project, and load the binary you want to analyze. Then start the ReVa plugin from the Ghidra plugin menu โ it begins listening on port 8080.
Add ReVa to Claude Code
Register the ReVa MCP server with Claude Code using the HTTP transport pointing to the Ghidra plugin's endpoint.
claude mcp add --scope user --transport http ReVa -- http://localhost:8080/mcp/messageGrant permissions in Claude Code
Run /permissions in Claude Code to add an allow rule for mcp__ReVa, enabling Claude to call all ReVa tools without confirmation prompts during analysis sessions.
Reverse Engineering Assistant Examples
Client configuration
Configure Claude Desktop to connect to the ReVa MCP server running inside Ghidra via HTTP transport.
{
"mcpServers": {
"ReVa": {
"type": "http",
"url": "http://localhost:8080/mcp/message"
}
}
}Prompts to try
Example prompts for reverse engineering binary analysis tasks using ReVa and Ghidra.
- "Start from the main entry point, rename variables to meaningful names, and explain what this program does"
- "Identify any cryptographic algorithms used in the functions near address 0x401000"
- "Find all cross-references to the 'strcmp' function and explain what strings are being compared"
- "Generate a pwntools exploit script for the buffer overflow vulnerability in sub_402ABC"
- "Compare this binary to the previous version and explain what changed between them"Troubleshooting Reverse Engineering Assistant
mcp-reva command not found after installation
Ensure uv's tool bin directory is in your PATH. Run 'uv tool dir' to find the location and add it to your shell profile. Alternatively, run directly with 'uvx reverse-engineering-assistant'.
Claude cannot connect to ReVa at localhost:8080
Verify Ghidra is running with the ReVa plugin enabled and a project is open. The server only starts after a project loads. Check the Ghidra console for error messages. Also confirm no firewall is blocking local port 8080.
Ghidra extension fails to build with Gradle
Confirm GHIDRA_INSTALL_DIR points to the Ghidra installation root (the directory containing 'support', 'Ghidra', and 'ghidraRun'). Ensure Ghidra 12.0+ is used โ older versions have API differences that break the extension build.
Frequently Asked Questions about Reverse Engineering Assistant
What is Reverse Engineering Assistant?
Reverse Engineering Assistant is a Model Context Protocol (MCP) server that mcp server for reverse engineering tasks in ghidra ๐ฉโ๐ป It connects AI assistants to external tools and data sources through a standardized interface.
How do I install Reverse Engineering Assistant?
Follow the installation instructions on the Reverse Engineering Assistant GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.
Which AI clients work with Reverse Engineering Assistant?
Reverse Engineering Assistant works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.
Is Reverse Engineering Assistant free to use?
Yes, Reverse Engineering Assistant is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.
Reverse Engineering Assistant Alternatives โ Similar Security Servers
Looking for alternatives to Reverse Engineering Assistant? Here are other popular security servers you can use with Claude, Cursor, and VS Code.
Casdoor
โ 13.6kAn open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD
ghidraMCP
โ 9.0kAn Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through
HexStrike AI
โ 8.9kHexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b
IDA Pro MCP
โ 8.7kEnables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.
Anthropic Cybersecurity Skills
โ 6.6k754 structured cybersecurity skills for AI agents ยท Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF ยท agentskills.io standard ยท Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform
Hooker
โ 5.1k๐ฅ๐ฅ hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u
Browse More Security MCP Servers
Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.
Set Up Reverse Engineering Assistant in Your Editor
Choose your AI client for step-by-step setup instructions.
Quick Config Preview
Add this to your claude_desktop_config.json or .cursor/mcp.json
Ready to use Reverse Engineering Assistant?
Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.