Ghidra backend for re-mcp — headless Ghidra MCP server using pyhidra
Project description
re-mcp-ghidra
Ghidra backend for RE-MCP — a headless Ghidra MCP server using pyhidra. Exposes Ghidra's analysis capabilities over the Model Context Protocol, letting LLMs drive reverse engineering directly.
This is a standalone server, not a Ghidra plugin. It uses pyhidra to run Ghidra's analysis engine without a GUI.
Requirements
- Python 3.12+
- Ghidra 11+
- JDK 21+
- macOS, Windows, or Linux
Installation
uv tool install re-mcp-ghidra
Or with pip:
pip install re-mcp-ghidra
Finding Ghidra
The server looks for your Ghidra installation in the following order:
GHIDRA_INSTALL_DIRenvironment variable — set this if Ghidra is in a non-standard location.- Config file —
ghidra-install-dirin~/.ghidra/ghidra-config.json. - Platform-specific default paths (e.g.
/Applications/ghidra_*on macOS).
See the main documentation for the full list of default search paths per platform.
Usage
# Run the server (direct stdio mode)
re-mcp-ghidra
# Or with uvx (no install needed)
uvx re-mcp-ghidra
MCP client configuration
{
"mcpServers": {
"ghidra": {
"command": "uvx",
"args": ["re-mcp-ghidra"]
}
}
}
CLI subcommands
| Command | Description |
|---|---|
re-mcp-ghidra (or re-mcp-ghidra stdio) |
Direct stdio mode — single-session, workers die on disconnect (default) |
re-mcp-ghidra proxy |
Stdio proxy that auto-spawns a persistent HTTP daemon |
re-mcp-ghidra serve |
Start the HTTP daemon directly |
re-mcp-ghidra stop |
Gracefully shut down a running daemon |
Environment variables
| Variable | Default | Description |
|---|---|---|
GHIDRA_INSTALL_DIR |
(auto-detected) | Path to Ghidra installation directory |
GHIDRA_MCP_MAX_WORKERS |
(unlimited) | Maximum simultaneous databases (1-8) |
GHIDRA_MCP_LOG_LEVEL |
WARNING |
Logging level |
GHIDRA_MCP_LOG_DIR |
(unset) | Directory for per-run log files |
GHIDRA_MCP_IDLE_TIMEOUT |
300 |
Auto-shutdown timeout in seconds (0 to disable) |
Features
- Full decompilation and disassembly
- Function, type, and structure management
- Cross-reference and call graph analysis
- String and byte pattern search
- Binary patching and instruction assembly
- Function ID and data type archive support
- Multi-database support with concurrent analysis
- MCP resources for structured read-only access
See the main documentation for the full tool catalog, multi-database workflows, and detailed usage.
License
Dual-licensed under MIT and Apache-2.0.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file re_mcp_ghidra-3.0.0rc3.tar.gz.
File metadata
- Download URL: re_mcp_ghidra-3.0.0rc3.tar.gz
- Upload date:
- Size: 61.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a08538edbf86099257e0d42ee9048233fa52f0b12815d88d9066692085238474
|
|
| MD5 |
b1285fdad75a3bf100684193674825bc
|
|
| BLAKE2b-256 |
10caa974881d43b50f47a9b48e2653305b6d9d5b5ca4edc9a027d2d24f3a31dc
|
Provenance
The following attestation bundles were made for re_mcp_ghidra-3.0.0rc3.tar.gz:
Publisher:
publish.yml on jtsylve/re-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
re_mcp_ghidra-3.0.0rc3.tar.gz -
Subject digest:
a08538edbf86099257e0d42ee9048233fa52f0b12815d88d9066692085238474 - Sigstore transparency entry: 1436428115
- Sigstore integration time:
-
Permalink:
jtsylve/re-mcp@abc1444e308763b9bdf6cb3c053c5045e4f7c6e2 -
Branch / Tag:
refs/tags/v3.0.0rc3 - Owner: https://github.com/jtsylve
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@abc1444e308763b9bdf6cb3c053c5045e4f7c6e2 -
Trigger Event:
release
-
Statement type:
File details
Details for the file re_mcp_ghidra-3.0.0rc3-py3-none-any.whl.
File metadata
- Download URL: re_mcp_ghidra-3.0.0rc3-py3-none-any.whl
- Upload date:
- Size: 105.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
50f2417e4cf85a7fc18866a97e38b91d99bd2f9520d97f08e254f6f16d1469c7
|
|
| MD5 |
28190ec86075f2c1f6115b3a9705d719
|
|
| BLAKE2b-256 |
755c546947ef487976f76fd53b37848108ffdeb67f9361d48fa58da8302e6b13
|
Provenance
The following attestation bundles were made for re_mcp_ghidra-3.0.0rc3-py3-none-any.whl:
Publisher:
publish.yml on jtsylve/re-mcp
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
re_mcp_ghidra-3.0.0rc3-py3-none-any.whl -
Subject digest:
50f2417e4cf85a7fc18866a97e38b91d99bd2f9520d97f08e254f6f16d1469c7 - Sigstore transparency entry: 1436428157
- Sigstore integration time:
-
Permalink:
jtsylve/re-mcp@abc1444e308763b9bdf6cb3c053c5045e4f7c6e2 -
Branch / Tag:
refs/tags/v3.0.0rc3 - Owner: https://github.com/jtsylve
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@abc1444e308763b9bdf6cb3c053c5045e4f7c6e2 -
Trigger Event:
release
-
Statement type:
