Reverse Engineering Assistant

v1.0.0โ€ขSecurityโ€ขstable

MCP server for reverse engineering tasks in Ghidra ๐Ÿ‘ฉโ€๐Ÿ’ป

assistantbinaryninjaghidrallmmcp
Share:
734
Stars
0
Downloads
0
Weekly
0/5

What is Reverse Engineering Assistant?

Reverse Engineering Assistant is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp server for reverse engineering tasks in ghidra ๐Ÿ‘ฉโ€๐Ÿ’ป

MCP server for reverse engineering tasks in Ghidra ๐Ÿ‘ฉโ€๐Ÿ’ป

This server falls under the Security category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • MCP server for reverse engineering tasks in Ghidra ๐Ÿ‘ฉโ€๐Ÿ’ป

Use Cases

Binary analysis with Ghidra integration
Decompilation assistance
Security research automation
cyberkaida

Maintainer

LicenseApache-2.0
Languagejava
Versionv1.0.0
UpdatedMay 22, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx reverse-engineering-assistant

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Reverse Engineering Assistant

Reverse Engineering Assistant (ReVa) is an MCP server that bridges Ghidra โ€” the NSA's open-source binary analysis tool โ€” with AI clients such as Claude, enabling natural-language decompilation, variable renaming, cross-reference analysis, and CTF challenge solving. It installs as a Ghidra extension and exposes the active project's disassembly and decompiled pseudocode to any connected MCP client over HTTP on port 8080, with multiple simultaneous client support. Security researchers and CTF players use it to dramatically accelerate binary analysis by asking Claude to explain code, rename variables, detect algorithms, and generate exploit scripts.

Prerequisites

  • Ghidra 12.0 or later installed (set GHIDRA_INSTALL_DIR environment variable)
  • Java 21 or later (required by Ghidra)
  • Python 3.10+ and uv package manager for the MCP server component
  • An MCP-compatible client such as Claude Desktop or Claude Code
  • A binary/executable opened in a Ghidra project before connecting
1

Set the Ghidra installation path

Export the GHIDRA_INSTALL_DIR environment variable pointing to your Ghidra installation. This is required for both building and running the extension.

export GHIDRA_INSTALL_DIR=/path/to/ghidra_12.0
2

Install the ReVa MCP server

Install the reverse-engineering-assistant Python package using uv, which provides the mcp-reva command for running the MCP server.

uv tool install reverse-engineering-assistant
3

Build and install the Ghidra extension

Build the Ghidra plugin from the source repository using Gradle, then install it via the Ghidra extension manager. Alternatively, download a pre-built release from the releases page.

git clone https://github.com/cyberkaida/reverse-engineering-assistant.git
cd reverse-engineering-assistant
export GHIDRA_INSTALL_DIR=/path/to/ghidra
gradle install
4

Open a binary in Ghidra and start the server

Launch Ghidra, open a project, and load the binary you want to analyze. Then start the ReVa plugin from the Ghidra plugin menu โ€” it begins listening on port 8080.

5

Add ReVa to Claude Code

Register the ReVa MCP server with Claude Code using the HTTP transport pointing to the Ghidra plugin's endpoint.

claude mcp add --scope user --transport http ReVa -- http://localhost:8080/mcp/message
6

Grant permissions in Claude Code

Run /permissions in Claude Code to add an allow rule for mcp__ReVa, enabling Claude to call all ReVa tools without confirmation prompts during analysis sessions.

Reverse Engineering Assistant Examples

Client configuration

Configure Claude Desktop to connect to the ReVa MCP server running inside Ghidra via HTTP transport.

{
  "mcpServers": {
    "ReVa": {
      "type": "http",
      "url": "http://localhost:8080/mcp/message"
    }
  }
}

Prompts to try

Example prompts for reverse engineering binary analysis tasks using ReVa and Ghidra.

- "Start from the main entry point, rename variables to meaningful names, and explain what this program does"
- "Identify any cryptographic algorithms used in the functions near address 0x401000"
- "Find all cross-references to the 'strcmp' function and explain what strings are being compared"
- "Generate a pwntools exploit script for the buffer overflow vulnerability in sub_402ABC"
- "Compare this binary to the previous version and explain what changed between them"

Troubleshooting Reverse Engineering Assistant

mcp-reva command not found after installation

Ensure uv's tool bin directory is in your PATH. Run 'uv tool dir' to find the location and add it to your shell profile. Alternatively, run directly with 'uvx reverse-engineering-assistant'.

Claude cannot connect to ReVa at localhost:8080

Verify Ghidra is running with the ReVa plugin enabled and a project is open. The server only starts after a project loads. Check the Ghidra console for error messages. Also confirm no firewall is blocking local port 8080.

Ghidra extension fails to build with Gradle

Confirm GHIDRA_INSTALL_DIR points to the Ghidra installation root (the directory containing 'support', 'Ghidra', and 'ghidraRun'). Ensure Ghidra 12.0+ is used โ€” older versions have API differences that break the extension build.

Frequently Asked Questions about Reverse Engineering Assistant

What is Reverse Engineering Assistant?

Reverse Engineering Assistant is a Model Context Protocol (MCP) server that mcp server for reverse engineering tasks in ghidra ๐Ÿ‘ฉโ€๐Ÿ’ป It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Reverse Engineering Assistant?

Follow the installation instructions on the Reverse Engineering Assistant GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Reverse Engineering Assistant?

Reverse Engineering Assistant works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Reverse Engineering Assistant free to use?

Yes, Reverse Engineering Assistant is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Reverse Engineering Assistant Alternatives โ€” Similar Security Servers

Looking for alternatives to Reverse Engineering Assistant? Here are other popular security servers you can use with Claude, Cursor, and VS Code.

Casdoor

โ˜… 13.6k

An open-source Agent-first Identity and Access Management (IAM) /LLM MCP & agent gateway and auth server with web UI supporting OpenClaw, MCP, OAuth, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, Google Workspace, Azure AD

ghidraMCP

โ˜… 9.0k

An Model Context Protocol server that enables LLMs to autonomously reverse engineer applications by exposing Ghidra's decompilation and analysis tools. It allows AI agents to list code structures, rename methods, and analyze binaries directly through

HexStrike AI

โ˜… 8.9k

HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly b

IDA Pro MCP

โ˜… 8.7k

Enables AI-assisted reverse engineering in IDA Pro by providing tools to analyze binaries, decompile functions, manage comments, search patterns, and interact with the IDA database through natural language.

Anthropic Cybersecurity Skills

โ˜… 6.6k

754 structured cybersecurity skills for AI agents ยท Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF ยท agentskills.io standard ยท Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platform

Hooker

โ˜… 5.1k

๐Ÿ”ฅ๐Ÿ”ฅ hooker is a Frida-based reverse engineering toolkit for Android. It offers a user-friendly CLI, universal scripts, auto hook generation, memory roaming to detect activities/services, one-click SOCKS5 proxy setup, Frida JustTrustMe, and BoringSSL u

Browse More Security MCP Servers

Explore all security servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "reverse-engineering-assistant": { "command": "npx", "args": ["-y", "reverse-engineering-assistant"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide โ†’

Ready to use Reverse Engineering Assistant?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides