{"id":50203449,"url":"https://github.com/president-xd/revula","last_synced_at":"2026-06-19T06:01:19.756Z","repository":{"id":343823741,"uuid":"1178788084","full_name":"president-xd/revula","owner":"president-xd","description":"A fully functional and production-grade reverse engineering MCP Server","archived":false,"fork":false,"pushed_at":"2026-05-30T11:24:29.000Z","size":1077,"stargazers_count":53,"open_issues_count":0,"forks_count":12,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-06-11T16:04:03.456Z","etag":null,"topics":["automation","mcp-server","reverse-engineering","reverse-engineering-automation","reversing","reversing-automation"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/president-xd.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-11T11:18:26.000Z","updated_at":"2026-06-10T20:44:46.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/president-xd/revula","commit_stats":null,"previous_names":["president-xd/revula"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/president-xd/revula","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/president-xd%2Frevula","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/president-xd%2Frevula/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/president-xd%2Frevula/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/president-xd%2Frevula/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/president-xd","download_url":"https://codeload.github.com/president-xd/revula/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/president-xd%2Frevula/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34519051,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-19T02:00:06.005Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","mcp-server","reverse-engineering","reverse-engineering-automation","reversing","reversing-automation"],"created_at":"2026-05-26T00:00:42.983Z","updated_at":"2026-06-19T06:01:19.730Z","avatar_url":"https://github.com/president-xd.png","language":"Python","funding_links":[],"categories":["πŸ”¬ δΊŒθΏ›εˆΆ / εŽŸη”Ÿι€†ε‘"],"sub_categories":[],"readme":"# revula\n\n**Production-grade MCP server for universal reverse engineering automation.**\n\nConnect Claude Desktop, MCP-compatible IDEs, or custom tooling to a broad reverse engineering backend through the [Model Context Protocol](https://modelcontextprotocol.io/).\n\n---\n\n## Table of Contents\n\n- [Features](#features)\n- [Quick Start](#quick-start)\n - [Docker Installation](#docker-installation-alternative)\n- [IDE \u0026 Client Setup](#ide--client-setup)\n - [How It Connects (Important)](#how-it-connects-important)\n - [Claude Desktop](#1-claude-desktop)\n - [Claude Code (CLI)](#2-claude-code-cli)\n - [VS Code (GitHub Copilot)](#3-vs-code-github-copilot)\n - [Cursor](#4-cursor)\n - [Windsurf (Codeium)](#5-windsurf-codeium)\n - [Continue.dev](#6-continuedev)\n - [Zed](#7-zed)\n - [Custom / Other Clients](#8-custom--other-clients)\n - [Universal Setup Script](#universal-setup-script)\n- [Configuration](#configuration)\n- [Tool Availability](#tool-availability)\n- [Architecture](#architecture)\n- [Security Model](#security-model)\n- [Testing](#testing)\n- [Scripts \u0026 Automation](#scripts--automation)\n- [Usage Examples](#usage-examples)\n- [Performance \u0026 Limitations](#performance--limitations)\n- [Troubleshooting](#troubleshooting)\n- [Contributing](#contributing)\n- [License](#license)\n\n---\n\n## Features\n\n### Static Analysis (8 tools)\n- **Binary Parsing:** PE/ELF/Mach-O via LIEF with hash computation and suspicious indicator detection\n- **Disassembly:** Multi-backend support including Capstone (always available), radare2, and objdump for x86/x64/ARM/MIPS/RISC-V\n- **String Extraction:** FLOSS integration, regex fallback, 17 classifier patterns (URLs, IPs, crypto, registry keys)\n- **Entropy Analysis:** Shannon entropy with sliding window, per-section analysis, and packing detection\n- **Symbol Extraction:** DWARF, PDB, LIEF universal; function prologue scanning for stripped binaries\n- **YARA Scanning:** Inline rules, file/directory rules, and community rules support\n- **Capa Integration:** ATT\u0026CK mapping, MBC behaviors, capability enumeration\n- **Decompilation:** Ghidra (headless), RetDec, Binary Ninja with caching\n\n### Dynamic Analysis (29 tools)\n- **GDB Adapter:** Full GDB/MI protocol with breakpoints, stepping, registers, memory, backtrace, and heap inspection\n- **LLDB Adapter:** Native SB API integration for macOS/Linux debugging\n- **Frida Adapter:** Spawn/attach, script injection, function interception, memory scan/dump, and RPC exports\n- **Code Coverage:** DynamoRIO drcov, Frida Stalker block tracing, and coverage analysis\n\n### Android RE (24 tools)\n- **APK Parsing:** Manifest extraction, permission analysis, component enumeration, and resource inspection\n- **DEX Analysis:** Class/method listing, bytecode stats, and string extraction\n- **Decompilation:** jadx/apktool integration, smali disassembly/assembly/patching\n- **Native Binary Analysis:** ARM/AArch64 .so analysis with JNI detection\n- **Device Interaction:** ADB bridge with 12 actions (logcat, install, shell, dumpsys, screenshot)\n- **Frida for Android:** Root bypass, crypto hooking, SSL pinning bypass, API tracing, and memory dump\n- **Traffic Interception:** tcpdump/mitmproxy integration with SSL key extraction\n- **Repack and Sign:** APK rebuild with smali patches, zipalign + apksigner\n- **Security Scanners:** MobSF, Quark-Engine, Semgrep, and