/ Directorio / Playground / ida-pro-mcp
← Todos los servidores ↗ GitHub
● Comunidad mrexodia ⚡ Instantáneo

ida-pro-mcp

por mrexodia · mrexodia/ida-pro-mcp

Bridge IDA Pro with AI for automated binary analysis — decompile, rename, patch, debug, and search across your IDB.

ida-pro-mcp connects IDA Pro (8.3+) to AI assistants via MCP, exposing tools for decompilation, disassembly, symbol navigation, cross-references, patching, type management, and full debugger control. Supports 20+ MCP clients including Claude, VS Code, Cursor, and Windsurf. Features automated installation, headless analysis via SSE transport, and batch operations.

▶ Ver demo 📦 Instalar 💡 Casos de uso

Por qué usarlo

Características clave

Demo en vivo

Cómo se ve en la práctica

ida-pro-mcp.replay ▶ listo
0/0

Instalar

Elige tu cliente

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "ida-pro-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  }
}

Abre Claude Desktop → Settings → Developer → Edit Config. Reinicia después de guardar.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "ida-pro-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  }
}

Cursor usa el mismo esquema mcpServers que Claude Desktop. La configuración del proyecto prevalece sobre la global.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "ida-pro-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  }
}

Haz clic en el icono MCP Servers de la barra lateral de Cline y luego en "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "ida-pro-mcp": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  }
}

Mismo formato que Claude Desktop. Reinicia Windsurf para aplicar.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "ida-pro-mcp",
      "command": "TODO",
      "args": [
        "See README: https://github.com/mrexodia/ida-pro-mcp"
      ]
    }
  ]
}

Continue usa un array de objetos de servidor en lugar de un mapa.

~/.config/zed/settings.json
{
  "context_servers": {
    "ida-pro-mcp": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/mrexodia/ida-pro-mcp"
        ]
      }
    }
  }
}

Añádelo a context_servers. Zed recarga en caliente al guardar.

claude mcp add ida-pro-mcp -- TODO 'See README: https://github.com/mrexodia/ida-pro-mcp'

Un solo comando. Verifica con claude mcp list. Quita con claude mcp remove.

Casos de uso

Usos del mundo real: ida-pro-mcp

How to reverse engineer a binary with AI assistance in IDA Pro

👤 Reverse engineers and security researchers analyzing binaries they own or have authorization to test ⏱ ~60 min advanced

Cuándo usarlo: You have a binary loaded in IDA Pro and want AI to help understand and annotate it.

Requisitos previos
  • IDA Pro 8.3+ (not IDA Free) — Commercial license from Hex-Rays
  • ida-pro-mcp installed — pip install <repo-url> && ida-pro-mcp --install
Flujo
  1. Get an overview
    List all functions in this binary. Which ones look like they handle network communication based on their names and imports?✓ Copiado
    → Categorized function list with network-related functions highlighted
  2. Decompile key functions
    Decompile the main network handler function. Explain the protocol it implements and rename variables to be descriptive.✓ Copiado
    → Decompiled C code with renamed variables and protocol analysis
  3. Trace data flow
    Find all cross-references to the encryption key buffer. Who reads it and who writes it?✓ Copiado
    → Xref chain showing data flow from key generation to encryption calls

Resultado: A well-annotated IDB with key functions understood, renamed, and documented.

Errores comunes
  • Decompilation can be slow on large functions — Start with smaller callees and work up. Use disasm() for quick overviews.
Combinar con: filesystem

Solve a CTF reverse engineering challenge using IDA Pro and AI

👤 CTF participants working on binary reversing challenges ⏱ ~45 min intermediate

Cuándo usarlo: You have a CTF binary that needs static and/or dynamic analysis to find the flag.

Requisitos previos
  • IDA Pro with ida-pro-mcp — Install and connect
Flujo
  1. Find the validation logic
    Search for strings containing 'flag', 'correct', 'wrong'. Decompile the functions that reference them.✓ Copiado
    → Validation function with flag-checking logic
  2. Debug to extract the flag
    Set a breakpoint at the comparison. Run the binary with input 'AAAA' and show me what it compares against.✓ Copiado
    → Expected flag value visible in registers or memory

Resultado: Flag extracted through combined static and dynamic analysis.

Errores comunes
  • Anti-debug tricks prevent breakpoint hits — Use find_insns to locate anti-debug checks and patch them with patch_asm

Combinaciones

Combínalo con otros MCPs para multiplicar por 10

ida-pro-mcp + filesystem

Export decompiled code and analysis notes to files

Decompile all functions related to the crypto module and save the annotated code to ~/analysis/crypto.c.✓ Copiado

Herramientas

Lo que expone este MCP

HerramientaEntradasCuándo llamarCoste
decompile address_or_name: str Decompile a function to C pseudocode 0
disasm address: str, count?: int Disassemble instructions at an address 0
rename old_name: str, new_name: str Rename a function or variable 0
xrefs_to address: str Find all cross-references to an address 0
find_bytes pattern: str Search for a byte pattern in the binary 0
patch_asm address: str, asm: str Patch assembly instructions at an address 0
dbg_run none Start the debugger 0
set_comments address: str, comment: str Add a comment at an address 0

Coste y límites

Lo que cuesta ejecutarlo

Cuota de API
N/A — local IDA Pro instance
Tokens por llamada
200–3000 tokens (decompilation output can be large)
Monetario
Requires IDA Pro commercial license ($). The MCP plugin itself is free.
Consejo
Use list_funcs to identify targets before decompiling to avoid decompiling every function.

Seguridad

Permisos, secretos, alcance

Almacenamiento de credenciales: N/A — local tool
Salida de datos: All analysis is local. No network calls from the MCP server.

Resolución de problemas

Errores comunes y soluciones

ida-pro-mcp --install fails

Ensure Python 3.11+ and IDA Pro 8.3+ are installed. The installer needs to find IDA's plugin directory.

Verificar: python3 --version && which idat
Decompilation fails

Not all functions decompile cleanly (obfuscation, hand-written assembly). Try disasm() as a fallback.

Verificar: Try decompiling a simpler function first
Debugger won't start

Ensure IDA's debugger is configured for the target platform (local, remote, etc.). Check that the binary is not already running.

Verificar: Check IDA's debugger settings

Alternativas

ida-pro-mcp vs otros

AlternativaCuándo usarlaContrapartida
GhidrAssistMCPYou prefer free Ghidra over commercial IDA ProGhidra is free but IDA Pro generally has faster analysis and wider format support
reverse-engineering-assistantYou want a Ghidra MCP with a tool-driven approach optimized for LLMsFewer tools but better context management for AI interaction

Más

Recursos

📖 Lee el README oficial en GitHub

🐙 Ver issues abiertas

🔍 Ver todos los 400+ servidores MCP y Skills