{"id":26681133,"url":"https://github.com/mrexodia/ida-pro-mcp","last_synced_at":"2025-05-14T10:14:54.729Z","repository":{"id":284463914,"uuid":"954963562","full_name":"mrexodia/ida-pro-mcp","owner":"mrexodia","description":"MCP Server for IDA Pro","archived":false,"fork":false,"pushed_at":"2025-04-10T14:13:04.000Z","size":103,"stargazers_count":1192,"open_issues_count":14,"forks_count":102,"subscribers_count":12,"default_branch":"main","last_synced_at":"2025-04-10T15:51:23.084Z","etag":null,"topics":["cline","cursor","ida-plugin","ida-pro","mcp","mcp-server","modelcontextprotocol","reverse-engineering"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mrexodia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["mrexodia"]}},"created_at":"2025-03-25T22:23:41.000Z","updated_at":"2025-04-10T15:41:23.000Z","dependencies_parsed_at":"2025-03-26T03:20:34.167Z","dependency_job_id":"1116579f-ccdf-477a-8ade-ad4cfccaaa4c","html_url":"https://github.com/mrexodia/ida-pro-mcp","commit_stats":null,"previous_names":["mrexodia/ida-pro-mcp"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrexodia%2Fida-pro-mcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrexodia%2Fida-pro-mcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrexodia%2Fida-pro-mcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrexodia%2Fida-pro-mcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mrexodia","download_url":"https://codeload.github.com/mrexodia/ida-pro-mcp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248566922,"owners_count":21125751,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cline","cursor","ida-plugin","ida-pro","mcp","mcp-server","modelcontextprotocol","reverse-engineering"],"created_at":"2025-03-26T07:14:18.945Z","updated_at":"2025-05-14T10:14:54.723Z","avatar_url":"https://github.com/mrexodia.png","language":"Python","funding_links":["https://github.com/sponsors/mrexodia"],"categories":["Security","Python","Development Tools MCP Servers","AI","📚 Projects (1974 total)","💾 MCP Security Servers","MCP 服务器精选列表","پیاده‌سازی‌های سرور","Scientific Research Tools","MCP Ecosystem","Community Servers","カテゴリ","🧰 MCP Tools","🧩 Miscellaneous","Containerised MCP Servers","🤖 AI/ML","Table of Contents","逆向破解","🔬 二进制 / 原生逆向","MCP Servers","ai","AI \u0026 ML (20)","MCP Servers \u0026 Protocol","🔬 Vulnerability Research \u0026 Analysis"],"sub_categories":["Reverse Engineering","MCP Servers","🔒 安全与分析","🔒 \u003ca name=\"security\"\u003e\u003c/a\u003eامنیت","Servers","🛠️ \u003ca name=\"developer-tools\"\u003e\u003c/a\u003e開発ツール","🧬 Reverse Engineering","AI \u0026 Machine Learning","Developer Tools","Security \u0026 Reverse Engineering","Security and Reverse Engineering"],"readme":"# IDA Pro MCP\r\n\r\nSimple [MCP Server](https://modelcontextprotocol.io/introduction) to allow vibe reversing in IDA Pro.\r\n\r\nhttps://github.com/user-attachments/assets/6ebeaa92-a9db-43fa-b756-eececce2aca0\r\n\r\nThe binaries and prompt for the video are available in the [mcp-reversing-dataset](https://github.com/mrexodia/mcp-reversing-dataset) repository.\r\n\r\nAvailable functionality:\r\n\r\n- `check_connection`: Check if the IDA plugin is running.\r\n- `get_metadata()`: Get metadata about the current IDB.\r\n- `get_function_by_name(name)`: Get a function by its name.\r\n- `get_function_by_address(address)`: Get a function by its address.\r\n- `get_current_address()`: Get the address currently selected by the user.\r\n- `get_current_function()`: Get the function currently selected by the user.\r\n- `convert_number(text, size)`: Convert a number (decimal, hexadecimal) to different representations.\r\n- `list_functions(offset, count)`: List all functions in the database (paginated).