reverse-engineering-assistant MCP — Сценарии использования, Установка & Живое демо

Зачем использовать

Ключевые функции

Tool-driven approach with small, focused tools to reduce LLM hallucinations
Context-aware analysis to limit degradation during extended sessions
Interactive mode (with Ghidra UI) and headless automation mode
Bundled Claude Code plugins for binary triage, cryptography, and CTF workflows
Works alongside other MCP servers (GitHub, Kagi) for enriched analysis

Живое демо

Как выглядит на практике

reverse-engineering-assistant.replay ▶ готово

0/0

Установка

Выберите клиент

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Откройте Claude Desktop → Settings → Developer → Edit Config. Перезапустите после сохранения.

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Cursor использует ту же схему mcpServers, что и Claude Desktop. Конфиг проекта приоритетнее глобального.

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Щёлкните значок MCP Servers на боковой панели Cline, затем "Edit Configuration".

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Тот же формат, что и Claude Desktop. Перезапустите Windsurf для применения.

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "reverse-engineering-assistant",
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  ]
}

Continue использует массив объектов серверов, а не map.

~/.config/zed/settings.json

{
  "context_servers": {
    "reverse-engineering-assistant": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
        ]
      }
    }
  }
}

Добавьте в context_servers. Zed перезагружается автоматически.

claude mcp add reverse-engineering-assistant -- TODO 'See README: https://github.com/cyberkaida/reverse-engineering-assistant'

Однострочная команда. Проверить: claude mcp list. Удалить: claude mcp remove.

Сценарии использования

Реальные сценарии: reverse-engineering-assistant

How to triage an unknown binary with ReVa in Ghidra

👤 Security researchers performing initial binary assessment ⏱ ~30 min intermediate

Когда использовать: You have a binary to quickly assess before committing to deep analysis.

Предварительные требования

Ghidra 12.0+ with ReVa installed — Download release, install via Ghidra extension manager
MCP client configured — Claude Code or VSCode connected to ReVa's MCP endpoint

Поток

Initial triage

Load this binary and give me a quick triage: what platform, what language, key functions, interesting strings, and imported libraries.✓ Скопировано

→ Concise triage report with platform, language hints, notable functions and strings
Focus on suspicious functions

Decompile the functions that reference network or crypto strings. What are they doing?✓ Скопировано

→ Decompiled code with focused analysis

Итог: A quick assessment of the binary's purpose and suspicious functionality.

Подводные камни

Asking too broad questions causes context degradation — ReVa's small tools are designed for focused queries — ask specific questions about specific functions

Сочетать с: filesystem

Use ReVa's CTF plugin for guided binary challenge solving

👤 CTF participants who want structured guidance for reversing challenges ⏱ ~45 min intermediate

Когда использовать: You're stuck on a binary CTF challenge and want structured analysis guidance.

Предварительные требования

Ghidra with ReVa and CTF plugin — Install ReVa extension and enable the CTF skill

Поток

Get CTF guidance

I'm working on a CTF reverse engineering challenge. The binary is a Linux x86_64 ELF. Guide me through finding the flag.✓ Скопировано

→ Structured approach: entry point, string search, validation function identification
Analyze the check

Found the validation function. Decompile it and explain the algorithm checking my input.✓ Скопировано

→ Annotated decompilation with algorithm explanation

Итог: Structured guidance to find the flag using ReVa's focused analysis tools.

Подводные камни

Heavily obfuscated binaries resist decompilation — Use the address-specific disassembly tool for raw instruction analysis

Комбинации

Сочетайте с другими MCP — эффект x10

reverse-engineering-assistant + filesystem

Save annotated analysis to files for documentation

Export our analysis notes and decompiled functions to ~/analysis/binary-report.md.✓ Скопировано

reverse-engineering-assistant + github

Cross-reference binary with source code from related open-source projects

This binary seems to use libcurl. Search GitHub for the version and compare the function signatures.✓ Скопировано

Инструменты

Что предоставляет этот MCP

Инструмент	Входные данные	Когда вызывать
decompile_function	function_name_or_address: str	Decompile a specific function
rename_variable	function: str, old_name: str, new_name: str	Rename a variable for clarity
fix_type	variable: str, type: str	Set the correct type for a variable
get_xrefs	address: str	Find cross-references to an address
search_strings	pattern: str	Search for strings in the binary

Стоимость и лимиты

Во что обходится

Квота API: N/A — fully local
Токенов на вызов: 200–1500 tokens per tool call
Деньги: Free — both Ghidra and ReVa are open source
Совет: Use focused queries on specific functions rather than broad 'analyze everything' requests.

Безопасность

Права, секреты, радиус поражения

Хранение учётных данных: N/A

Исходящий трафик: All analysis is local

⚠ This tool is designed for authorized security research, CTF competitions, and defensive analysis only. Do not use it against systems you don't own or have written authorization to test.
Only analyze binaries you have legal right to reverse engineer.

Устранение неполадок

Частые ошибки и исправления

Plugin not loading

ReVa requires Ghidra 12.0+. Enable the plugin in both Project view and Code Browser tool settings.

Проверить: Check Ghidra's plugin configuration for 'ReVa'

Headless mode not working

Ensure you built ReVa with headless support. Check the headless Ghidra documentation for proper setup.

Проверить: Run analyzeHeadless with ReVa arguments

Context degradation in long sessions

ReVa is designed to minimize this, but start a new session if analysis quality drops.

Проверить: Try the same question in a fresh session

Альтернативы

reverse-engineering-assistant в сравнении

Альтернатива	Когда использовать	Компромисс
GhidrAssistMCP	You want more tools (35 vs ReVa's smaller set) and consolidated action-based APIs	More tools but potentially more context pollution for LLMs
ida-pro-mcp	You prefer IDA Pro and need debugger integration	Commercial tool ($) but broader format support

Ещё

Ресурсы

📖 Читать официальный README на GitHub

🐙 Открытые задачи

🔍 Все 400+ MCP-серверов и Skills