🔍 Ghidra MCP Server
This project lets you use Ghidra in headless mode to extract rich binary analysis data (functions, pseudocode, structs, enums, etc.) into a JSON file, and expose it to LLMs like Claude via Model Context Protocol (MCP).
It turns Ghidra into an interactive reverse-engineering backend.
🚀 Features
- Decompiles a binary using Ghidra headless mode
- Extracts:
- Function pseudocode, names, parameters, variables, strings, comments
- Data structures (structs), enums, and function definitions
- Outputs to
ghidra_context.json
- MCP server exposes tools like:
list_functions()
,get_pseudocode(name)
list_structures()
,get_structure(name)
list_enums()
,get_enum(name)
list_function_definitions()
,get_function_definition(name)
⚙️ System Requirements
- macOS (tested)
- Python 3.10+
- Ghidra 11.3.1+
- Java 21 (Temurin preferred)
- MCP client (e.g. Claude Desktop)
mcp
CLI (install viapip install mcp
)
🧪 Installation & Setup
✅ 1. Install Java 21 (REQUIRED by Ghidra 11.3.1)
Then set it:
Check it:
Should say: openjdk version "21.0.x"...
✅ 2. Install Ghidra
Download and extract Ghidra 11.3.1
✅ 3. Set up the project
✅ 4. Install the server via MCP CLI
This registers the MCP server so Claude or other clients can access it.
✅ 5. Run in dev mode (for testing)
This enables hot reload and developer logs.
🛰️ Tools Available
Tool | Description |
---|---|
setup_context(...) | Run Ghidra on a binary |
list_functions() | All functions |
get_pseudocode(name) | Decompiled pseudocode |
list_structures() | All structs |
get_structure(name) | Details of a struct |
list_enums() | All enums |
get_enum(name) | Enum values |
list_function_definitions() | All function prototypes |
get_function_definition() | Return type & args |
Sample Promot
Analyze the binary file located at using Ghidra installed at . First, set up the analysis context using both paths, then list all functions in the binary. Examine the main entry point function and provide a high-level overview of what the program does.
🧠 Common Issues & Fixes
❌ Ghidra fails with “unsupported Java version”
➡️ Fix: Install Java 21, not 17 or 24:
❌ spawn uv ENOENT
(Claude Desktop can't find your UV binary)
➡️ Claude can't locate uv
by name. To fix:
- Run in your terminal:
Example output:
- Open your Claude Desktop config file:
- Update it like so:
- Restart Claude Desktop. You should now see your custom MCP tools.
❌ The operation couldn’t be completed. Unable to locate a Java Runtime.
➡️ Fix: Java not installed or JAVA_HOME
is unset. Follow setup instructions above.
📂 Project Structure
File | Purpose |
---|---|
main.py | MCP server with tools |
export_context.py | Ghidra script that extracts JSON |
crackme.c | Sample C binary |
crackme | Compiled binary to test |
👨💻 Author
This server cannot be installed
local-only server
The server can only run on the client's local machine because it depends on local resources.
Enables LLMs to perform binary analysis using Ghidra in headless mode, extracting functions, pseudocode, structs, and enums from binaries for interactive reverse-engineering.
Related MCP Servers
- -securityFlicense-qualityAllows LLM tools like Claude Desktop and Cursor AI to access and summarize code files through a Model Context Protocol server, providing structured access to codebase content without manual copying.Last updated -TypeScript
- -securityAlicense-qualityAn MCP server that allows LLMs to autonomously reverse engineer applications by exposing Ghidra functionality, enabling decompilation, analysis, and automatic renaming of methods and data.Last updated -4,290Apache 2.0
- -securityAlicense-qualityA server that enables seamless integration of Binary Ninja's reverse engineering capabilities with LLM assistance, allowing AI tools like Claude to interact with binary analysis features in real-time.Last updated -20PythonGPL 3.0
- -securityFlicense-qualityA server that provides remote binary analysis capabilities through IDA Pro's headless mode, allowing users to manage and manipulate functions, variables, and other binary elements via the Multi-Client Protocol.Last updated -3Python