reverse-engineering-assistant MCP — Casos de uso, Instalar & Demo en vivo

Por qué usarlo

Características clave

Tool-driven approach with small, focused tools to reduce LLM hallucinations
Context-aware analysis to limit degradation during extended sessions
Interactive mode (with Ghidra UI) and headless automation mode
Bundled Claude Code plugins for binary triage, cryptography, and CTF workflows
Works alongside other MCP servers (GitHub, Kagi) for enriched analysis

Demo en vivo

Cómo se ve en la práctica

reverse-engineering-assistant.replay ▶ listo

0/0

Instalar

Elige tu cliente

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Abre Claude Desktop → Settings → Developer → Edit Config. Reinicia después de guardar.

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Cursor usa el mismo esquema mcpServers que Claude Desktop. La configuración del proyecto prevalece sobre la global.

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Haz clic en el icono MCP Servers de la barra lateral de Cline y luego en "Edit Configuration".

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Mismo formato que Claude Desktop. Reinicia Windsurf para aplicar.

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "reverse-engineering-assistant",
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  ]
}

Continue usa un array de objetos de servidor en lugar de un mapa.

~/.config/zed/settings.json

{
  "context_servers": {
    "reverse-engineering-assistant": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
        ]
      }
    }
  }
}

Añádelo a context_servers. Zed recarga en caliente al guardar.

claude mcp add reverse-engineering-assistant -- TODO 'See README: https://github.com/cyberkaida/reverse-engineering-assistant'

Un solo comando. Verifica con claude mcp list. Quita con claude mcp remove.

Casos de uso

Usos del mundo real: reverse-engineering-assistant

How to triage an unknown binary with ReVa in Ghidra

👤 Security researchers performing initial binary assessment ⏱ ~30 min intermediate

Cuándo usarlo: You have a binary to quickly assess before committing to deep analysis.

Requisitos previos

Ghidra 12.0+ with ReVa installed — Download release, install via Ghidra extension manager
MCP client configured — Claude Code or VSCode connected to ReVa's MCP endpoint

Flujo

Initial triage

Load this binary and give me a quick triage: what platform, what language, key functions, interesting strings, and imported libraries.✓ Copiado

→ Concise triage report with platform, language hints, notable functions and strings
Focus on suspicious functions

Decompile the functions that reference network or crypto strings. What are they doing?✓ Copiado

→ Decompiled code with focused analysis

Resultado: A quick assessment of the binary's purpose and suspicious functionality.

Errores comunes

Asking too broad questions causes context degradation — ReVa's small tools are designed for focused queries — ask specific questions about specific functions

Combinar con: filesystem

Use ReVa's CTF plugin for guided binary challenge solving

👤 CTF participants who want structured guidance for reversing challenges ⏱ ~45 min intermediate

Cuándo usarlo: You're stuck on a binary CTF challenge and want structured analysis guidance.

Requisitos previos

Ghidra with ReVa and CTF plugin — Install ReVa extension and enable the CTF skill

Flujo

Get CTF guidance

I'm working on a CTF reverse engineering challenge. The binary is a Linux x86_64 ELF. Guide me through finding the flag.✓ Copiado

→ Structured approach: entry point, string search, validation function identification
Analyze the check

Found the validation function. Decompile it and explain the algorithm checking my input.✓ Copiado

→ Annotated decompilation with algorithm explanation

Resultado: Structured guidance to find the flag using ReVa's focused analysis tools.

Errores comunes

Heavily obfuscated binaries resist decompilation — Use the address-specific disassembly tool for raw instruction analysis

Combinaciones

Combínalo con otros MCPs para multiplicar por 10

reverse-engineering-assistant + filesystem

Save annotated analysis to files for documentation

Export our analysis notes and decompiled functions to ~/analysis/binary-report.md.✓ Copiado

reverse-engineering-assistant + github

Cross-reference binary with source code from related open-source projects

This binary seems to use libcurl. Search GitHub for the version and compare the function signatures.✓ Copiado

Herramientas

Lo que expone este MCP

Herramienta	Entradas	Cuándo llamar
decompile_function	function_name_or_address: str	Decompile a specific function
rename_variable	function: str, old_name: str, new_name: str	Rename a variable for clarity
fix_type	variable: str, type: str	Set the correct type for a variable
get_xrefs	address: str	Find cross-references to an address
search_strings	pattern: str	Search for strings in the binary

Coste y límites

Lo que cuesta ejecutarlo

Cuota de API: N/A — fully local
Tokens por llamada: 200–1500 tokens per tool call
Monetario: Free — both Ghidra and ReVa are open source
Consejo: Use focused queries on specific functions rather than broad 'analyze everything' requests.

Seguridad

Permisos, secretos, alcance

Almacenamiento de credenciales: N/A

Salida de datos: All analysis is local

⚠ This tool is designed for authorized security research, CTF competitions, and defensive analysis only. Do not use it against systems you don't own or have written authorization to test.
Only analyze binaries you have legal right to reverse engineer.

Resolución de problemas

Errores comunes y soluciones

Plugin not loading

ReVa requires Ghidra 12.0+. Enable the plugin in both Project view and Code Browser tool settings.

Verificar: Check Ghidra's plugin configuration for 'ReVa'

Headless mode not working

Ensure you built ReVa with headless support. Check the headless Ghidra documentation for proper setup.

Verificar: Run analyzeHeadless with ReVa arguments

Context degradation in long sessions

ReVa is designed to minimize this, but start a new session if analysis quality drops.

Verificar: Try the same question in a fresh session

Alternativas

reverse-engineering-assistant vs otros

Alternativa	Cuándo usarla	Contrapartida
GhidrAssistMCP	You want more tools (35 vs ReVa's smaller set) and consolidated action-based APIs	More tools but potentially more context pollution for LLMs
ida-pro-mcp	You prefer IDA Pro and need debugger integration	Commercial tool ($) but broader format support

Más

Recursos

📖 Lee el README oficial en GitHub

🐙 Ver issues abiertas

🔍 Ver todos los 400+ servidores MCP y Skills