\r\n- `list_strings(offset, count)`: List all strings in the database (paginated).\r\n- `search_strings(pattern, offset, count)`: Search for strings containing the given pattern (case-insensitive).\r\n- `decompile_function(address)`: Decompile a function at the given address.\r\n- `disassemble_function(start_address)`: Get assembly code (address: instruction; comment) for a function.\r\n- `get_xrefs_to(address)`: Get all cross references to the given address.\r\n- `get_entry_points()`: Get all entry points in the database.\r\n- `set_comment(address, comment)`: Set a comment for a given address in the function disassembly and pseudocode.\r\n- `rename_local_variable(function_address, old_name, new_name)`: Rename a local variable in a function.\r\n- `rename_global_variable(old_name, new_name)`: Rename a global variable.\r\n- `set_global_variable_type(variable_name, new_type)`: Set a global variable's type.\r\n- `rename_function(function_address, new_name)`: Rename a function.\r\n- `set_function_prototype(function_address, prototype)`: Set a function's prototype.\r\n- `declare_c_type(c_declaration)`: Create or update a local type from a C declaration.\r\n- `set_local_variable_type(function_address, variable_name, new_type)`: Set a local variable's type.\r\n\r\n## Prerequisites\r\n\r\n- [Python](https://www.python.org/downloads/) (**3.11 or higher**) \r\n  - Use `idapyswitch` to switch to the newest Python version\r\n- [IDA Pro](https://hex-rays.com/ida-pro) (8.3 or higher, 9 recommended)\r\n- Supported MCP Client (pick one you like)\r\n  - [Cline](https://cline.bot)\r\n  - [Roo Code](https://roocode.com)\r\n  - [Claude](https://claude.ai/download)\r\n  - [Cursor](https://cursor.com)\r\n  - [VSCode Agent Mode](https://github.blog/news-insights/product-news/github-copilot-agent-mode-activated/)\r\n  - [Other MCP Clients](https://modelcontextprotocol.io/clients#example-clients)\r\n\r\n## Installation\r\n\r\nInstall (or upgrade) the IDA Pro MCP package:\r\n\r\n```sh\r\npip install --upgrade git+https://github.com/mrexodia/ida-pro-mcp\r\n```\r\n\r\nConfigure the MCP servers and install the IDA Plugin:\r\n\r\n```\r\nida-pro-mcp --install\r\n```\r\n\r\n**Important**: Make sure you completely restart IDA/Visual Studio Code/Claude for the installation to take effect. Claude runs in the background and you need to quit it from the tray icon.\r\n\r\nhttps://github.com/user-attachments/assets/65ed3373-a187-4dd5-a807-425dca1d8ee9\r\n\r\n## Prompt Engineering\r\n\r\nLLMs are prone to hallucinations and you need to be specific with your prompting. For reverse engineering the conversion between integers and bytes are especially problematic. Below is a minimal example prompt, feel free to start a discussion or open an issue if you have good results with a different prompt:\r\n\r\n\u003e Your task is to analyze a crackme in IDA Pro. You can use the MCP tools to retrieve information. In general use the following strategy:\r\n\u003e - Inspect the decompilation and add comments with your findings\r\n\u003e - Rename variables to more sensible names\r\n\u003e - Change the variable and argument types if necessary (especially pointer and array types)\r\n\u003e - Change function names to be more descriptive\r\n\u003e - If more details are necessary, disassemble the function and add comments with your findings\r\n\u003e - NEVER convert number bases yourself. Use the convert_number MCP tool if needed!\r\n\u003e - Do not attempt brute forcing, derive any solutions purely from the disassembly and simple python scripts\r\n\u003e - Create a report.md with your findings and steps taken at the end\r\n\u003e - When you find a solution, prompt to user for feedback with the password you found\r\n\r\nThis prompt was just the first experiment, please share if you found ways to improve the output!