🚀 GhidraMCP
A Ghidra plugin implementing the Model Context Protocol (MCP) for AI-assisted binary analysis.
GhidraMCP bridges the gap between Ghidra's powerful reverse engineering capabilities and AI assistants through the Model Context Protocol (MCP). This plugin enables AI models to connect to Ghidra and assist with binary analysis tasks, making reverse engineering more efficient and accessible.
✨ Features
- AI-driven Binary Analysis: Connect AI assistants to Ghidra via the Model Context Protocol.
- Natural Language Interface: Ask questions about binary files in simple English.
- In-depth Code Insights: Retrieve detailed function information and decompiled code.
- Binary Structure Analysis: Explore imports, exports, and memory layout.
- Automated Security Analysis: Get AI-assisted insights on potential security vulnerabilities.
- Socket-based Architecture: High-performance communication between Ghidra and AI assistants.
- Cross-platform Compatibility: Runs on all platforms supported by Ghidra.
📦 Installation
Prerequisites
- Ghidra 11.2.1+
- Java 17 or later
- Python 3.8+ (for the bridging script)
Steps
- Download the latest release ZIP file from the Releases page.
- Open Ghidra.
- Navigate to
File > Install Extension.
- Click the “+” button and select the downloaded ZIP file.
- Restart Ghidra to complete the installation.
- Enable the extension by going to
File > Configure > Other and checking the box next to “MCPServerPlugin”.
💻 Usage Examples
Starting the MCP Server
When you open a Ghidra project after enabling the plugin, the server starts automatically. By default, it runs at the following location:
- Host:
localhost
- Port:
8765
You can verify that the server is running by checking for the following message in the Ghidra console:
MCP server has started on port 8765
Connecting with an AI Assistant
Connecting with Claude
To connect Claude to the GhidraMCP plugin:
-
Install the MCP bridging script:
pip install FastMCP
-
Add the following configuration to your Claude MCP settings:
{
"mcpServers": {
"ghidra": {
"command": "python",
"args": ["PATH-TO-REPO/GhidraMCP/ghidra_server.py"]
}
}
}
The bridging script creates a connection between Ghidra and Claude, enabling real-time binary analysis through natural language.
Available Tools
The plugin exposes several powerful functions through the MCP interface:
| Property |
Details |
get_function(address, decompile=False) |
Retrieve detailed information about the function at a specific address. |
analyze_binary(question) |
Ask questions about the loaded binary file in natural language. |
get_imports() |
List all imported functions in the binary file. |
get_exports() |
List all exported functions in the binary file. |
get_memory_map() |
Get the memory layout of the binary file. |
connect_to_ghidra(host, port) |
Connect to a specific Ghidra instance. |
rename_function(current_name, new_name) |
Rename a function by its current name. |
rename_data(address, new_name) |
Rename the data label at a specific address. |
extract_api_call_sequences(address) |
Extract API calls from a function for security analysis. |
identify_user_input_sources() |
Find potential user input sources in the binary file. |
generate_call_graph(address, max_depth=3) |
Generate a hierarchical representation of function calls. |
identify_crypto_patterns() |
Detect cryptographic implementations in the binary file. |
find_obfuscated_strings() |
Locate potentially obfuscated strings. |
Query Examples
Here are some examples of questions you can ask through an MCP-compatible AI client:
- "What cryptographic algorithms are used in this binary file?"
- "Can you show me the decompiled code of the function at address 0x401000?"
- "What suspicious API calls does this malware make?"
- "Explain the purpose of this binary file based on its imports and exports."
- "How does the authentication mechanism in this program work?"
- "Are there any potential buffer overflow vulnerabilities in this code?"
- "What network connections does this binary file establish?"
- "Can you rename this function to a more descriptive name?"
- "Show me all potential user input sources that could be exploited."
- "Generate a call graph for the main function."
🔧 Technical Details
Security Analysis Features
GhidraMCP provides specialized tools for security-focused analysis:
API Call Sequence Analysis
Extract and classify external API calls from functions for security analysis. This helps identify potentially dangerous functions and understand their interactions.
User Input Sources
Identify the entry points where external data enters the program, which is crucial for vulnerability assessment and understanding the attack surface.
Call Graph Generation
Create structured call graphs to understand the execution flow, track data propagation, and identify potential attack paths.
Crypto Pattern Detection
Identify cryptographic implementations, including standard algorithms (AES, RSA, etc.) and custom implementations based on code patterns.
Obfuscated String Detection
Find strings that may be obfuscated through techniques such as XOR encoding or character-by-character construction.
Custom Configuration
You can modify the server port by editing the MCPServerPlugin.java file:
server.setPort(YOUR_CUSTOM_PORT);
Integration with Analysis Workflows
GhidraMCP can be integrated into your existing analysis workflows:
- Use Ghidra's standard analysis features to identify areas of interest.
- Leverage AI assistance through GhidraMCP for deeper understanding.
- Combine AI insights with your manual analysis.
- Rename functions and data based on AI insights to improve readability.
🛠️ Building from Source
To build the plugin from source:
-
Clone this repository:
git clone https://github.com/yourusername/GhidraMCP.git
-
Set up the Ghidra development environment according to the instructions in the Ghidra Developer Guide.
-
Set the GHIDRA_INSTALL_DIR environment variable:
export GHIDRA_INSTALL_DIR=/path/to/ghidra
-
Build using Gradle:
./gradlew buildExtension
-
The extension ZIP file will be created in the dist directory.
🐞 Troubleshooting
Common Issues
- Connection Issues: Ensure that the Ghidra instance is running and the plugin is enabled.
- Port Conflicts: If port 8765 is already in use, modify the port in the plugin configuration.
- Bridging Script Errors: Check that all required Python packages have been installed using
pip install FastMCP.
- Empty Results from Analysis Functions: Some security analysis functions may return empty results if the binary file does not contain relevant patterns.
Logs
Check the following logs for troubleshooting:
- Server-side messages in the Ghidra console.
- Bridging script issues in
ghidra_mcp_bridge.log.
🤝 Contribution
Contributions are welcome! Please feel free to submit issues or pull requests.
- Fork the repository.
- Create your feature branch:
git checkout -b feature/amazing-feature.
- Commit your changes:
git commit -m 'Add some amazing feature'.
- Push to the branch:
git push origin feature/amazing-feature.
- Open a pull request.
🙏 Acknowledgments
GhidraMCP is not affiliated with or endorsed by the NSA or the Ghidra project.
%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
