ghidra_MCP_logo

ghidraMCP

ghidraMCP is an Model Context Protocol server for allowing LLMs to autonomously reverse engineer applications. It exposes numerous tools from core Ghidra functionality to MCP clients.

https://github.com/user-attachments/assets/36080514-f227-44bd-af84-78e29ee1d7f9

Features

MCP Server + Ghidra Plugin

Decompile and analyze binaries in Ghidra
Automatically rename methods and data
List methods, classes, imports, and exports

Installation

Prerequisites

Install Ghidra
Python3
MCP SDK

Ghidra

First, download the latest release from this repository. This contains the Ghidra plugin and Python MCP client. Then, you can directly import the plugin into Ghidra.

Run Ghidra
Select File -> Install Extensions
Click the + button
Select the GhidraMCP-1-0.zip (or your chosen version) from the downloaded release
Restart Ghidra
Make sure the GhidraMCPPlugin is enabled in File -> Configure -> Developer

Video Installation Guide:

https://github.com/user-attachments/assets/75f0c176-6da1-48dc-ad96-c182eb4648c3

MCP Clients

Theoretically, any MCP client should work with ghidraMCP. Two examples are given below.

Example 1: Claude Desktop

To set up Claude Desktop as a Ghidra MCP client, go to Claude -> Settings -> Developer -> Edit Config -> claude_desktop_config.json and add the following:

{
  "mcpServers": {
    "ghidra": {
      "command": "python",
      "args": [
        "/ABSOLUTE_PATH_TO/bridge_mcp_ghidra.py"
      ]
    }
  }
}

Alternatively, edit this file directly:

/Users/YOUR_USER/Library/Application Support/Claude/claude_desktop_config.json

Example 2: 5ire

Another MCP client that supports multiple models on the backend is 5ire. To set up GhidraMCP, open 5ire and go to Tools -> New and set the following configurations:

Tool Key: ghidra
Name: GhidraMCP
Command: python /ABSOLUTE_PATH_TO/bridge_mcp_ghidra.py