playbooks

Home / MCP / IDA Pro MCP Server

IDA Pro MCP Server

Provides an MCP server to streamline interactive analysis and prompts for IDA Pro reverse engineering workflows.

python
5.0kstars
View on GitHub
Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
    "mcpServers": {
        "ida_pro_mcp": {
            "url": "http://127.0.0.1:8744/sse"
        }
    }
}

This MCP server enables IDA Pro to interact with a large language model-powered assistant for reverse engineering workflows. It provides automated tooling, stateful interactions, and convenient transports to connect with MCP clients while you analyze binaries inside IDA Pro.

How to use

You use this server by launching it and connecting your MCP client to the provided MCP endpoint. The server exposes a standard interface that your client can talk to, enabling you to run analysis tools, query decompiled information, and apply structured edits to your disassembly and decompiler views. Start by loading a binary into IDA Pro, then connect your MCP client to the server URL or via the local transport to begin interactive prompts, analysis actions, and result retrieval.

Typical usage patterns include initiating a decompilation analysis, requesting type information for local variables, and applying renames or type changes to improve readability. You can also invoke multi-step analysis flows, such as cross-referencing function calls, inspecting strings and constants, and generating a compact report of findings. Use the provided tools to perform these actions and iteratively refine your insights as you work through the binary.

How to install

Prerequisites you need to meet before installing the MCP server:

  • Python 3.11 or higher
  • IDA Pro 8.3 or higher (IDA Free is not supported)
  • A supported MCP client (examples listed in the client options)

Install the latest IDA Pro MCP package and set up the server components using the commands below. Run these in your system shell.

pip uninstall ida-pro-mcp
pip install https://github.com/mrexodia/ida-pro-mcp/archive/refs/heads/main.zip

Configure the MCP servers and install the IDA Plugin. Run this to install the plugin and prepare the server for use.

ida-pro-mcp --install

Important: After installation, completely restart IDA Pro and your MCP client to ensure the changes take effect. Some clients may run in the background and need to be manually quit before restarting.

You will typically load a binary in IDA Pro before the plugin menu becomes available.

Available tools

lookup_funcs

Get function(s) by address or name with auto-detection, accepting single or multiple queries.

int_convert

Convert numbers between decimal, hex, bytes, ASCII, and binary formats.

list_funcs

List functions with pagination and filters.

list_globals

List global variables with pagination and filters.

imports

List all imported symbols with their modules.

decompile

Decompile the function at a given address.

disasm

Disassemble a function with full details including arguments and stack frame.

xrefs_to

Get all cross-references to one or more addresses.

xrefs_to_field

Get cross-references to specific struct fields.

callees

List functions called by a given function or set of functions.

set_comments

Add comments to addresses in both disassembly and decompiler views.

patch_asm

Patch assembly instructions at the given addresses.

declare_type

Declare or update C types in the local type library.

get_bytes

Read raw bytes from a set of addresses.

get_int

Read integer values with specified type information.

get_string

Read null-terminated strings from memory.

get_global_value

Read values of global variables by address or name.

stack_frame

Retrieve stack frame variables for functions.

declare_stack

Create stack variables at specified offsets.

delete_stack

Remove stack variables by name.

read_struct

Read structure field values at specified addresses.

search_structs

Search for structures by name pattern.

find_regex

Search strings using a case-insensitive regular expression.

find_bytes

Find byte patterns in the binary.

find_insns

Find instruction sequences in code.

find

Advanced search for immediate values, strings, and references.

basic_blocks

Get basic blocks with their control flow information.

set_type

Apply types to functions, globals, locals, or stack variables.

infer_types

Infer types at addresses using heuristics or analysis tools.

export_funcs

Export functions in formats such as JSON, C headers, or prototypes.

callgraph

Build a call graph from root function(s) with configurable depth.

rename

Batch rename functions, globals, locals, and stack variables.

patch

Apply multiple patches to byte sequences.

put_int

Write integer values using specified types.

py_eval

Execute arbitrary Python code within the IDA context.

analyze_funcs

Perform comprehensive analysis across decompilation, assembly, strings, and references.

find_regex

Search for strings using regular expressions (case-insensitive).