manifest vulnerability detection\n\n### Cross-Platform RE Tools (7 tools)\n- **Rizin/r2:** Automated analysis with 13 actions and binary diffing\n- **GDB Enhanced:** Heap analysis, ROP gadget finding, exploit helpers (pattern create/find, checksec)\n- **QEMU:** User-mode emulation (4 actions) and full system emulation (5 actions)\n\n### Exploit Development (11 tools)\n- **ROP Chain Builder:** Multi-architecture gadget finding (x86/x64/ARM/ARM64) with semantic classification, automatic chain generation for execve/mprotect/syscalls, bad-char avoidance, and pwntools script generation\n- **Heap Exploitation:** Malloc chunk analysis, bin classification (tcache/fastbin/smallbin/largebin), fake chunk generation, safe-linking encode/decode for glibc 2.32+, and technique templates (House of Force, Tcache Poisoning, Fastbin Dup, Unsafe Unlink)\n- **Libc Database:** Symbol/offset extraction, libc identification from leaked addresses, ASLR defeat helpers (base calculation, GOT-to-libc, PLT-to-GOT), and one-gadget RCE finder\n- **Shellcode:** Generation, encoding, bad-char analysis, extraction, and emulation testing\n- **Format String:** Offset calculation, write payload generation, GOT overwrite, and address leaking\n\n### Anti-Analysis (2 tools)\n- **Detection:** Scan for anti-debug, anti-VM, anti-tamper, and packing indicators\n- **Bypass Generation:** Frida/GDB/patch/LD_PRELOAD scripts for ptrace, IsDebuggerPresent, timing, and VM checks\n\n### Malware Analysis (4 tools)\n- **Triage:** Multi-hash, IoC extraction, suspicious import scoring, and risk assessment\n- **Sandbox Queries:** VirusTotal, Hybrid Analysis, and MalwareBazaar API integration\n- **YARA Generation:** Auto-generate YARA rules from binary artifacts\n- **Config Extraction:** C2 URLs, IPs, domains, encryption keys, and mutexes\n\n### Firmware RE (3 tools)\n- **Extraction:** binwalk scan/extract, entropy analysis, and filesystem identification\n- **Vulnerability Scanning:** Hardcoded credentials, known CVEs, unsafe functions, and weak crypto\n- **Base Address Detection:** String reference analysis for firmware base address recovery\n\n### Protocol RE (3 tools)\n- **PCAP Analysis:** tshark-based with 8 actions (summary, flows, DNS, HTTP, TLS, filter, export, IoC)\n- **Protocol Dissection:** Binary structure inference, field boundary detection, and pattern analysis\n- **Protocol Fuzzing:** Mutation-based, boundary testing, field-specific, and template fuzzing\n\n### Unpacking (4 tools)\n- **Packer Detection:** UPX, Themida, VMProtect, ASPack, PECompact, MPRESS, and more\n- **UPX Unpacking:** Static unpacking with automatic backup\n- **Dynamic Unpacking:** Frida-based memory dump with OEP detection\n- **PE Rebuild:** Fix section alignments, imports, and entry point after memory dump\n\n### Deobfuscation (3 tools)\n- **String Deobfuscation:** XOR brute force, ROT variants, Base64, RC4, and stack string reconstruction\n- **Control Flow Flattening Detection:** OLLVM-style CFF pattern identification\n- **Opaque Predicate Detection:** Always-true/false branch identification\n\n### Symbolic Execution (4 tools)\n- **angr Integration:** Path exploration, constraint solving, CFG generation, and vulnerability scanning\n- **Triton DSE:** Dynamic symbolic execution with concrete and symbolic state\n\n### Binary Format Specializations (4 tools)\n- **APK/DEX:** Android analysis including manifest, permissions, native libs, and DEX parsing\n- **.NET IL:** Assembly metadata, type/method listing, and IL disassembly\n- **Java Class:** Class file parsing, javap integration, and bytecode disassembly\n- **WebAssembly:** WASM section parsing, import/export extraction, and disassembly\n\n### Utilities (8 tools)\n- **Hex Tools:** Hexdump, pattern search (IDA-style wildcards), and binary diff\n- **Crypto:** Hashing (MD5/SHA/TLSH/ssdeep), XOR analysis, and crypto constant scanning\n- **Patching:** Binary patching with backup and NOP-sled support\n- **Network:** PCAP analysis with protocol stats, DNS extraction, and C2 beacon detection\n\n### Admin (2 tools)\n- **Server Status:** Version, tool count, cache stats, rate limit stats, and available tools\n- **Cache Management:** View stats, clear cache, and invalidate specific entries\n\n---\n\n## Quick Start\n\n### Prerequisites\n\n- Python 3.11 or later\n- Linux recommended (macOS and WSL2 supported)\n- `pip` (or `uv` / `pipx` for isolated installs)\n\n### Install\n\n```bash\n# Clone\ngit clone https://github.com/president-xd/revula.git\ncd revula\n\n# Option 1: Automated install (recommended)\nbash scripts/install/install_all.sh\n\n# Option 2: Manual install\npip install -e .\n\n# Option 3: Install with all optional dependencies\npip install -e \".[full]\"\n\n# Verify installation\npython scripts/test/validate_install.py\n```\n\nThe automated installer handles Python version checks, dependency installation, external tool detection, and configuration file generation.\n\n### Verify What's Available\n\n```bash\npython -c \"from revula.config import get_config, format_availability_report; print(format_availability_report(get_config()))\"\n```\n\nThis prints a table showing which external tools and Python modules are detected on your system.\n\n### Docker Installation (Alternative)\n\nRevula can be run in Docker for an isolated, stdio-only environment with core and common optional dependencies pre-configured:\n\n```bash\n# Build the Docker image\ndocker build -t revula:latest .\n\n# Quick test\ndocker run --rm --entrypoint python revula:latest -c \"import revula; print(revula.