/ Annuaire / Playground / reverse-engineering-assistant
← Tous les serveurs ↗ GitHub
● Communauté cyberkaida ⚡ Instantané

reverse-engineering-assistant

par cyberkaida · cyberkaida/reverse-engineering-assistant

Ghidra MCP server designed for LLMs — small, focused tools that reduce hallucinations in binary analysis sessions.

ReVa (Reverse Engineering Assistant) is a Ghidra 12.0+ extension implementing an MCP server with a tool-driven approach designed for effective LLM interaction. It uses small, focused tools (decompilation, renaming, type fixing, xrefs, string analysis) to limit context degradation during extended sessions. Supports interactive mode (with Ghidra UI) and headless automation, and includes Claude Code plugins for binary triage, crypto analysis, and CTF guides.

▶ Voir la démo 📦 Installer 💡 Cas d'usage

Pourquoi l'utiliser

Fonctionnalités clés

Démo en direct

Aperçu en pratique

reverse-engineering-assistant.replay ▶ prêt
0/0

Installer

Choisissez votre client

~/Library/Application Support/Claude/claude_desktop_config.json  · Windows: %APPDATA%\Claude\claude_desktop_config.json
{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Ouvrez Claude Desktop → Settings → Developer → Edit Config. Redémarrez après avoir enregistré.

~/.cursor/mcp.json · .cursor/mcp.json
{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Cursor utilise le même schéma mcpServers que Claude Desktop. La config projet l'emporte sur la globale.

VS Code → Cline → MCP Servers → Edit
{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Cliquez sur l'icône MCP Servers dans la barre latérale Cline, puis "Edit Configuration".

~/.codeium/windsurf/mcp_config.json
{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Même format que Claude Desktop. Redémarrez Windsurf pour appliquer.

~/.continue/config.json
{
  "mcpServers": [
    {
      "name": "reverse-engineering-assistant",
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  ]
}

Continue utilise un tableau d'objets serveur plutôt qu'une map.

~/.config/zed/settings.json
{
  "context_servers": {
    "reverse-engineering-assistant": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
        ]
      }
    }
  }
}

Ajoutez dans context_servers. Zed recharge à chaud à la sauvegarde.

claude mcp add reverse-engineering-assistant -- TODO 'See README: https://github.com/cyberkaida/reverse-engineering-assistant'

Une seule ligne. Vérifiez avec claude mcp list. Supprimez avec claude mcp remove.

Cas d'usage

Usages concrets : reverse-engineering-assistant

How to triage an unknown binary with ReVa in Ghidra

👤 Security researchers performing initial binary assessment ⏱ ~30 min intermediate

Quand l'utiliser : You have a binary to quickly assess before committing to deep analysis.

Prérequis
  • Ghidra 12.0+ with ReVa installed — Download release, install via Ghidra extension manager
  • MCP client configured — Claude Code or VSCode connected to ReVa's MCP endpoint
Déroulement
  1. Initial triage
    Load this binary and give me a quick triage: what platform, what language, key functions, interesting strings, and imported libraries.✓ Copié
    → Concise triage report with platform, language hints, notable functions and strings
  2. Focus on suspicious functions
    Decompile the functions that reference network or crypto strings. What are they doing?✓ Copié
    → Decompiled code with focused analysis

Résultat : A quick assessment of the binary's purpose and suspicious functionality.

Pièges
  • Asking too broad questions causes context degradation — ReVa's small tools are designed for focused queries — ask specific questions about specific functions
Combiner avec : filesystem

Use ReVa's CTF plugin for guided binary challenge solving

👤 CTF participants who want structured guidance for reversing challenges ⏱ ~45 min intermediate

Quand l'utiliser : You're stuck on a binary CTF challenge and want structured analysis guidance.

Prérequis
  • Ghidra with ReVa and CTF plugin — Install ReVa extension and enable the CTF skill
Déroulement
  1. Get CTF guidance
    I'm working on a CTF reverse engineering challenge. The binary is a Linux x86_64 ELF. Guide me through finding the flag.✓ Copié
    → Structured approach: entry point, string search, validation function identification
  2. Analyze the check
    Found the validation function. Decompile it and explain the algorithm checking my input.✓ Copié
    → Annotated decompilation with algorithm explanation

Résultat : Structured guidance to find the flag using ReVa's focused analysis tools.

Pièges
  • Heavily obfuscated binaries resist decompilation — Use the address-specific disassembly tool for raw instruction analysis

Combinaisons

Associez-le à d'autres MCPs pour un effet X10

reverse-engineering-assistant + filesystem

Save annotated analysis to files for documentation

Export our analysis notes and decompiled functions to ~/analysis/binary-report.md.✓ Copié
reverse-engineering-assistant + github

Cross-reference binary with source code from related open-source projects

This binary seems to use libcurl. Search GitHub for the version and compare the function signatures.✓ Copié

Outils

Ce que ce MCP expose

OutilEntréesQuand appelerCoût
decompile_function function_name_or_address: str Decompile a specific function 0
rename_variable function: str, old_name: str, new_name: str Rename a variable for clarity 0
fix_type variable: str, type: str Set the correct type for a variable 0
get_xrefs address: str Find cross-references to an address 0
search_strings pattern: str Search for strings in the binary 0

Coût et limites

Coût d'exécution

Quota d'API
N/A — fully local
Tokens par appel
200–1500 tokens per tool call
Monétaire
Free — both Ghidra and ReVa are open source
Astuce
Use focused queries on specific functions rather than broad 'analyze everything' requests.

Sécurité

Permissions, secrets, portée

Stockage des identifiants : N/A
Sortie de données : All analysis is local

Dépannage

Erreurs courantes et correctifs

Plugin not loading

ReVa requires Ghidra 12.0+. Enable the plugin in both Project view and Code Browser tool settings.

Vérifier : Check Ghidra's plugin configuration for 'ReVa'
Headless mode not working

Ensure you built ReVa with headless support. Check the headless Ghidra documentation for proper setup.

Vérifier : Run analyzeHeadless with ReVa arguments
Context degradation in long sessions

ReVa is designed to minimize this, but start a new session if analysis quality drops.

Vérifier : Try the same question in a fresh session

Alternatives

reverse-engineering-assistant vs autres

AlternativeQuand l'utiliserCompromis
GhidrAssistMCPYou want more tools (35 vs ReVa's smaller set) and consolidated action-based APIsMore tools but potentially more context pollution for LLMs
ida-pro-mcpYou prefer IDA Pro and need debugger integrationCommercial tool ($) but broader format support

Plus

Ressources

📖 Lire le README officiel sur GitHub

🐙 Voir les issues ouvertes

🔍 Parcourir les 400+ serveurs MCP et Skills