Exposes binary analysis data from Ghidra, including functions and pseudocode, to LLMs.
This project lets you use Ghidra in headless mode to extract rich binary analysis data (functions, pseudocode, structs, enums, etc.) into a JSON file, and expose it to LLMs like Claude via Model Context Protocol (MCP).
It turns Ghidra into an interactive reverse-engineering backend.
ghidra_context.jsonlist_functions(), get_pseudocode(name)list_structures(), get_structure(name)list_enums(), get_enum(name)list_function_definitions(), get_function_definition(name)mcp CLI (install via pip install mcp)brew install --cask temurin@21
Then set it:
export JAVA_HOME=$(/usr/libexec/java_home -v 21)
echo 'export JAVA_HOME=$(/usr/libexec/java_home -v 21)' >> ~/.zshrc
source ~/.zshrc
Check it:
java -version
Should say: openjdk version "21.0.x"...
Download and extract Ghidra 11.3.1
cd ghidra_mcp
gcc -Wall crackme.c -o crackme
mcp install main.py
This registers the MCP server so Claude or other clients can access it.
mcp dev main.py
This enables hot reload and developer logs.
| Tool | Description |
|---|---|
setup_context(...) | Run Ghidra on a binary |
list_functions() | All functions |
get_pseudocode(name) | Decompiled pseudocode |
list_structures() | All structs |
get_structure(name) | Details of a struct |
list_enums() | All enums |
get_enum(name) | Enum values |
list_function_definitions() | All function prototypes |
get_function_definition() | Return type & args |
Analyze the binary file located at <BINARY_PATH> using Ghidra installed at <GHIDRA_PATH>. First, set up the analysis context using both paths, then list all functions in the binary. Examine the main entry point function and provide a high-level overview of what the program does.
➡️ Fix: Install Java 21, not 17 or 24:
brew install --cask temurin@21
export JAVA_HOME=$(/usr/libexec/java_home -v 21)
spawn uv ENOENT (Claude Desktop can't find your UV binary)➡️ Claude can't locate uv by name. To fix:
which uv
Example output:
/Users/yourname/.cargo/bin/uv
open ~/Library/Application\ Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"ghidra": {
"command": "/Users/yourname/.cargo/bin/uv",
"args": [
"--directory",
"/Users/yourname/Documents/ghidra_mcp",
"run",
"main.py"
]
}
}
}
The operation couldn’t be completed. Unable to locate a Java Runtime.➡️ Fix: Java not installed or JAVA_HOME is unset. Follow setup instructions above.
| File | Purpose |
|---|---|
main.py | MCP server with tools |
export_context.py | Ghidra script that extracts JSON |
crackme.c | Sample C binary |
crackme | Compiled binary to test |
A Python server providing Retrieval-Augmented Generation (RAG) functionality. It indexes various document formats and requires a PostgreSQL database with pgvector.
An intelligent codebase search engine that transforms local codebases into a natural language queryable knowledge base.
MCP server to provide Jira Tickets information to AI coding agents like Cursor.
Integrates with the Stability AI API for image generation, editing, and upscaling.
A backend service providing tools, resources, and prompts for AI models using the Model Context Protocol (MCP).
Provides AI-powered mentorship to LLM agents for tasks like code review, design critique, and brainstorming, using the Deepseek API.
A framework for AI-powered command execution and a plugin-based tool system. It can be run as a standalone service or embedded in other projects to expose a consistent API for invoking tools and managing tasks.
Interact with Alpaca's Trading API for stocks, options, portfolios, and real-time market data using LLMs.
Access and interact with Harness platform data, including pipelines, repositories, logs, and artifact registries.
A bridge between the Unity game engine and AI assistants using the Model Context Protocol (MCP).