ida-pro-mcp

# IDA Pro MCP Simple [MCP Server](https://modelcontextprotocol.io/introduction) to allow vibe reversing in IDA Pro. https://github.com/user-attachments/assets/6ebeaa92-a9db-43fa-b756-eececce2aca0 The binaries and prompt for the video are available in the [mcp-reversing-dataset](https://github.com/mrexodia/mcp-reversing-dataset) repository. ## Prerequisites - [Python](https://www.python.org/downloads/) (**3.11 or higher**) - Use `idapyswitch` to switch to the newest Python version - [IDA Pro](https://hex-rays.com/ida-pro) (8.3 or higher, 9 recommended), **IDA Free is not supported** - Supported MCP Client (pick one you like) - [Amazon Q Developer CLI](https://aws.amazon.com/q/developer/) - [Augment Code](https://www.augmentcode.com/) - [Claude](https://claude.ai/download) - [Claude Code](https://www.anthropic.com/code) - [Cline](https://cline.bot) - [Codex](https://github.com/openai/codex) - [Copilot CLI](https://docs.github.com/en/copilot) - [Crush](https://github.com/charmbracelet/crush) - [Cursor](https://cursor.com) - [Gemini CLI](https://google-gemini.github.io/gemini-cli/) - [Kilo Code](https://www.kilocode.com/) - [Kiro](https://kiro.dev/) - [LM Studio](https://lmstudio.ai/) - [Opencode](https://opencode.ai/) - [Qodo Gen](https://www.qodo.ai/) - [Qwen Coder](https://qwenlm.github.io/qwen-code-docs/) - [Roo Code](https://roocode.com) - [Trae](https://trae.ai/) - [VS Code](https://code.visualstudio.com/) - [Warp](https://www.warp.dev/) - [Windsurf](https://windsurf.com) - [Zed](https://zed.dev/) - [Other MCP Clients](https://modelcontextprotocol.io/clients#example-clients): Run `ida-pro-mcp --config` to get the JSON config for your client. ## Installation Install the latest version of the IDA Pro MCP package: ```sh pip uninstall ida-pro-mcp pip install https://github.com/mrexodia/ida-pro-mcp/archive/refs/heads/main.zip ``` Configure the MCP servers and install the IDA Plugin: ``` ida-pro-mcp --install ``` **Important**: Make sure you completely restart IDA and your MCP client for the installation to take effect. Some clients (like Claude) run in the background and need to be quit from the tray icon. https://github.com/user-attachments/assets/65ed3373-a187-4dd5-a807-425dca1d8ee9 _Note_: You need to load a binary in IDA before the plugin menu will show up. ## Prompt Engineering LLMs are prone to hallucinations and you need to be specific with your prompting. For reverse engineering the conversion between integers and bytes are especially problematic. Below is a minimal example prompt, feel free to start a discussion or open an issue if you have good results with a different prompt: ```md Your task is to analyze a crackme in IDA Pro. You can use the MCP tools to retrieve information. In general use the following strategy: - Inspect the decompilation and add comments with your findings - Rename variables to more sensible names - Change the variable and argument types if necessary (especially pointer and array types) - Change function names to be more descriptive - If more details are necessary, disassemble the function and add comments with your findings - NEVER convert number bases yourself. Use the `int_convert` MCP tool if needed! - Do not attempt brute forcing, derive any solutions purely from the disassembly and simple python scripts - Create a report.md with your findings and steps taken at the end - When you find a solution, prompt to user for feedback with the password you found ``` This prompt was just the first experiment, please share if you found ways to improve the output! Another prompt by [@can1357](https://github.com/can1357): ```md Your task is to create a complete and comprehensive reverse engineering analysis. Reference AGENTS.md to understand the project goals and ensure the analysis serves our purposes. Use the following systematic methodology: 1. **Decompilation Analysis** - Thoroughly inspect the decompiler output - Add detailed comments documenting your findings - Focus on understanding the actual functionality and purpose of each component (do not rely on old, incorrect comments) 2. **Improve Readability in the Database** - Rename variables to sensible, descriptive names - Correct variable and argument types where necessary (especially pointers and array types) - Update function names to be descriptive of their actual purpose 3. **Deep Dive When Needed** - If more details are necessary, examine the disassembly and add comments with findings - Document any low-level behaviors that aren't clear from the decompilation alone - Use sub-agents to perform detailed analysis 4. **Important Constraints** - NEVER convert number bases yourself - use the int_convert MCP tool if needed - Use MCP tools to retrieve information as necessary - Derive all conclusions from actual analysis, not assumptions 5. **Documentation** - Produce comprehensive RE/*.md files with your findings - Docu