__version__)\"\ndocker run --rm --entrypoint python revula:latest -c \"from revula.server import _register_all_tools; from revula.tools import TOOL_REGISTRY; _register_all_tools(); print(TOOL_REGISTRY.count())\"\n\n# Run in stdio mode (for local MCP clients)\ndocker run -i --rm -v $(pwd)/workspace:/workspace -v revula-data:/root/.revula revula:latest\n\n# Revula transport is stdio-only (no HTTP/SSE mode)\n# Run it attached to your MCP client process\n# (for Docker usage, run your MCP client inside the same container/environment)\n```\n\n**What's included in the Docker image:**\n- All core Python dependencies (capstone, LIEF, pefile, yara)\n- angr symbolic execution engine\n- Frida dynamic instrumentation\n- Ghidra headless analyzer\n- GDB/LLDB, radare2, rizin (+ rz-diff), binutils\n- ADB and Android tools (apktool, jadx, aapt, apksigner, smali/baksmali)\n- FLARE tools (FLOSS, capa)\n- RetDec, CFR, Detect-It-Easy (diec), DynamoRIO (drrun), UPX\n- Exploit tooling (msfvenom, one_gadget), checksec, mono tools (monodis/ikdasm), llvm-pdbutil\n- Network analysis tools (tcpdump, tshark, capinfos)\n\n**Testing the Docker build:**\n```bash\n./scripts/docker/test.sh\n```\n\nFor complete Docker documentation (stdio mode, volumes, compose usage, and troubleshooting), see **[DOCKER.md](DOCKER.md)**.\n\n**Note on Docker vs Native:**\n- Docker provides an isolated environment with core tooling pre-installed\n- Native installation offers better performance and direct system access\n- Choose based on your security and portability requirements\n\n---\n\n## IDE \u0026 Client Setup\n\n### How It Connects (Important)\n\n**Revula uses stdio transport only.** The server reads JSON-RPC from stdin and writes to stdout. Every MCP client listed below launches revula as a local subprocess. There is no HTTP server, no SSE endpoint, and no remote connection.\n\n**What this means for you:**\n- Revula must be installed on the **same machine** where your IDE/client runs.\n- If you use a remote server or Docker, you must run both the client and revula inside the same environment (or use SSH piping; see [Custom / Other Clients](#8-custom--other-clients)).\n- Every client below uses the same `revula` command. The only difference is _where_ you put the config.\n\n### Before You Start\n\nMake sure revula is installed and the command works:\n\n```bash\n# Should print the MCP protocol handshake (Ctrl+C to exit)\nrevula\n\n# If you installed in a venv, activate it first:\nsource /path/to/venv/bin/activate\nrevula\n\n# Or use the full path:\n/path/to/venv/bin/revula\n```\n\nIf `revula` is not in your PATH, use the full path in every config below.\n\n---\n\n### 1. Claude Desktop\n\n**Status:** Fully supported. This is the primary client.\n\n**Config file locations:**\n\n| Platform | Path |\n|----------|------|\n| Linux | `~/.config/Claude/claude_desktop_config.json` |\n| macOS | `~/Library/Application Support/Claude/claude_desktop_config.json` |\n| Windows | `%APPDATA%\\Claude\\claude_desktop_config.json` |\n| WSL2 | `/mnt/c/Users/\u003cYOU\u003e/AppData/Roaming/Claude/claude_desktop_config.json` |\n\n**Option A: Automatic setup (recommended)**\n\n```bash\npython scripts/setup/setup_claude_desktop.py\n```\n\nThis auto-detects your OS, finds the config file, and merges the revula entry. It creates a backup first.\n\n**Option B: Manual setup**\n\nAdd to your `claude_desktop_config.json`:\n\n```json\n{\n \"mcpServers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": []\n }\n }\n}\n```\n\nIf revula is in a virtualenv:\n\n```json\n{\n \"mcpServers\": {\n \"revula\": {\n \"command\": \"/home/you/venvs/revula/bin/revula\",\n \"args\": []\n }\n }\n}\n```\n\nIf using `uvx` (zero-install):\n\n```json\n{\n \"mcpServers\": {\n \"revula\": {\n \"command\": \"uvx\",\n \"args\": [\"revula\"]\n }\n }\n}\n```\n\n**After editing:** Quit and reopen Claude Desktop. Check the MCP tools icon to confirm 116 tools are available.\n\n---\n\n### 2. Claude Code (CLI)\n\n**Status:** Fully supported.\n\n**Option A: CLI command (recommended)**\n\n```bash\nclaude mcp add revula -- revula\n```\n\nClaude Code will start revula as a subprocess when needed.\n\n**Option B: Manual config**\n\nEdit `~/.claude.json` (or `~/.claude/settings.json` depending on version):\n\n```json\n{\n \"mcpServers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": []\n }\n }\n}\n```\n\n---\n\n### 3. VS Code (GitHub Copilot)\n\n**Status:** Supported. Requires GitHub Copilot extension with MCP support (VS Code 1.99+).\n\n**Important:** MCP support in VS Code is available through the GitHub Copilot Chat extension. Make sure you have:\n- VS Code 1.99 or later\n- GitHub Copilot extension installed and active\n- MCP enabled in settings: `\"chat.mcp.enabled\": true`\n\n**Option A: Workspace config (already included in this repo)**\n\nThis repo ships with `.vscode/mcp.json`:\n\n```json\n{\n \"servers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": [],\n \"env\": {}\n }\n }\n}\n```\n\nJust open this project in VS Code and Copilot will discover the MCP server automatically.\n\n**Option B: User-level config (global, all projects)**\n\nOpen VS Code settings (`Ctrl+,`) β†’ search \"mcp\" β†’ edit `settings.json`:\n\n```json\n{\n \"chat.mcp.enabled\": true,\n \"mcp\": {\n \"servers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": [],\n \"env\": {}\n }\n }\n }\n}\n```\n\n**Option C: Create `.vscode/mcp.json` in any project**\n\nCopy the file from this repo or create it manually:\n\n```bash\nmkdir -p .vscode\ncat \u003e .vscode/mcp.json \u003c\u003c 'EOF'\n{\n \"servers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": [],\n \"env\": {}\n }\n }\n}\nEOF\n```\n\n**After editing:** Reload VS Code window (`Ctrl+Shift+P` β†’ \"Developer: Reload Window\"). The MCP tools should appear in Copilot Chat.