reverse-engineering-assistant MCP — 使用場景, 安裝 & 即時演示

為什麼要用

核心特性

Tool-driven approach with small, focused tools to reduce LLM hallucinations
Context-aware analysis to limit degradation during extended sessions
Interactive mode (with Ghidra UI) and headless automation mode
Bundled Claude Code plugins for binary triage, cryptography, and CTF workflows
Works alongside other MCP servers (GitHub, Kagi) for enriched analysis

即時演示

實際使用效果

reverse-engineering-assistant.replay ▶ 就緒

0/0

安裝

選擇你的客戶端

~/Library/Application Support/Claude/claude_desktop_config.json · Windows: %APPDATA%\Claude\claude_desktop_config.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

開啟 Claude Desktop → Settings → Developer → Edit Config。儲存後重啟應用。

~/.cursor/mcp.json · .cursor/mcp.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

Cursor 使用與 Claude Desktop 相同的 mcpServers 格式。專案級設定優先於全域。

VS Code → Cline → MCP Servers → Edit

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

點擊 Cline 側欄中的 MCP Servers 圖示，然後選 "Edit Configuration"。

~/.codeium/windsurf/mcp_config.json

{
  "mcpServers": {
    "reverse-engineering-assistant": {
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  }
}

格式與 Claude Desktop 相同。重啟 Windsurf 生效。

~/.continue/config.json

{
  "mcpServers": [
    {
      "name": "reverse-engineering-assistant",
      "command": "TODO",
      "args": [
        "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
      ]
    }
  ]
}

Continue 使用伺服器物件陣列，而非映射。

~/.config/zed/settings.json

{
  "context_servers": {
    "reverse-engineering-assistant": {
      "command": {
        "path": "TODO",
        "args": [
          "See README: https://github.com/cyberkaida/reverse-engineering-assistant"
        ]
      }
    }
  }
}

加入 context_servers。Zed 儲存後熱重載。

claude mcp add reverse-engineering-assistant -- TODO 'See README: https://github.com/cyberkaida/reverse-engineering-assistant'

一行命令搞定。用 claude mcp list 驗證，claude mcp remove 移除。

使用場景

實戰用法： reverse-engineering-assistant

How to triage an unknown binary with ReVa in Ghidra

👤 Security researchers performing initial binary assessment ⏱ ~30 min intermediate

何時使用： You have a binary to quickly assess before committing to deep analysis.

前置條件

Ghidra 12.0+ with ReVa installed — Download release, install via Ghidra extension manager
MCP client configured — Claude Code or VSCode connected to ReVa's MCP endpoint

步驟

Initial triage

Load this binary and give me a quick triage: what platform, what language, key functions, interesting strings, and imported libraries.✓ 已複製

→ Concise triage report with platform, language hints, notable functions and strings
Focus on suspicious functions

Decompile the functions that reference network or crypto strings. What are they doing?✓ 已複製

→ Decompiled code with focused analysis

結果： A quick assessment of the binary's purpose and suspicious functionality.

注意事項

Asking too broad questions causes context degradation — ReVa's small tools are designed for focused queries — ask specific questions about specific functions

搭配使用： filesystem

Use ReVa's CTF plugin for guided binary challenge solving

👤 CTF participants who want structured guidance for reversing challenges ⏱ ~45 min intermediate

何時使用： You're stuck on a binary CTF challenge and want structured analysis guidance.

前置條件

Ghidra with ReVa and CTF plugin — Install ReVa extension and enable the CTF skill

步驟

Get CTF guidance

I'm working on a CTF reverse engineering challenge. The binary is a Linux x86_64 ELF. Guide me through finding the flag.✓ 已複製

→ Structured approach: entry point, string search, validation function identification
Analyze the check

Found the validation function. Decompile it and explain the algorithm checking my input.✓ 已複製

→ Annotated decompilation with algorithm explanation

結果： Structured guidance to find the flag using ReVa's focused analysis tools.

注意事項

Heavily obfuscated binaries resist decompilation — Use the address-specific disassembly tool for raw instruction analysis

組合

與其他 MCP 搭配，撬動十倍槓桿

reverse-engineering-assistant + filesystem

Save annotated analysis to files for documentation

Export our analysis notes and decompiled functions to ~/analysis/binary-report.md.✓ 已複製

reverse-engineering-assistant + github

Cross-reference binary with source code from related open-source projects

This binary seems to use libcurl. Search GitHub for the version and compare the function signatures.✓ 已複製

工具

此 MCP 暴露的能力

工具	輸入參數	何時呼叫
decompile_function	function_name_or_address: str	Decompile a specific function
rename_variable	function: str, old_name: str, new_name: str	Rename a variable for clarity
fix_type	variable: str, type: str	Set the correct type for a variable
get_xrefs	address: str	Find cross-references to an address
search_strings	pattern: str	Search for strings in the binary

成本與限制

運行它的成本

API 配額: N/A — fully local
每次呼叫 Token 數: 200–1500 tokens per tool call
費用: Free — both Ghidra and ReVa are open source
提示: Use focused queries on specific functions rather than broad 'analyze everything' requests.

安全

權限、密鑰、影響範圍

憑證儲存： N/A

資料出站： All analysis is local

⚠ This tool is designed for authorized security research, CTF competitions, and defensive analysis only. Do not use it against systems you don't own or have written authorization to test.
Only analyze binaries you have legal right to reverse engineer.

故障排查

常見錯誤與修復

Plugin not loading

ReVa requires Ghidra 12.0+. Enable the plugin in both Project view and Code Browser tool settings.

驗證： Check Ghidra's plugin configuration for 'ReVa'

Headless mode not working

Ensure you built ReVa with headless support. Check the headless Ghidra documentation for proper setup.

驗證： Run analyzeHeadless with ReVa arguments

Context degradation in long sessions

ReVa is designed to minimize this, but start a new session if analysis quality drops.

驗證： Try the same question in a fresh session

替代方案

reverse-engineering-assistant 對比其他方案

替代方案	何時用它替代	權衡
GhidrAssistMCP	You want more tools (35 vs ReVa's smaller set) and consolidated action-based APIs	More tools but potentially more context pollution for LLMs
ida-pro-mcp	You prefer IDA Pro and need debugger integration	Commercial tool ($) but broader format support

reverse-engineering-assistant

為什麼要用

核心特性

即時演示

實際使用效果

安裝

選擇你的客戶端

使用場景

實戰用法： reverse-engineering-assistant

How to triage an unknown binary with ReVa in Ghidra

前置條件

步驟

注意事項

Use ReVa's CTF plugin for guided binary challenge solving

前置條件

步驟

注意事項

組合

與其他 MCP 搭配，撬動十倍槓桿

工具

此 MCP 暴露的能力

成本與限制

運行它的成本

安全

權限、密鑰、影響範圍

故障排查

常見錯誤與修復

替代方案

reverse-engineering-assistant 對比其他方案

更多

資源