\r\n\r\n## Tips for Enhancing LLM Accuracy\r\n\r\nLarge Language Models (LLMs) are powerful tools, but they can sometimes struggle with complex mathematical calculations or exhibit \"hallucinations\" (making up facts). Make sure to tell the LLM to use the `conver_number` MCP and you might also need [math-mcp](https://github.com/EthanHenrickson/math-mcp) for certain operations.\r\n\r\nAnother thing to keep in mind is that LLMs will not perform well on obfuscated code. Before trying to use an LLM to solve the problem, take a look around the binary and spend some time (automatically) removing the following things:\r\n\r\n- String encryption\r\n- Import hashing\r\n- Control flow flattening\r\n- Code encryption\r\n- Anti-decompilation tricks\r\n\r\nYou should also use a tool like Lumina or FLIRT to try and resolve all the open source library code and the C++ STL, this will further improve the accuracy.\r\n\r\n## SSE Transport \u0026 Headless MCP\r\n\r\nYou can run an SSE server to connect to the user interface like this:\r\n\r\n```sh\r\nuv run ida-pro-mcp --transport http://127.0.0.1:8744/sse\r\n```\r\n\r\nAfter installing [`idalib`](https://docs.hex-rays.com/user-guide/idalib) you can also run a headless SSE server:\r\n\r\n```sh\r\nuv run idalib-mcp --host 127.0.0.1 --port 8745 path/to/executable\r\n```\r\n\r\n_Note_: The `idalib` feature was contributed by [Willi Ballenthin](https://github.com/williballenthin).\r\n\r\n## Manual Installation\r\n\r\n_Note_: This section is for LLMs and power users who need detailed installation instructions.\r\n\r\n\u003cdetails\u003e\r\n\r\n## Manual MCP Server Installation (Cline/Roo Code)\r\n\r\nTo install the MCP server yourself, follow these steps:\r\n\r\n1. Install [uv](https://github.com/astral-sh/uv) globally:\r\n   - Windows: `pip install uv`\r\n   - Linux/Mac: `curl -LsSf https://astral.sh/uv/install.sh | sh`\r\n2. Clone this repository, for this example `C:\\MCP\\ida-pro-mcp`.\r\n3. Navigate to the Cline/Roo Code _MCP Servers_ configuration (see screenshot).\r\n4. Click on the _Installed_ tab.\r\n5. Click on _Configure MCP Servers_, which will open `cline_mcp_settings.json`.\r\n6. Add the `ida-pro-mcp` server:\r\n\r\n```json\r\n{\r\n  \"mcpServers\": {\r\n    \"github.com/mrexodia/ida-pro-mcp\": {\r\n      \"command\": \"uv\",\r\n      \"args\": [\r\n        \"--directory\",\r\n        \"c:\\\\MCP\\\\ida-pro-mcp\",\r\n        \"run\",\r\n        \"server.py\",\r\n        \"--install-plugin\"\r\n      ],\r\n      \"timeout\": 1800,\r\n      \"disabled\": false,\r\n      \"autoApprove\": [\r\n        \"check_connection\",\r\n        \"get_metadata\",\r\n        \"get_function_by_name\",\r\n        \"get_function_by_address\",\r\n        \"get_current_address\",\r\n        \"get_current_function\",\r\n        \"convert_number\",\r\n        \"list_functions\",\r\n        \"list_strings\",\r\n        \"search_strings\",\r\n        \"decompile_function\",\r\n        \"disassemble_function\",\r\n        \"get_xrefs_to\",\r\n        \"get_entry_points\",\r\n        \"set_comment\",\r\n        \"rename_local_variable\",\r\n        \"rename_global_variable\",\r\n        \"set_global_variable_type\",\r\n        \"rename_function\",\r\n        \"set_function_prototype\",\r\n        \"declare_c_type\",\r\n        \"set_local_variable_type\"\r\n      ],\r\n      \"alwaysAllow\": [\r\n        \"check_connection\",\r\n        \"get_metadata\",\r\n        \"get_function_by_name\",\r\n        \"get_function_by_address\",\r\n        \"get_current_address\",\r\n        \"get_current_function\",\r\n        \"convert_number\",\r\n        \"list_functions\",\r\n        \"list_strings\",\r\n        \"search_strings\",\r\n        \"decompile_function\",\r\n        \"disassemble_function\",\r\n        \"get_xrefs_to\",\r\n        \"get_entry_points\",\r\n        \"set_comment\",\r\n        \"rename_local_variable\",\r\n        \"rename_global_variable\",\r\n        \"set_global_variable_type\",\r\n        \"rename_function\",\r\n        \"set_function_prototype\",\r\n        \"declare_c_type\",\r\n        \"set_local_variable_type\"\r\n      ]\r\n    }\r\n  }\r\n}\r\n```\r\n\r\nTo check if the connection works you can perform the following tool call:\r\n\r\n```\r\n\u003cuse_mcp_tool\u003e\r\n\u003cserver_name\u003egithub.com/mrexodia/ida-pro-mcp\u003c/server_name\u003e\r\n\u003ctool_name\u003echeck_connection\u003c/tool_name\u003e\r\n\u003carguments\u003e\u003c/arguments\u003e\r\n\u003c/use_mcp_tool\u003e\r\n```\r\n\r\n## IDA Plugin installation\r\n\r\nThe IDA Pro plugin will be installed automatically when the MCP server starts. If you disabled the `--install-plugin` option, use the following steps:\r\n\r\n1. Copy (**not move**) `src/ida_pro_mcp/mcp-plugin.py` in your plugins folder (`%appdata%\\Hex-Rays\\IDA Pro\\plugins` on Windows).\r\n2. Open an IDB and click `Edit -\u003e Plugins -\u003e MCP` to start the server.\r\n\r\n\u003c/details\u003e\r\n\r\n## Comparison with other MCP servers\r\n\r\nThere are a few IDA Pro MCP servers floating around, but I created my own for a few reasons:\r\n\r\n1. Installation should be fully automated.\r\n2. The architecture of other plugins make it difficult to add new functionality quickly (too much boilerplate of unnecessary dependencies).\r\n3. Learning new technologies is fun!\r\n\r\nIf you want to check them out, here is a list (in the order I discovered them):\r\n\r\n- https://github.com/taida957789/ida-mcp-server-plugin (SSE protocol only, requires installing dependencies in IDAPython).\r\n- https://github.com/fdrechsler/mcp-server-idapro (MCP Server in TypeScript, excessive boilerplate required to add new functionality).\r\n- https://github.com/MxIris-Reverse-Engineering/ida-mcp-server (custom socket protocol, boilerplate).\r\n\r\nFeel free to open a PR to add your IDA Pro MCP server here.\r\n\r\n## Development\r\n\r\nAdding new features is a super easy and streamlined process. All you have to do is add a new `@jsonrpc` function to [`mcp-plugin.py`](https://github.com/mrexodia/ida-pro-mcp/blob/164df8cf4ae251cc9cc0f464591fa6df8e0d9df4/src/ida_pro_mcp/mcp-plugin.py#L406-L419) and your function will be available in the MCP server without any additional boilerplate! Below is a video where I add the `get_metadata` function in less than 2 minutes (including testing):\r\n\r\nhttps://github.com/user-attachments/assets/951de823-88ea-4235-adcb-9257e316ae64\r\n\r\nTo test the MCP server itself:\r\n\r\n```sh\r\nuv run mcp dev src/ida_pro_mcp/server.py\r\n```\r\n\r\nThis will open a web interface at http://localhost:5173 and allow you to interact with the MCP tools for testing.\r\n\r\nFor testing I create a symbolic link to the IDA plugin and then POST a JSON-RPC request directly to `http://localhost:13337/mcp`. After [enabling symbolic links](https://learn.microsoft.com/en-us/windows/apps/get-started/enable-your-device-for-development) you can run the following command:\r\n\r\n```sh\r\nuv run ida-pro-mcp --install\r\n```\r\n\r\nGenerate the changelog of direct commits to `main`:\r\n\r\n```sh\r\ngit log --first-parent --no-merges 1.2.0..main \"--pretty=- %s\"\r\n```\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrexodia%2Fida-pro-mcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmrexodia%2Fida-pro-mcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrexodia%2Fida-pro-mcp/lists"}