\n\n---\n\n### 4. Cursor\n\n**Status:** Supported. Cursor has built-in MCP support.\n\n**Config file:** `~/.cursor/mcp.json` (global) or `.cursor/mcp.json` (per-project).\n\nThis repo ships with `.cursor/mcp.json` for per-project use.\n\n**Option A: Per-project (already included)**\n\nThe `.cursor/mcp.json` in this repo:\n\n```json\n{\n \"mcpServers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": []\n }\n }\n}\n```\n\n**Option B: Global config**\n\n```bash\nmkdir -p ~/.cursor\ncat \u003e ~/.cursor/mcp.json \u003c\u003c 'EOF'\n{\n \"mcpServers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": []\n }\n }\n}\nEOF\n```\n\n**After editing:** Restart Cursor. Check Settings β†’ MCP to verify revula appears.\n\n---\n\n### 5. Windsurf (Codeium)\n\n**Status:** Supported. Windsurf Cascade supports MCP servers.\n\n**Config file:** `~/.codeium/windsurf/mcp_config.json`\n\n```bash\nmkdir -p ~/.codeium/windsurf\ncat \u003e ~/.codeium/windsurf/mcp_config.json \u003c\u003c 'EOF'\n{\n \"mcpServers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": []\n }\n }\n}\nEOF\n```\n\n**After editing:** Restart Windsurf. The Cascade panel should show revula tools.\n\n---\n\n### 6. Continue.dev\n\n**Status:** Supported. Continue has MCP support in recent versions.\n\n**Config file:** `~/.continue/config.json`\n\nAdd to your existing `config.json`:\n\n```json\n{\n \"mcpServers\": [\n {\n \"name\": \"revula\",\n \"command\": \"revula\",\n \"args\": []\n }\n ]\n}\n```\n\nIf you use `config.yaml`:\n\n```yaml\nmcpServers:\n - name: revula\n command: revula\n args: []\n```\n\n**After editing:** Restart your IDE. Continue should detect the MCP server.\n\n---\n\n### 7. Zed\n\n**Status:** Supported. Zed has native MCP support via context servers.\n\n**Config file:** `~/.config/zed/settings.json` (Linux/macOS)\n\nAdd to your `settings.json`:\n\n```json\n{\n \"context_servers\": {\n \"revula\": {\n \"command\": \"revula\",\n \"args\": []\n }\n }\n}\n```\n\n**After editing:** Restart Zed. The context server should appear in the Assistant panel.\n\n---\n\n### 8. Custom / Other Clients\n\n**Any MCP client that supports stdio transport will work with revula.** The protocol is standard JSON-RPC over stdin/stdout.\n\n**Direct invocation:**\n\n```bash\n# Start the server (reads from stdin, writes to stdout, logs to stderr)\nrevula\n```\n\n**Over SSH (remote machine):**\n\n```bash\n# Run revula on a remote machine with stdio piped through SSH\nssh user@remote-host revula\n```\n\n**In Docker:**\n\n```dockerfile\nFROM python:3.11-slim\nRUN pip install revula\n# The entrypoint speaks stdio MCP\nENTRYPOINT [\"revula\"]\n```\n\n```bash\ndocker build -t revula .\n# Use docker as the command in your client config:\n# \"command\": \"docker\", \"args\": [\"run\", \"-i\", \"--rm\", \"revula\"]\n```\n\n**Python client (programmatic):**\n\n```python\nimport asyncio\nfrom mcp import ClientSession, StdioServerParameters\nfrom mcp.client.stdio import stdio_client\n\nasync def main():\n server_params = StdioServerParameters(command=\"revula\", args=[])\n async with stdio_client(server_params) as (read, write):\n async with ClientSession(read, write) as session:\n await session.initialize()\n tools = await session.list_tools()\n print(f\"Connected: {len(tools.tools)} tools available\")\n # Call a tool\n result = await session.call_tool(\"re_entropy\", {\"binary_path\": \"/bin/ls\"})\n print(result)\n\nasyncio.run(main())\n```\n\n---\n\n### Universal Setup Script\n\nConfigure any client with one command:\n\n```bash\n# Interactive: pick a client from the menu\npython scripts/setup/setup_ide.py\n\n# Configure a specific client\npython scripts/setup/setup_ide.py --client vscode\npython scripts/setup/setup_ide.py --client cursor\npython scripts/setup/setup_ide.py --client claude-desktop\npython scripts/setup/setup_ide.py --client windsurf\npython scripts/setup/setup_ide.py --client zed\n\n# Configure all detected clients at once\npython scripts/setup/setup_ide.py --all\n\n# Print all configs without writing files (review first)\npython scripts/setup/setup_ide.py --print-only\n\n# Override the command (e.g., full path to venv)\npython scripts/setup/setup_ide.py --client cursor --command \"/home/you/venv/bin/revula\"\n```\n\nThe script auto-detects how to run revula (PATH, uvx, or python -m), creates backups before writing, and merges into existing configs.