ghidraMCP is an Model Context Protocol server for allowing LLMs to autonomously reverse engineer applications. It exposes numerous tools from core Ghidra functionality to MCP clients.
ghidraMCP_demo.mp4
MCP Server + Ghidra Plugin
- Decompile and analyze binaries in Ghidra
- Automatically rename methods and data
- List methods, classes, imports, and exports
- Mac / Windows
- Install Ghidra
- Python3
First, download the latest release from this repository. This contains the Ghidra plugin and Python MCP client. Then, you can directly import the plugin into Ghidra.
- Run Ghidra
- Select
File->Install Extensions - Click the
+button - Select the
GhidraMCP-1-0.zip(or your chosen version) from the downloaded release - Restart Ghidra
- Make sure the GhidraMCPPlugin is enabled in
File->Configure->Developer
Video Installation Guide:
ghidra_MCP_Install.mp4
Theoretically, any MCP client should work with ghidraMCP. Two examples are given below.
To set up Claude Desktop as a Ghidra MCP client, go to Claude -> Settings -> Developer -> Edit Config -> claude_desktop_config.json and add the following:
{
"mcpServers": {
"ghidra": {
"command": "python",
"args": [
"/ABSOLUTE_PATH_TO/bridge_mcp_ghidra.py"
]
}
}
}Alternatively, edit this file directly:
/Users/YOUR_USER/Library/Application Support/Claude/claude_desktop_config.json
Another MCP client that supports multiple models on the backend is 5ire. To set up GhidraMCP, open 5ire and go to Tools -> New and set the following configurations:
- Tool Key: ghidra
- Name: GhidraMCP
- Command:
python /ABSOLUTE_PATH_TO/bridge_mcp_ghidra.py
Build with Maven by running:
mvn clean package assembly:single
The generated zip file includes the built Ghidra plugin and its resources. These files are required for Ghidra to recognize the new extension.
- lib/GhidraMCP.jar
- extensions.properties
- Module.manifest