/ الدليل / الملعب / ida-pro-mcp
← كل الخوادم ↗ GitHub
● مجتمع mrexodia ⚡ فوري

ida-pro-mcp

بواسطة mrexodia · mrexodia/ida-pro-mcp

Bridge IDA Pro with AI for automated binary analysis — decompile, rename, patch, debug, and search across your IDB.

ida-pro-mcp connects IDA Pro (8.3+) to AI assistants via MCP, exposing tools for decompilation, disassembly, symbol navigation, cross-references, patching, type management, and full debugger control. Supports 20+ MCP clients including Claude, VS Code, Cursor, and Windsurf. Features automated installation, headless analysis via SSE transport, and batch operations.

▶ شاهد العرض 📦 التثبيت 💡 حالات الاستخدام

لماذا تستخدمه

الميزات الأساسية

عرض مباشر

كيف يبدو في الممارسة

ida-pro-mcp.replay ▶ جاهز
0/0

التثبيت

اختر العميل

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "ida-pro-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  }
}

افتح Claude Desktop → Settings → Developer → Edit Config. أعد التشغيل بعد الحفظ.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "ida-pro-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  }
}

يستخدم Cursor نفس مخطط mcpServers مثل Claude Desktop. إعدادات المشروع أولى من الإعدادات العامة.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "ida-pro-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  }
}

انقر على أيقونة MCP Servers في شريط Cline الجانبي، ثم "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "ida-pro-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  }
}

نفس الصيغة مثل Claude Desktop. أعد تشغيل Windsurf لتطبيق التغييرات.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "ida-pro-mcp",
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  ]
}

يستخدم Continue مصفوفة من كائنات الخادم بدلاً من خريطة.

~/.config/zed/settings.json
{
  "context_servers": {
    "ida-pro-mcp": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/mrexodia/ida-pro-mcp"
        ]
      }
    }
  }
}

أضف إلى context_servers. يعيد Zed التحميل تلقائيًا عند الحفظ.

claude mcp add ida-pro-mcp -- TODO 'See README: https://github.com/mrexodia/ida-pro-mcp'

أمر من سطر واحد. تحقق باستخدام claude mcp list. احذف باستخدام claude mcp remove.

حالات الاستخدام

استخدامات عملية: ida-pro-mcp

How to reverse engineer a binary with AI assistance in IDA Pro

👤 Reverse engineers and security researchers analyzing binaries they own or have authorization to test ⏱ ~60 min advanced

متى تستخدمه: You have a binary loaded in IDA Pro and want AI to help understand and annotate it.

المتطلبات الأساسية
  • IDA Pro 8.3+ (not IDA Free) — Commercial license from Hex-Rays
  • ida-pro-mcp installed — pip install <repo-url> && ida-pro-mcp --install
الخطوات
  1. Get an overview
    List all functions in this binary. Which ones look like they handle network communication based on their names and imports?✓ تم النسخ
    → Categorized function list with network-related functions highlighted
  2. Decompile key functions
    Decompile the main network handler function. Explain the protocol it implements and rename variables to be descriptive.✓ تم النسخ
    → Decompiled C code with renamed variables and protocol analysis
  3. Trace data flow
    Find all cross-references to the encryption key buffer. Who reads it and who writes it?✓ تم النسخ
    → Xref chain showing data flow from key generation to encryption calls

النتيجة: A well-annotated IDB with key functions understood, renamed, and documented.

المزالق
  • Decompilation can be slow on large functions — Start with smaller callees and work up. Use disasm() for quick overviews.
اجمعها مع: filesystem

Solve a CTF reverse engineering challenge using IDA Pro and AI

👤 CTF participants working on binary reversing challenges ⏱ ~45 min intermediate

متى تستخدمه: You have a CTF binary that needs static and/or dynamic analysis to find the flag.

المتطلبات الأساسية
  • IDA Pro with ida-pro-mcp — Install and connect
الخطوات
  1. Find the validation logic
    Search for strings containing 'flag', 'correct', 'wrong'. Decompile the functions that reference them.✓ تم النسخ
    → Validation function with flag-checking logic
  2. Debug to extract the flag
    Set a breakpoint at the comparison. Run the binary with input 'AAAA' and show me what it compares against.✓ تم النسخ
    → Expected flag value visible in registers or memory

النتيجة: Flag extracted through combined static and dynamic analysis.

المزالق
  • Anti-debug tricks prevent breakpoint hits — Use find_insns to locate anti-debug checks and patch them with patch_asm

التركيبات

اجمعها مع خوادم MCP أخرى لتحقيق نتائج x10

ida-pro-mcp + filesystem

Export decompiled code and analysis notes to files

Decompile all functions related to the crypto module and save the annotated code to ~/analysis/crypto.c.✓ تم النسخ

الأدوات

ما يوفره هذا الـ MCP

الأداةالمدخلاتمتى تستدعيهاالتكلفة
decompile address_or_name: str Decompile a function to C pseudocode 0
disasm address: str, count?: int Disassemble instructions at an address 0
rename old_name: str, new_name: str Rename a function or variable 0
xrefs_to address: str Find all cross-references to an address 0
find_bytes pattern: str Search for a byte pattern in the binary 0
patch_asm address: str, asm: str Patch assembly instructions at an address 0
dbg_run none Start the debugger 0
set_comments address: str, comment: str Add a comment at an address 0

التكلفة والحدود

تكلفة التشغيل

حصة API
N/A — local IDA Pro instance
الرموز لكل استدعاء
200–3000 tokens (decompilation output can be large)
التكلفة المالية
Requires IDA Pro commercial license ($). The MCP plugin itself is free.
نصيحة
Use list_funcs to identify targets before decompiling to avoid decompiling every function.

الأمان

الصلاحيات والأسرار ونطاق الأثر

تخزين بيانات الاعتماد: N/A — local tool
نقل البيانات الخارجي: All analysis is local. No network calls from the MCP server.

استكشاف الأخطاء

الأخطاء الشائعة وحلولها

ida-pro-mcp --install fails

Ensure Python 3.11+ and IDA Pro 8.3+ are installed. The installer needs to find IDA's plugin directory.

تحقق: python3 --version && which idat
Decompilation fails

Not all functions decompile cleanly (obfuscation, hand-written assembly). Try disasm() as a fallback.

تحقق: Try decompiling a simpler function first
Debugger won't start

Ensure IDA's debugger is configured for the target platform (local, remote, etc.). Check that the binary is not already running.

تحقق: Check IDA's debugger settings

البدائل

ida-pro-mcp مقابل البدائل

البديلمتى تستخدمهاالمقايضة
GhidrAssistMCPYou prefer free Ghidra over commercial IDA ProGhidra is free but IDA Pro generally has faster analysis and wider format support
reverse-engineering-assistantYou want a Ghidra MCP with a tool-driven approach optimized for LLMsFewer tools but better context management for AI interaction

المزيد

الموارد

📖 اقرأ ملف README الرسمي على GitHub

🐙 تصفح القضايا المفتوحة

🔍 تصفح أكثر من 400 خادم MCP و Skills