\n\n---\n\n## Configuration\n\n### Config File\n\nCreate `~/.revula/config.toml` (or use the interactive generator):\n\n```bash\npython scripts/setup/setup_config_toml.py\n```\n\nExample configuration:\n\n```toml\n[tools.ghidra_headless]\npath = \"/opt/ghidra/support/analyzeHeadless\"\n\n[tools.radare2]\npath = \"/usr/bin/radare2\"\n\n[tools.jadx]\npath = \"/usr/local/bin/jadx\"\n\n[tools.retdec_decompiler]\npath = \"/usr/local/bin/retdec-decompiler\"\n\n[security]\nmax_memory_mb = 512\ndefault_timeout = 60\nmax_timeout = 600\nallowed_dirs = [\"/home/user/samples\", \"/tmp/analysis\"]\n\n[rate_limit]\nenabled = true\nglobal_rpm = 120\nper_tool_rpm = 30\nburst_size = 10\n\n[tool_naming]\nnamespace = \"revula\"\ninclude_legacy_names = false\n\n[execution]\nsubprocess_retries = 1\nsubprocess_retry_backoff_ms = 250\n```\n\n### Environment Variables\n\nEnvironment variables override config file values:\n\n```bash\nexport GHIDRA_HEADLESS=/opt/ghidra/support/analyzeHeadless # Ghidra headless binary\nexport RADARE2_PATH=/usr/bin/radare2 # radare2 binary\nexport RIZIN_PATH=/usr/local/bin/rizin # rizin binary\nexport RETDEC_PATH=/usr/local/bin/retdec-decompiler # RetDec decompiler binary\nexport RZ_DIFF_PATH=/usr/local/bin/rz-diff # rizin diff tool\nexport MSFVENOM_PATH=/usr/bin/msfvenom # metasploit payload generator\nexport REVULA_DEFAULT_TIMEOUT=120 # Subprocess timeout (seconds)\nexport REVULA_MAX_MEMORY_MB=1024 # Memory limit (MB)\nexport REVULA_GLOBAL_RPM=240 # Global tool-call rate limit\nexport REVULA_PER_TOOL_RPM=60 # Per-tool rate limit\nexport REVULA_BURST_SIZE=20 # Token bucket burst size\nexport REVULA_TOOL_NAMESPACE=revula # Public MCP tool prefix\nexport REVULA_INCLUDE_LEGACY_TOOL_NAMES=false # Expose deprecated re_* aliases\nexport REVULA_SUBPROCESS_RETRIES=2 # Retry transient subprocess failures\nexport REVULA_SUBPROCESS_RETRY_BACKOFF_MS=400 # Initial retry backoff (ms)\n```\n\n---\n\n## Tool Availability\n\nrevula degrades gracefully. Tools that depend on missing backends return clear error messages instead of crashing. Here is what each category needs:\n\n| Category | Always Available | Needs External Tool | Needs Python Module |\n|----------|-----------------|--------------------|--------------------|\n| **Static** | PE/ELF parsing, entropy, strings | `objdump`, `radare2`, `ghidra`, `retdec`, `floss`, `capa` | `capstone` βœ“, `lief` βœ“, `pefile` βœ“, `yara` βœ“ |\n| **Dynamic** | | `gdb`, `lldb` | `frida` |\n| **Android** | APK manifest/DEX parsing (via zipfile) | `jadx`, `apktool`, `adb`, `zipalign`, `apksigner`, `tcpdump` | `frida`, `quark-engine` |\n| **Platform** | | `rizin`, `radare2`, `gdb`, `qemu-user`, `qemu-system-*` | `r2pipe`, `binaryninja` |\n| **Exploit** | ROP chain builder, heap analysis, libc database, format string helpers | | `capstone` βœ“, `pwntools`, `keystone-engine` |\n| **Anti-Analysis** | Pattern scanning (via `lief` + `capstone`) | | |\n| **Malware** | File hashing, IoC extraction, risk scoring | | `yara` βœ“, `ssdeep`, `tlsh` |\n| **Firmware** | | `binwalk`, `sasquatch` | |\n| **Protocol** | Binary protocol dissection, fuzzing | `tshark` | `scapy` |\n| **Unpacking** | Packer signature detection | `upx` | `frida` |\n| **Deobfuscation** | XOR/ROT/Base64 deobfuscation | | `capstone` βœ“ |\n| **Symbolic** | | | `angr`, `triton` (source-build only; tool auto-enables when installed) |\n| **Binary Formats** | | `aapt`, `javap`, `monodis`, `wasm2wat` | |\n| **Utilities** | Hex dump, binary diff, patching | `tshark` | `scapy`, `ssdeep`, `tlsh` |\n\nβœ“ = included in core dependencies (always installed).\n\n### Installing Optional Dependencies\n\n```bash\n# Frida (dynamic instrumentation)\npip install frida frida-tools\n\n# angr (symbolic execution, large install ~2 GB)\npip install angr\n\n# radare2 bindings\npip install r2pipe\n\n# Fuzzy hashing\npip install ssdeep tlsh\n\n# Network analysis\npip install scapy\n\n# Everything at once\npip install -e \".[full]\"\n```\n\n### Installing External Tools (Debian/Ubuntu/Kali)\n\n```bash\n# Core analysis/tooling from distro repos\nsudo apt install gdb binutils binwalk checksec apksigner mono-utils mono-devel ruby-full llvm-19\n\n# Android RE\nsudo apt install apktool jadx android-sdk adb zipalign\n\n# Network\nsudo apt install tshark\n\n# For full optional toolchain coverage (radare2/rizin/upx/drrun/msfvenom/retdec/diec/cfr),\n# use the maintained installer:\nbash scripts/install/install_all.sh\n```\n\n---\n\n## Architecture\n\n```\nsrc/revula/ # 19,400+ LOC across 63 Python files\nβ”œβ”€β”€ __init__.py # Version (__version__ = \"0.1.0\")\nβ”œβ”€β”€ config.py # Tool detection, TOML config, env var loading\nβ”œβ”€β”€ sandbox.py # Secure subprocess execution, path validation\nβ”œβ”€β”€ session.py # Session lifecycle manager (debuggers, Frida)\nβ”œβ”€β”€ server.py # MCP server entrypoint (stdio transport)\nβ”œβ”€β”€ cache.py # LRU result cache with TTL\nβ”œβ”€β”€ rate_limit.py # Token-bucket rate limiter\n└── tools/\n β”œβ”€β”€ __init__.py # Tool registry + @register_tool decorator\n β”œβ”€β”€ static/ # 8 files: PE/ELF, disasm, strings, entropy, symbols, YARA, capa, decompile\n β”œβ”€β”€ dynamic/ # 4 files: GDB, LLDB, Frida, coverage\n β”œβ”€β”€ android/ # 9 files: APK, DEX, decompile, native, device, frida, traffic, repack, scanners\n β”œβ”€β”€ platform/ # 3 files: Rizin, GDB-enhanced, QEMU\n β”œβ”€β”€ exploit/ # 5 files: ROP builder, heap exploitation, libc database, shellcode, format strings\n β”œβ”€β”€ antianalysis/ # 1 file: anti-debug/VM detection and bypass generation\n β”œβ”€β”€ malware/ # 1 file: triage, sandbox queries, YARA gen, config extraction\n β”œβ”€β”€ firmware/ # 1 file: extraction, vuln scanning, base address detection\n β”œβ”€β”€ protocol/ # 1 file: PCAP analysis, protocol dissection, fuzzing\n β”œβ”€β”€ deobfuscation/ # 1 file: string deobfuscation, CFF, opaque predicates\n β”œβ”€β”€ unpacking/ # 1 file: packer detection, UPX, dynamic unpack, PE rebuild\n β”œβ”€β”€ symbolic/ # 1 file: angr + Triton\n β”œβ”€β”€ binary_formats/ # 1 file: .NET, Java, WASM\n β”œβ”€β”€ utils/ # 4 files: hex, crypto, patching, network\n └── admin/ # 1 file: server status, cache management\n```\n\n### How It Works\n\n1. **Startup.