reverse-engineering-assistant MCP — ユースケース, インストール & ライブデモ

なぜ使うのか

主な機能

Tool-driven approach with small, focused tools to reduce LLM hallucinations
Context-aware analysis to limit degradation during extended sessions
Interactive mode (with Ghidra UI) and headless automation mode
Bundled Claude Code plugins for binary triage, cryptography, and CTF workflows
Works alongside other MCP servers (GitHub, Kagi) for enriched analysis

ライブデモ

実際の動作

reverse-engineering-assistant.replay ▶ 準備完了

0/0

インストール

クライアントを選択

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Claude Desktop → Settings → Developer → Edit Config を開く。保存後、アプリを再起動。

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Cursor は Claude Desktop と同じ mcpServers スキーマを使用。プロジェクト設定はグローバルより優先。

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Cline サイドバーの MCP Servers アイコンをクリックし、"Edit Configuration" を選択。

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Claude Desktop と同じ形式。Windsurf を再起動して反映。

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "reverse-engineering-assistant",
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  ]
}

Continue はマップではなくサーバーオブジェクトの配列を使用。

~/.config/zed/settings.json

{
  "context_servers": {
    "reverse-engineering-assistant": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
        ]
      }
    }
  }
}

context_servers に追加。保存時に Zed がホットリロード。

claude mcp add reverse-engineering-assistant -- TODO 'See README: https://github.com/cyberkaida/reverse-engineering-assistant'

ワンライナー。claude mcp list で確認、claude mcp remove で削除。

ユースケース

実用的な使い方： reverse-engineering-assistant

How to triage an unknown binary with ReVa in Ghidra

👤 Security researchers performing initial binary assessment ⏱ ~30 min intermediate

使うタイミング： You have a binary to quickly assess before committing to deep analysis.

前提条件

Ghidra 12.0+ with ReVa installed — Download release, install via Ghidra extension manager
MCP client configured — Claude Code or VSCode connected to ReVa's MCP endpoint

フロー

Initial triage

Load this binary and give me a quick triage: what platform, what language, key functions, interesting strings, and imported libraries.✓ コピーしました

→ Concise triage report with platform, language hints, notable functions and strings
Focus on suspicious functions

Decompile the functions that reference network or crypto strings. What are they doing?✓ コピーしました

→ Decompiled code with focused analysis

結果： A quick assessment of the binary's purpose and suspicious functionality.

注意点

Asking too broad questions causes context degradation — ReVa's small tools are designed for focused queries — ask specific questions about specific functions

組み合わせ： filesystem

Use ReVa's CTF plugin for guided binary challenge solving

👤 CTF participants who want structured guidance for reversing challenges ⏱ ~45 min intermediate

使うタイミング： You're stuck on a binary CTF challenge and want structured analysis guidance.

前提条件

Ghidra with ReVa and CTF plugin — Install ReVa extension and enable the CTF skill

フロー

Get CTF guidance

I'm working on a CTF reverse engineering challenge. The binary is a Linux x86_64 ELF. Guide me through finding the flag.✓ コピーしました

→ Structured approach: entry point, string search, validation function identification
Analyze the check

Found the validation function. Decompile it and explain the algorithm checking my input.✓ コピーしました

→ Annotated decompilation with algorithm explanation

結果： Structured guidance to find the flag using ReVa's focused analysis tools.

注意点

Heavily obfuscated binaries resist decompilation — Use the address-specific disassembly tool for raw instruction analysis

組み合わせ

他のMCPと組み合わせて10倍の力を

reverse-engineering-assistant + filesystem

Save annotated analysis to files for documentation

Export our analysis notes and decompiled functions to ~/analysis/binary-report.md.✓ コピーしました

reverse-engineering-assistant + github

Cross-reference binary with source code from related open-source projects

This binary seems to use libcurl. Search GitHub for the version and compare the function signatures.✓ コピーしました

ツール

このMCPが提供する機能

ツール	入力	呼び出すタイミング
decompile_function	function_name_or_address: str	Decompile a specific function
rename_variable	function: str, old_name: str, new_name: str	Rename a variable for clarity
fix_type	variable: str, type: str	Set the correct type for a variable
get_xrefs	address: str	Find cross-references to an address
search_strings	pattern: str	Search for strings in the binary

コストと制限

運用コスト

APIクォータ: N/A — fully local
呼び出しあたりのトークン: 200–1500 tokens per tool call
金額: Free — both Ghidra and ReVa are open source
ヒント: Use focused queries on specific functions rather than broad 'analyze everything' requests.

セキュリティ

権限、シークレット、影響範囲

認証情報の保管： N/A

データ送信先： All analysis is local

⚠ This tool is designed for authorized security research, CTF competitions, and defensive analysis only. Do not use it against systems you don't own or have written authorization to test.
Only analyze binaries you have legal right to reverse engineer.

トラブルシューティング

よくあるエラーと対処法

Plugin not loading

ReVa requires Ghidra 12.0+. Enable the plugin in both Project view and Code Browser tool settings.

確認： Check Ghidra's plugin configuration for 'ReVa'

Headless mode not working

Ensure you built ReVa with headless support. Check the headless Ghidra documentation for proper setup.

確認： Run analyzeHeadless with ReVa arguments

Context degradation in long sessions

ReVa is designed to minimize this, but start a new session if analysis quality drops.

確認： Try the same question in a fresh session

代替案

reverse-engineering-assistant 他との比較

代替案	代わりに使う場面	トレードオフ
GhidrAssistMCP	You want more tools (35 vs ReVa's smaller set) and consolidated action-based APIs	More tools but potentially more context pollution for LLMs
ida-pro-mcp	You prefer IDA Pro and need debugger integration	Commercial tool ($) but broader format support

その他

リソース

📖 GitHub の公式 README を読む

🐙 オープンな issue を見る

🔍 400以上のMCPサーバーとSkillsを見る