buspirate-mcp

MCP server for BusPirate 6 hardware security testing. Exposes UART, power supply, GPIO, and flash-dump operations as Model Context Protocol tools over stdio transport.

Built for use with Claude Code but works with any MCP client.

• UART probing -- detect baud rates, capture serial output, interact with debug consoles
• Power control -- voltage/current management with safety tiers
• GPIO control -- toggle pins for bootloader entry (ESP32, ESP8266, etc.)
• Flash extraction -- dump firmware through UART bridge via esptool
• Engagement logging -- timestamped raw logs, per-engagement folders, config.json

• Python 3.11+
• BusPirate 6 with BPIO2 binary mode enabled
• User in dialout group for serial access (sudo usermod -aG dialout $USER)

git clone --recurse-submodules https://github.com/mplogas/buspirate-mcp.git
cd buspirate-mcp
pip install -e ".[dev]"

Copy the example config and adjust paths for your machine:

cp .mcp.json.example .mcp.json
# Edit .mcp.json with the absolute path to your venv's python

The .mcp.json is gitignored since paths are machine-specific. Example config:

{
  "mcpServers": {
    "buspirate": {
      "command": "/path/to/.venv/bin/python",
      "args": ["-m", "buspirate_mcp"]
    }
  }
}

Set PIDEV_ENGAGEMENTS_DIR environment variable to control where engagement logs are written. Defaults to ./engagements/ relative to the package root.

| Tool | Safety Tier | Description | |---|---|---| | list_devices | read-only | Find BusPirate devices on USB | | verify_connection | read-only | Check for signal activity on pins | | scan_baud | read-only | Auto-detect baud rate | | read_output | read-only | Read UART data from target | | open_uart | allowed-write | Open persistent UART session with logging | | send_command | allowed-write | Send