** `server.py` loads `config.py`, which probes the system for external tools (via `shutil.which`) and Python modules (via `importlib.util.find_spec`). Results are cached in a `ServerConfig` singleton.\n\n2. **Tool Registration.** Each tool file uses `@TOOL_REGISTRY.register()` to declare its name, description, input/output schemas, annotations, and async handler. Tools self-register on import.\n\n3. **Request Dispatch.** When a `tools/call` request arrives, the server resolves namespaced aliases, validates arguments (Pydantic-first with JSON Schema fallback), checks rate limits, checks cache eligibility, dispatches the handler, and returns protocol-level `isError` metadata.\n\n4. **Subprocess Execution.** All external tool invocations go through `sandbox.safe_subprocess()`, which enforces `shell=False`, sets `RLIMIT_AS` and `RLIMIT_CPU`, validates paths, and captures stdout/stderr.\n\n5. **Result Caching.** Deterministic operations (disassembly, parsing) are cached with a configurable TTL. Mutating operations (patching, Frida injection) bypass the cache automatically.\n\n6. **Session Management.** Long-lived debugger and Frida sessions are tracked by `SessionManager`, with automatic cleanup after 30 minutes of idle time.\n\n### Infrastructure Components\n\n| Component | Purpose | Key Detail |\n|-----------|---------|------------|\n| **ResultCache** | Avoid redundant subprocess calls | LRU, 256 entries, 10-minute TTL |\n| **RateLimiter** | Prevent resource exhaustion | Token-bucket with config/env overrides |\n| **ToolRegistry** | Decorator-based tool dispatch | Annotations + strict schema hardening + structured errors |\n| **SessionManager** | Debugger/Frida persistence | Auto-cleanup after 30 min idle |\n| **sandbox.py** | Secure execution layer | `shell=False`, RLIMIT enforcement, path validation |\n\n---\n\n## Security Model\n\nrevula operates on the principle that **user-supplied arguments are untrusted**. The following hardening measures are applied:\n\n### Subprocess Isolation\n\n- **No `shell=True`:** Every subprocess call uses `shell=False` with explicit argument lists. This is enforced by a CI test (`test_no_shell_true`) that scans every source file.\n- **No `eval()` / `exec()`:** No dynamic code evaluation of user input.\n- **No f-string injection:** User-supplied values are never interpolated into `python3 -c` code strings. Values are passed via `sys.argv`, `stdin`, or environment variables. Enforced by `test_no_fstring_in_subprocess_python_code`.\n- **JavaScript escaping:** All user-controlled values interpolated into Frida JavaScript strings pass through `_js_escape()`, which escapes backslashes, quotes, newlines, and other injection vectors.\n- **Resource limits:** Every subprocess gets `RLIMIT_AS` (512 MB default) and `RLIMIT_CPU` (60 s default) via `resource.setrlimit()`.\n- **Timeout enforcement:** `asyncio.wait_for()` wraps all subprocess calls.\n\n### Path Validation\n\n- **Fail-closed:** `validate_path()` rejects all paths when no `allowed_dirs` are configured (falls back to `get_config().security.allowed_dirs`). It does not silently pass.\n- **Traversal blocked:** `..` components are rejected after `os.path.realpath()` resolution.\n- **Absolute paths required:** Relative paths are rejected.\n- **Validated everywhere:** All file-accepting tool handlers call `validate_path()` before any file I/O.\n\n### Frida Hardening\n\n- **Script size limit:** Frida scripts are capped at 1 MB to prevent memory exhaustion.\n- **Memory dump limit:** Memory dumps are capped at 100 MB.\n- **JS injection prevention:** Class names, method names, module names, and other user-supplied values are escaped before interpolation into JavaScript templates.\n\n### Temporary Files\n\n- **No `tempfile.mktemp()`:** All temporary files use `tempfile.NamedTemporaryFile()` or `tempfile.mkdtemp()` to prevent TOCTOU race conditions.\n- **No hardcoded `/tmp` paths:** All temporary paths use the `tempfile` module.\n\n### Rate Limiting \u0026 Caching\n\n- **Global limit:** 120 requests per minute (configurable).\n- **Per-tool limit:** 30 requests per minute (configurable).\n- **Result cache policy:** fail-closed explicit opt-in per tool (`cacheable=True`); mutating/stateful tools are never cached by default.\n- **Session TTL:** Idle sessions auto-cleaned after 30 minutes.\n\n---\n\n## Testing\n\n```bash\n# Run full test suite\npython -m pytest tests/ --timeout=30\n\n# With coverage\npython -m pytest tests/ --cov=revula --cov-report=html --timeout=30\n\n# Verbose output\npython -m pytest tests/ -v --timeout=30\n\n# Specific test suites\npython -m pytest tests/test_infra.py -v # Cache, rate limiter, sessions\npython -m pytest tests/test_core.py -v # Config, sandbox, tool registry\npython -m pytest tests/test_static.py -v # Static analysis tools\npython -m pytest tests/test_android.py -v # Android module tests\npython -m pytest tests/test_exploit.py -v # ROP, heap, libc tools (32 tests)\npython -m pytest tests/test_tools_new.py -v # Exploit, malware, firmware, protocol, etc.