mcp_reverse_engineering

A sandboxed MCP (Managed Computation Platform) tool for reverse engineering that provides a unified interface to various reverse engineering tools with security restrictions.

• Sandboxed Execution: All tools run in a restricted environment with timeouts, memory limits, and filesystem jail
• Unified Interface: Single interface to access multiple reverse engineering tools
• Configurable Tool Loading: Select which tools to enable via YAML configuration to avoid overwhelming LLM context windows
• Tool Categories:
• File Analysis: file, strings, hexdump, xxd
• Binary Analysis: objdump, readelf, ldd, strace, ltrace, upx, gdb, radare2, angr, ghidra, frida
• Firmware Analysis: binwalk, unsquashfs, sasquatch, jefferson, ubi_reader, unpackers, retdc, qemu
• Network Tools: curl, wget
• Advanced Capabilities:
• Radare2 AST queries
• Angry symbolic execution
• Ghidra headless decompilation
• Automatic unpacker detection
• Firmware filesystem detection
• Auto QEMU emulation
• Safety Features:
• Argument validation
• Execution sandbox with resource limits
• File workspace jail
• Tool output truncation
• Knowledge Base: Built-in documentation for all tools
• Testing: Unit and functional tests included

pip install -e .

Tools are configured via YAML files to control which tools are loaded. This prevents overwhelming LLM context windows by enabling only the tools you need.

Default config (tools_config.yaml): All tools disabled

Example configs:

• examples/minimal.yaml - Only file analysis tools (3 tools)
• examples/firmware.yaml - File + Binary + Firmware analysis
• examples/full.yaml - All 25 tools enabled

# Enable specific tool categories
settings:
  default_timeout: 300

categories:
  file_analysis:
    enabled: true
    tools:
      - file