Skip to main content
Glama

Ghidra MCP Server

🔍 Ghidra MCP Server

This project lets you use Ghidra in headless mode to extract rich binary analysis data (functions, pseudocode, structs, enums, etc.) into a JSON file, and expose it to LLMs like Claude via Model Context Protocol (MCP).

It turns Ghidra into an interactive reverse-engineering backend.


🚀 Features

  • Decompiles a binary using Ghidra headless mode
  • Extracts:
    • Function pseudocode, names, parameters, variables, strings, comments
    • Data structures (structs), enums, and function definitions
  • Outputs to ghidra_context.json
  • MCP server exposes tools like:
    • list_functions(), get_pseudocode(name)
    • list_structures(), get_structure(name)
    • list_enums(), get_enum(name)
    • list_function_definitions(), get_function_definition(name)

⚙️ System Requirements

  • macOS (tested)
  • Python 3.10+
  • Ghidra 11.3.1+
  • Java 21 (Temurin preferred)
  • MCP client (e.g. Claude Desktop)
  • mcp CLI (install via pip install mcp)

🧪 Installation & Setup

✅ 1. Install Java 21 (REQUIRED by Ghidra 11.3.1)

brew install --cask temurin@21

Then set it:

export JAVA_HOME=$(/usr/libexec/java_home -v 21) echo 'export JAVA_HOME=$(/usr/libexec/java_home -v 21)' >> ~/.zshrc source ~/.zshrc

Check it:

java -version

Should say: openjdk version "21.0.x"...


✅ 2. Install Ghidra

Download and extract Ghidra 11.3.1


✅ 3. Set up the project

cd ghidra_mcp gcc -Wall crackme.c -o crackme

✅ 4. Install the server via MCP CLI

mcp install main.py

This registers the MCP server so Claude or other clients can access it.


✅ 5. Run in dev mode (for testing)

mcp dev main.py

This enables hot reload and developer logs.


🛰️ Tools Available

ToolDescription
setup_context(...)Run Ghidra on a binary
list_functions()All functions
get_pseudocode(name)Decompiled pseudocode
list_structures()All structs
get_structure(name)Details of a struct
list_enums()All enums
get_enum(name)Enum values
list_function_definitions()All function prototypes
get_function_definition()Return type & args

Sample Promot

Analyze the binary file located at using Ghidra installed at . First, set up the analysis context using both paths, then list all functions in the binary. Examine the main entry point function and provide a high-level overview of what the program does.

🧠 Common Issues & Fixes

❌ Ghidra fails with “unsupported Java version”

➡️ Fix: Install Java 21, not 17 or 24:

brew install --cask temurin@21 export JAVA_HOME=$(/usr/libexec/java_home -v 21)

spawn uv ENOENT (Claude Desktop can't find your UV binary)

➡️ Claude can't locate uv by name. To fix:

  1. Run in your terminal:
which uv

Example output:

/Users/yourname/.cargo/bin/uv
  1. Open your Claude Desktop config file:
open ~/Library/Application\ Support/Claude/claude_desktop_config.json
  1. Update it like so:
{ "mcpServers": { "ghidra": { "command": "/Users/yourname/.cargo/bin/uv", "args": [ "--directory", "/Users/yourname/Documents/ghidra_mcp", "run", "main.py" ] } } }
  1. Restart Claude Desktop. You should now see your custom MCP tools.

The operation couldn’t be completed. Unable to locate a Java Runtime.

➡️ Fix: Java not installed or JAVA_HOME is unset. Follow setup instructions above.


📂 Project Structure

FilePurpose
main.pyMCP server with tools
export_context.pyGhidra script that extracts JSON
crackme.cSample C binary
crackmeCompiled binary to test

👨‍💻 Author

Tomi Bamimore
Ghidra by the NSA
MCP by Anthropic

Related MCP Servers

  • A
    security
    A
    license
    A
    quality
    Chat with your codebase through intelligent code searching without embeddings by breaking files into logical chunks, giving the LLM tools to search these chunks, and letting it find specific code needed to answer your questions.
    Last updated -
    8
    50
    Python
    MIT License
  • -
    security
    A
    license
    -
    quality
    An MCP server that allows LLMs to autonomously reverse engineer applications by exposing Ghidra functionality, enabling decompilation, analysis, and automatic renaming of methods and data.
    Last updated -
    5,444
    Apache 2.0
    • Apple
  • -
    security
    A
    license
    -
    quality
    A server that enables seamless integration of Binary Ninja's reverse engineering capabilities with LLM assistance, allowing AI tools like Claude to interact with binary analysis features in real-time.
    Last updated -
    72
    Python
    GPL 3.0
    • Apple
    • Linux
  • -
    security
    F
    license
    -
    quality
    A server that provides remote binary analysis capabilities through IDA Pro's headless mode, allowing users to manage and manipulate functions, variables, and other binary elements via the Multi-Client Protocol.
    Last updated -
    13
    Python

View all related MCP servers

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Bamimore-Tomi/ghidra_mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server