\npython -m pytest tests/test_security.py -v # Security invariant tests\n\n# Using the test runner script\nbash scripts/test/run_tests.sh\n```\n\n### Test Categories\n\n| Suite | Tests | Covers |\n|-------|-------|--------|\n| `test_infra.py` | Cache, rate limiter, session manager | Infrastructure correctness |\n| `test_core.py` | Config loading, sandbox, tool registry | Core module behavior |\n| `test_static.py` | Entropy, hex, crypto, strings, symbols | Static analysis tools |\n| `test_android.py` | APK parse, DEX, device, Frida Android | Android module tests |\n| `test_tools_new.py` | Exploit, malware, firmware, protocol, antianalysis, platform, deobfuscation, symbolic, unpacking, binary formats | All remaining tool categories |\n| `test_security.py` | `shell=True` scan, injection scan, `mktemp` scan, hardcoded `/tmp` scan, path validation, JS escaping, shellcode validation | Security regression tests |\n\n### Security Tests\n\nThe `TestVulnerabilityHardeningV3` suite in `test_security.py` enforces:\n\n- **No f-string code injection:** Scans all source files for `\"-c\"` arguments containing f-strings.\n- **No `tempfile.mktemp()`:** Prevents TOCTOU race conditions.\n- **No hardcoded `/tmp/` paths:** Enforces use of the `tempfile` module.\n- **Fail-closed path validation:** Verifies `validate_path()` rejects paths when `allowed_dirs` is empty.\n- **Frida JS escaping:** Verifies `_js_escape()` blocks injection payloads.\n- **Shellcode hex validation:** Verifies non-hex input is rejected, not passed to subprocess.\n\n---\n\n## Scripts \u0026 Automation\n\nPrimary automation scripts live in `scripts/`:\n\n### Installation\n\n| Script | Purpose |\n|--------|---------|\n| `scripts/install/install_all.sh` | Master installer: Python check, deps, external tools, config |\n| `scripts/install/install_verify.sh` | Post-install verification: checks all dependencies and paths |\n\n### Setup\n\n| Script | Purpose |\n|--------|---------|\n| `scripts/setup/setup_ide.py` | Universal IDE/client configurator for Claude Desktop, VS Code, Cursor, Windsurf, Zed, and Continue |\n| `scripts/setup/setup_claude_desktop.py` | Claude Desktop-specific auto-configurator (legacy, still functional) |\n| `scripts/setup/setup_config_toml.py` | Interactive config.toml generator |\n| `scripts/setup/setup_android_device.sh` | Prepare an Android device for RE (root, frida-server, certs) |\n\n### Testing \u0026 Development\n\n| Script | Purpose |\n|--------|---------|\n| `scripts/test/run_tests.sh` | Run full test suite with coverage |\n| `scripts/test/validate_install.py` | Comprehensive installation validator |\n| `scripts/dev/add_tool.py` | Scaffold a new tool module (creates file, registers, adds test) |\n| `scripts/dev/lint_and_type.sh` | Run ruff + mypy |\n| `scripts/utils/download_frida_server.py` | Download frida-server for a target architecture |\n\n### Docker\n\n| Script | Purpose |\n|--------|---------|\n| `scripts/docker/test.sh` | Automated Docker build and stdio-oriented smoke checks |\n| `scripts/docker/validate.sh` | Docker configuration validation |\n\n---\n\n## Usage Examples\n\n### Static Analysis: Analyze a PE Binary\n\nAsk Claude: *\"Analyze this binary for me: /home/user/samples/malware.exe\"*\n\nBehind the scenes, Claude can call:\n1. `re_pe_elf` to parse PE headers, sections, imports, and exports\n2. `re_strings` to extract and classify strings (URLs, IPs, crypto constants)\n3. `re_entropy` to check for packing (high entropy sections)\n4. `re_yara_scan` to scan with YARA rules\n5. `re_capa_scan` to map to ATT\u0026CK techniques\n\n### Dynamic Analysis: Debug with GDB\n\nAsk Claude: *\"Debug /home/user/crackme and find the password check\"*\n\nClaude can orchestrate:\n1. `re_gdb` with action `start` to launch the binary under GDB\n2. `re_disasm` to disassemble key functions\n3. `re_gdb` with action `breakpoint` to set breakpoints at comparison instructions\n4. `re_gdb` with action `continue` and `registers` to run and inspect state\n\n### Android: Reverse an APK\n\nAsk Claude: *\"Analyze this APK for security issues: /home/user/app.apk\"*\n\nClaude can call:\n1. `re_apk_parse` to extract manifest, permissions, and components\n2. `re_dex_analyze` to list classes and find suspicious methods\n3. `re_android_decompile` to decompile with jadx\n4. `re_android_scanner` to run security scanners\n5. `re_antianalysis_detect` to check for anti-tampering\n\n### Malware Triage\n\nAsk Claude: *\"Triage this suspected malware sample\"*\n\nClaude can call:\n1. `re_malware_triage` for hashes, IoCs, import analysis, and risk score\n2. `re_malware_config` to extract C2 URLs and encryption keys\n3. `re_malware_yara_gen` to generate a YARA rule for the sample\n4. `re_malware_sandbox` to query VirusTotal/Hybrid Analysis\n\n### Exploit Development\n\nAsk Claude: *\"Build a ROP chain to call execve('/bin/sh') in this binary\"*\n\nClaude can orchestrate:\n1. `re_rop_gadgets` to find useful gadgets (pop rdi, pop rsi, syscall) with semantic classification\n2. `re_rop_chain` to automatically build an execve chain with proper register setup\n3. `re_libc_offsets` to extract system/execve/binsh offsets from libc\n4. `re_aslr_defeat` to calculate base addresses from leaked pointers\n5. `re_heap_chunk` to analyze malloc chunks and bin classification for heap exploits\n6. `re_heap_technique` to get templates for House of Force, Tcache Poisoning, etc.\n\n---\n\n## Performance \u0026 Limitations\n\n### What Works Well Without Optional Dependencies\n\nWith just the core install (`pip install -e .`), you get full functionality for:\n- PE/ELF/Mach-O parsing and header analysis\n- Multi-architecture disassembly (via Capstone)\n- String extraction and classification\n- Shannon entropy analysis and packing detection\n- YARA rule scanning\n- Binary patching\n- Hex dump and pattern search\n- File hashing (MD5, SHA-1, SHA-256)\n- ROP gadget finding and chain building (via Capstone)\n- Heap exploitation helpers (chunk analysis, bin classification, safe-linking)\n- Libc database tools (symbol extraction, offset calculation, ASLR defeat)\n- Format string payload calculation\n- XOR/ROT/Base64 deobfuscation\n- Anti-analysis pattern detection\n\n### What Needs External Tools\n\nThese tools produce clear \"tool not found\" errors when backends are missing:\n- **Decompilation** requires Ghidra, RetDec, or Binary Ninja\n- **Dynamic analysis** requires GDB, LLDB, or Frida\n- **Android RE** requires jadx, apktool, and ADB\n- **Symbolic execution** requires angr (large dependency, ~2 GB)\n- **Network analysis** requires tshark or scapy\n- **Firmware extraction** requires binwalk\n\n### Performance Expectations\n\n- **Startup:** ~1 second (probes system for available tools via `shutil.which` and `importlib.util.find_spec`)\n- **Static analysis:** Sub-second for most operations on files under 100 MB\n- **Disassembly:** Capstone disassembles ~1 MB/s; radare2 adds full analysis overhead\n- **Subprocess calls:** Each external tool invocation has ~50-200 ms overhead from process spawn\n- **Caching:** Result caching is explicit opt-in per tool; unless enabled, calls execute fresh\n- **Rate limiting:** 120 requests/minute global, 30/minute per tool (configurable)\n\n### Known Limitations\n\n1. **No Windows native support.** Designed for Linux. macOS works for most tools. Windows requires WSL2.\n2. **stdio transport only.** There is no HTTP/SSE server. Revula must run on the same machine as your IDE (or be piped via SSH/Docker). This is a deliberate design choice for security: MCP over stdio is simpler and avoids exposing a network socket.\n3. **No GUI.** This is a headless MCP server. Use Claude Desktop, VS Code Copilot, Cursor, or another MCP client for the interface.\n4. **Large binary analysis.** Files over 500 MB may hit the default memory limit (512 MB). Increase via `REVULA_MAX_MEMORY_MB`.\n5. **angr install size.** The `angr` optional dependency is ~2 GB and takes several minutes to install.\n6. **Frida version coupling.** Frida client and server versions must match exactly. Use `scripts/utils/download_frida_server.py` to get the right version.\n7. **Single-user design.** The server handles one MCP client at a time via stdio. There is no multi-tenant isolation. Each IDE/client spawns its own server process.\n8. **IDA Pro integration.** Requires IDA Pro with the REST API plugin. Not included.\n\n---\n\n## Troubleshooting\n\n### Server Won't Start\n\n```bash\n# Check Python version (need 3.11+)\npython --version\n\n# Check MCP is installed\npython -c \"import mcp; print(mcp.__version__)\"\n\n# Run and capture server logs from stderr\nrevula 2\u003e revula.log\ntail -f revula.log\n```\n\n### Tool Says \"not found\"\n\n```bash\n# Check what's available\npython -c \"from revula.config import get_config, format_availability_report; print(format_availability_report(get_config()))\"\n\n# The report shows βœ“/βœ— for every external tool and Python module.\n# Install what you need and restart the server.\n```\n\n### Path Validation Errors\n\n```\nError: Path /some/path is not within allowed directories\n```\n\nAdd the directory to your config:\n\n```toml\n[security]\nallowed_dirs = [\"/home/user/samples\", \"/tmp/analysis\", \"/some/path\"]\n```\n\nAlternatively, set the value via environment variable. The server will use the config file's `allowed_dirs` as a fallback.\n\n### Rate Limit Exceeded\n\n```\nError: Rate limit exceeded for tool re_disasm\n```\n\nRate limits are currently initialized from code defaults (`global_rpm=120`, `per_tool_rpm=30`, `burst_size=10`).\nIf you need different limits, adjust `RateLimitConfig(...)` in `src/revula/server.py` and restart.\n\n### Frida Connection Issues\n\n```bash\n# Check Frida version match\nfrida --version\nfrida-server --version # on device\n\n# Download matching server\npython scripts/utils/download_frida_server.py --arch arm64\n```\n\n### Tests Failing\n\n```bash\n# Run with verbose output\npython -m pytest tests/ -v --timeout=30 --tb=long\n\n# Clear bytecode cache (fixes stale imports)\nfind . -type d -name __pycache__ -exec rm -rf {} + 2\u003e/dev/null\npython -m pytest tests/ --timeout=30\n```\n\n### Android Device Not Detected\n\n```bash\n# Run the device setup script\nbash scripts/setup/setup_android_device.sh\n\n# Manual check\nadb devices\nadb shell id # should show root or shell\n```\n\n---\n\n## Contributing\n\n### Adding a New Tool\n\nUse the scaffold generator:\n\n```bash\npython scripts/dev/add_tool.py\n```\n\nThis creates the tool file, registers it in the category `__init__.py`, and generates a test stub.\n\n### Code Quality\n\n```bash\n# Lint and type-check\nbash scripts/dev/lint_and_type.sh\n\n# Run full test suite\npython -m pytest tests/ --timeout=30 -q\n\n# Validate install\npython scripts/test/validate_install.py\n```\n\n### Guidelines\n\n- Every tool handler is `async` and returns `list[dict]` (MCP content blocks).\n- All subprocess calls go through `sandbox.safe_subprocess()`.\n- All file paths must be validated via `sandbox.validate_path()`.\n- No `shell=True`, no `eval()`, no f-string interpolation into subprocess code.\n- Every new tool needs at least one test.\n\n---\n\n## License\n\nReleased under the GNU General Public License. See [LICENSE](LICENSE) for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpresident-xd%2Frevula","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpresident-xd%2Frevula","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpresident-xd%2Frevula/lists"}