Skip to main content
Glama
enesjakozh
fdrechsler

IDA Pro MCP Server

by fdrechsler
OverviewSchemaRelated ServersScoreDiscussions
Python
Hybrid

search_byte_sequence

Locate specific byte sequences in binary files to identify patterns, code sections, or data structures during reverse engineering analysis.

Instructions

Search for a byte sequence in the binary

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
bytesYesByte sequence to search for (e.g., "90 90 90" for three NOPs)
startAddressNoStart address for search (optional)
endAddressNoEnd address for search (optional)

Implementation Reference

  • index.ts:565-601 (handler)
    MCP tool handler for 'search_byte_sequence': validates input, calls IDARemoteClient.searchForByteSequence, and returns formatted results or error.
    case 'search_byte_sequence': if (!isValidSearchByteSequenceArgs(request.params.arguments)) { throw new McpError( ErrorCode.InvalidParams, 'Invalid search byte sequence arguments' ); } try { const { bytes, startAddress, endAddress } = request.params.arguments; const result = await ida.searchForByteSequence(bytes, { startAddress, endAddress }); return { content: [ { type: 'text', text: `Found ${result.count} occurrences of byte sequence "${bytes}":\n\n${JSON.stringify(result.results, null, 2) }`, }, ], }; } catch (error: any) { return { content: [ { type: 'text', text: `Error searching for byte sequence: ${error.message || error}`, }, ], isError: true, }; }
  • idaremoteclient.ts:412-437 (helper)
    Core implementation of byte sequence search: constructs query parameters and makes HTTP GET request to the IDA Pro remote control API endpoint /search/bytes.
    async searchForByteSequence( byteSequence: string, options: { startAddress?: number | string; endAddress?: number | string; } = {} ): Promise<ByteSequenceSearchResponse> { const params = new URLSearchParams(); params.append('bytes', byteSequence); if (options.startAddress !== undefined) { const startAddr = typeof options.startAddress === 'string' ? options.startAddress : options.startAddress.toString(); params.append('start', startAddr); } if (options.endAddress !== undefined) { const endAddr = typeof options.endAddress === 'string' ? options.endAddress : options.endAddress.toString(); params.append('end', endAddr); } return this.get<ByteSequenceSearchResponse>(`/search/bytes?${params.toString()}`); }
  • index.ts:288-309 (registration)
    MCP tool registration defining the 'search_byte_sequence' tool name, description, and input schema.
    { name: 'search_byte_sequence', description: 'Search for a byte sequence in the binary', inputSchema: { type: 'object', properties: { bytes: { type: 'string', description: 'Byte sequence to search for (e.g., "90 90 90" for three NOPs)', }, startAddress: { type: 'string', description: 'Start address for search (optional)', }, endAddress: { type: 'string', description: 'End address for search (optional)', }, }, required: ['bytes'], }, },
  • index.ts:49-53 (schema)
    TypeScript interface for input schema of search_byte_sequence tool arguments.
    interface SearchByteSequenceArgs { bytes: string; startAddress?: string | number; endAddress?: string | number; }
  • index.ts:113-119 (helper)
    Type guard function to validate search_byte_sequence tool arguments.
    const isValidSearchByteSequenceArgs = (args: any): args is SearchByteSequenceArgs => { return ( typeof args === 'object' && args !== null && typeof args.bytes === 'string' ); };
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/fdrechsler/mcp-server-idapro'

If you have feedback or need assistance with the MCP directory API, please join our Discord server