Ghidra MCP Server – 110 tools for AI-assisted reverse engineering

Leverages Ghidra's native disassembly engine to extract function boundaries, control flow graphs, and decompiled pseudocode, then pipes structured representations to LLMs for semantic analysis and naming. Uses Ghidra's Java API to traverse the program database (PDB), extract function signatures, and apply AI-generated annotations back to the binary without manual re-analysis.

Exposes Ghidra's reference graph (xrefs) as queryable MCP tools, allowing LLMs to trace data flow, call chains, and memory access patterns across the binary. Implements depth-limited graph traversal to prevent explosion, with support for filtering by reference type (read, write, call, flow) and scope (function-local, module-wide, global).

Maintains conversation context across multiple analysis queries, allowing LLMs to build understanding incrementally. Implements context management to track analyzed functions, inferred types, and previous findings, enabling coherent multi-turn analysis workflows without redundant re-analysis.

Detects binary architecture (x86, ARM, MIPS, etc.) and calling convention (cdecl, stdcall, fastcall, etc.) using Ghidra's analysis, then infers function signatures based on parameter passing patterns. Generates type-safe function prototypes suitable for re-implementation or API documentation.

Detects common obfuscation techniques (control flow flattening, dead code injection, string encryption, etc.) using pattern matching and heuristics. Provides deobfuscation hints and assists LLMs in understanding obfuscated code by highlighting suspicious patterns and suggesting analysis strategies.

Wraps Ghidra's decompiler to extract high-level pseudocode for functions, with options to format output as C, Python, or pseudo-assembly for different analysis contexts. Handles decompiler failures gracefully by falling back to raw disassembly, and caches decompilation results to avoid redundant computation.

Analyzes Ghidra's type inference engine and data-type definitions to extract inferred struct layouts, class hierarchies, and memory organization. Reconstructs data structures from memory access patterns and type annotations, exposing them as queryable JSON schemas for LLM-driven reverse engineering of complex data types.

Scans the binary for embedded strings, numeric constants, and immediate values, then correlates them with their usage sites (function calls, memory writes, comparisons). Returns structured data including string encoding (ASCII, UTF-16, etc.), cross-references, and inferred purpose based on context.

Parses Ghidra's symbol table, import/export tables, and relocation records to extract function and variable symbols with their addresses, types, and external dependencies. Links symbols to their definitions and usage sites, enabling LLM-driven analysis of API surfaces and external dependencies.

Extracts Ghidra's control flow graph for functions as structured JSON, including basic blocks, edges (conditional/unconditional), and loop detection. Supports multiple visualization formats (DOT, JSON, adjacency list) and provides metrics (cyclomatic complexity, loop nesting depth) to help LLMs understand program structure.

Orchestrates analysis of multiple binaries in parallel, aggregating results into comprehensive reports with cross-binary comparisons. Uses MCP's async capabilities to manage long-running analyses, with progress tracking and result caching to avoid redundant work.

Implements semantic search using embeddings or keyword matching to find functions, strings, and code patterns matching natural language queries. Integrates with LLM embeddings to enable queries like 'find functions that handle network communication' or 'locate crypto operations'.

Implements pattern matching for known vulnerability signatures (buffer overflows, use-after-free, integer overflows, etc.) using Ghidra's analysis results. Annotates detected patterns with severity, affected functions, and remediation suggestions, enabling LLM-driven vulnerability assessment.