/ الدليل / الملعب / reverse-engineering-assistant
← كل الخوادم ↗ GitHub
● مجتمع cyberkaida ⚡ فوري

reverse-engineering-assistant

بواسطة cyberkaida · cyberkaida/reverse-engineering-assistant

Ghidra MCP server designed for LLMs — small, focused tools that reduce hallucinations in binary analysis sessions.

ReVa (Reverse Engineering Assistant) is a Ghidra 12.0+ extension implementing an MCP server with a tool-driven approach designed for effective LLM interaction. It uses small, focused tools (decompilation, renaming, type fixing, xrefs, string analysis) to limit context degradation during extended sessions. Supports interactive mode (with Ghidra UI) and headless automation, and includes Claude Code plugins for binary triage, crypto analysis, and CTF guides.

▶ شاهد العرض 📦 التثبيت 💡 حالات الاستخدام

لماذا تستخدمه

الميزات الأساسية

عرض مباشر

كيف يبدو في الممارسة

reverse-engineering-assistant.replay ▶ جاهز
0/0

التثبيت

اختر العميل

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

افتح Claude Desktop → Settings → Developer → Edit Config. أعد التشغيل بعد الحفظ.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

يستخدم Cursor نفس مخطط mcpServers مثل Claude Desktop. إعدادات المشروع أولى من الإعدادات العامة.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

انقر على أيقونة MCP Servers في شريط Cline الجانبي، ثم "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

نفس الصيغة مثل Claude Desktop. أعد تشغيل Windsurf لتطبيق التغييرات.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "reverse-engineering-assistant",
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  ]
}

يستخدم Continue مصفوفة من كائنات الخادم بدلاً من خريطة.

~/.config/zed/settings.json
{
  "context_servers": {
    "reverse-engineering-assistant": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
        ]
      }
    }
  }
}

أضف إلى context_servers. يعيد Zed التحميل تلقائيًا عند الحفظ.

claude mcp add reverse-engineering-assistant -- TODO 'See README: https://github.com/cyberkaida/reverse-engineering-assistant'

أمر من سطر واحد. تحقق باستخدام claude mcp list. احذف باستخدام claude mcp remove.

حالات الاستخدام

استخدامات عملية: reverse-engineering-assistant

How to triage an unknown binary with ReVa in Ghidra

👤 Security researchers performing initial binary assessment ⏱ ~30 min intermediate

متى تستخدمه: You have a binary to quickly assess before committing to deep analysis.

المتطلبات الأساسية
  • Ghidra 12.0+ with ReVa installed — Download release, install via Ghidra extension manager
  • MCP client configured — Claude Code or VSCode connected to ReVa's MCP endpoint
الخطوات
  1. Initial triage
    Load this binary and give me a quick triage: what platform, what language, key functions, interesting strings, and imported libraries.✓ تم النسخ
    → Concise triage report with platform, language hints, notable functions and strings
  2. Focus on suspicious functions
    Decompile the functions that reference network or crypto strings. What are they doing?✓ تم النسخ
    → Decompiled code with focused analysis

النتيجة: A quick assessment of the binary's purpose and suspicious functionality.

المزالق
  • Asking too broad questions causes context degradation — ReVa's small tools are designed for focused queries — ask specific questions about specific functions
اجمعها مع: filesystem

Use ReVa's CTF plugin for guided binary challenge solving

👤 CTF participants who want structured guidance for reversing challenges ⏱ ~45 min intermediate

متى تستخدمه: You're stuck on a binary CTF challenge and want structured analysis guidance.

المتطلبات الأساسية
  • Ghidra with ReVa and CTF plugin — Install ReVa extension and enable the CTF skill
الخطوات
  1. Get CTF guidance
    I'm working on a CTF reverse engineering challenge. The binary is a Linux x86_64 ELF. Guide me through finding the flag.✓ تم النسخ
    → Structured approach: entry point, string search, validation function identification
  2. Analyze the check
    Found the validation function. Decompile it and explain the algorithm checking my input.✓ تم النسخ
    → Annotated decompilation with algorithm explanation

النتيجة: Structured guidance to find the flag using ReVa's focused analysis tools.

المزالق
  • Heavily obfuscated binaries resist decompilation — Use the address-specific disassembly tool for raw instruction analysis

التركيبات

اجمعها مع خوادم MCP أخرى لتحقيق نتائج x10

reverse-engineering-assistant + filesystem

Save annotated analysis to files for documentation

Export our analysis notes and decompiled functions to ~/analysis/binary-report.md.✓ تم النسخ
reverse-engineering-assistant + github

Cross-reference binary with source code from related open-source projects

This binary seems to use libcurl. Search GitHub for the version and compare the function signatures.✓ تم النسخ

الأدوات

ما يوفره هذا الـ MCP

الأداةالمدخلاتمتى تستدعيهاالتكلفة
decompile_function function_name_or_address: str Decompile a specific function 0
rename_variable function: str, old_name: str, new_name: str Rename a variable for clarity 0
fix_type variable: str, type: str Set the correct type for a variable 0
get_xrefs address: str Find cross-references to an address 0
search_strings pattern: str Search for strings in the binary 0

التكلفة والحدود

تكلفة التشغيل

حصة API
N/A — fully local
الرموز لكل استدعاء
200–1500 tokens per tool call
التكلفة المالية
Free — both Ghidra and ReVa are open source
نصيحة
Use focused queries on specific functions rather than broad 'analyze everything' requests.

الأمان

الصلاحيات والأسرار ونطاق الأثر

تخزين بيانات الاعتماد: N/A
نقل البيانات الخارجي: All analysis is local

استكشاف الأخطاء

الأخطاء الشائعة وحلولها

Plugin not loading

ReVa requires Ghidra 12.0+. Enable the plugin in both Project view and Code Browser tool settings.

تحقق: Check Ghidra's plugin configuration for 'ReVa'
Headless mode not working

Ensure you built ReVa with headless support. Check the headless Ghidra documentation for proper setup.

تحقق: Run analyzeHeadless with ReVa arguments
Context degradation in long sessions

ReVa is designed to minimize this, but start a new session if analysis quality drops.

تحقق: Try the same question in a fresh session

البدائل

reverse-engineering-assistant مقابل البدائل

البديلمتى تستخدمهاالمقايضة
GhidrAssistMCPYou want more tools (35 vs ReVa's smaller set) and consolidated action-based APIsMore tools but potentially more context pollution for LLMs
ida-pro-mcpYou prefer IDA Pro and need debugger integrationCommercial tool ($) but broader format support

المزيد

الموارد

📖 اقرأ ملف README الرسمي على GitHub

🐙 تصفح القضايا المفتوحة

🔍 تصفح أكثر من 400 خادم MCP و Skills