A security-first MCP server that empowers AI agents to perform automated reverse engineering, malware analysis, forensics, vulnerability research, and SAST — powered by Radare2, YARA, LIEF, Capstone, and more.
Project description
Reversecore MCP
Security-first Model Context Protocol server for reverse engineering, malware analysis, digital forensics, vulnerability research, and SAST.
Reversecore MCP gives MCP-compatible AI agents structured access to Radare2, r2ghidra, YARA, LIEF, Capstone, angr, Qiling, Volatility3, Scapy, and additional analysis engines. It is designed around explicit workspace boundaries, input validation, non-root containers, and security regression testing.
Installation
Full container image — recommended
The container image includes the supported native toolchain and is the most reproducible installation method:
docker run -i --rm \
-v /absolute/path/to/samples:/app/workspace \
-e REVERSECORE_WORKSPACE=/app/workspace \
-e MCP_TRANSPORT=stdio \
ghcr.io/sjkim1127/reversecore_mcp:2.1.0
Python package
Install the MCP server and all Python feature extras from PyPI:
pip install "reversecore-mcp[full]"
Native programs such as Radare2, YARA, Graphviz, Binwalk, and The Sleuth Kit must be installed separately when using the Python package directly.
Run the stdio server with:
MCP_TRANSPORT=stdio \
REVERSECORE_WORKSPACE=/absolute/path/to/samples \
reversecore-mcp
MCP client configuration
{
"mcpServers": {
"reversecore": {
"command": "reversecore-mcp",
"env": {
"MCP_TRANSPORT": "stdio",
"REVERSECORE_WORKSPACE": "/absolute/path/to/samples"
}
}
}
}
Capabilities
- Static analysis, disassembly, decompilation, cross-references, and CFG recovery
- Malware triage, IOC extraction, YARA scanning, and MITRE ATT&CK mapping
- Symbolic execution, emulation, fuzzing harness generation, and ROP analysis
- Memory, disk, network, and host-artifact forensics
- Python and C/C++ source-code security analysis
- Structured evidence, session tracking, metrics, and report generation
Security model
Reversecore MCP processes potentially hostile binaries. Use a dedicated workspace and prefer the hardened container configuration for untrusted samples. The project CI includes dependency auditing, CodeQL, secret scanning, container scanning, path-boundary tests, fuzzing, and network-isolation checks.
Detailed configuration, tool documentation, Docker Compose profiles, and client examples are available in the GitHub repository.
Registry identity
- MCP Registry name:
io.github.sjkim1127/reversecore-mcp - PyPI package:
reversecore-mcp - OCI image:
ghcr.io/sjkim1127/reversecore_mcp
License
MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file reversecore_mcp-3.0.2.tar.gz.
File metadata
- Download URL: reversecore_mcp-3.0.2.tar.gz
- Upload date:
- Size: 342.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1afe92f96f9785292d1bb64b646aac27d5c166206aa6b40e95c406c81543428c
|
|
| MD5 |
fda4be17c11f84e2ea0b62e1aab68595
|
|
| BLAKE2b-256 |
8f34a5a832e031e8206a3a36d2790a83e5c77c848198f09ba9f00961c2434815
|
Provenance
The following attestation bundles were made for reversecore_mcp-3.0.2.tar.gz:
Publisher:
release.yml on sjkim1127/Reversecore_MCP
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
reversecore_mcp-3.0.2.tar.gz -
Subject digest:
1afe92f96f9785292d1bb64b646aac27d5c166206aa6b40e95c406c81543428c - Sigstore transparency entry: 2164365481
- Sigstore integration time:
-
Permalink:
sjkim1127/Reversecore_MCP@5095c55e7bb90b4b674c00fcb0358c3e797a5dbe -
Branch / Tag:
refs/tags/v3.0.2 - Owner: https://github.com/sjkim1127
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@5095c55e7bb90b4b674c00fcb0358c3e797a5dbe -
Trigger Event:
push
-
Statement type:
File details
Details for the file reversecore_mcp-3.0.2-py3-none-any.whl.
File metadata
- Download URL: reversecore_mcp-3.0.2-py3-none-any.whl
- Upload date:
- Size: 387.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dfa8e5eb390df54884369aa710d207120fc76aaf7041f2f580e06a60f73f0903
|
|
| MD5 |
07156440b27235bf60c757c22be9e4ee
|
|
| BLAKE2b-256 |
4a11bf66467e71079933a8a8d156ed2d63e8475c4c1b12a4c5189a6f380f1918
|
Provenance
The following attestation bundles were made for reversecore_mcp-3.0.2-py3-none-any.whl:
Publisher:
release.yml on sjkim1127/Reversecore_MCP
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
reversecore_mcp-3.0.2-py3-none-any.whl -
Subject digest:
dfa8e5eb390df54884369aa710d207120fc76aaf7041f2f580e06a60f73f0903 - Sigstore transparency entry: 2164365532
- Sigstore integration time:
-
Permalink:
sjkim1127/Reversecore_MCP@5095c55e7bb90b4b674c00fcb0358c3e797a5dbe -
Branch / Tag:
refs/tags/v3.0.2 - Owner: https://github.com/sjkim1127
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@5095c55e7bb90b4b674c00fcb0358c3e797a5dbe -
Trigger Event:
push
-
Statement type: