Google Antigravity Directory

The #1 directory for Google Antigravity prompts, rules, workflows & MCP servers. Optimized for Gemini 3 agentic development.

Resources

PromptsMCP ServersAntigravity RulesGEMINI.md GuideBest Practices

Company

Submit PromptAntigravityAI.directory

Popular Prompts

Next.js 14 App RouterReact TypeScriptTypeScript AdvancedFastAPI GuideDocker Best Practices

Legal

Privacy PolicyTerms of ServiceContact Us
Featured on FazierVerified on Verified ToolsFeatured on WayfindioAntigravity AI - Featured on Startup FameFeatured on Wired BusinessFeatured on Twelve ToolsListed on Turbo0Featured on findly.toolsFeatured on Aura++That App ShowFeatured on FazierVerified on Verified ToolsFeatured on WayfindioAntigravity AI - Featured on Startup FameFeatured on Wired BusinessFeatured on Twelve ToolsListed on Turbo0Featured on findly.toolsFeatured on Aura++That App Show

© 2026 Antigravity AI Directory. All rights reserved.

The #1 directory for Google Antigravity IDE

This website is not affiliated with, endorsed by, or associated with Google LLC. "Google" and "Gemini" are trademarks of Google LLC.

Antigravity AI Directory
PromptsMCPBest PracticesUse CasesLearn
Home
MCP Servers
Ghidra MCP Server
cpu

Ghidra MCP Server MCP Server

Reverse engineering with Ghidra

ghidrareverse-engineeringbinarysecurity

About

## Ghidra MCP Server: Reverse Engineering and Binary Analysis The **Ghidra MCP Server** integrates NSA's powerful reverse engineering framework into Google Antigravity, enabling security researchers to analyze binaries, decompile code, and understand malware through intelligent automation. ### Why Ghidra MCP? - **Binary analysis** - Analyze executables, libraries, and firmware - **Decompilation** - Convert machine code to readable pseudo-C - **Pattern matching** - Find known vulnerabilities and code patterns - **Scripting automation** - Run Ghidra scripts programmatically - **Multi-architecture** - Support for x86, ARM, MIPS, and more ### Key Features #### 1. Binary Analysis ```python # Open and analyze binary analysis = await mcp.call("ghidra", "analyze_binary", { "file_path": "/samples/suspicious.exe", "analyze_options": { "decompiler": True, "aggressive_analysis": True, "find_strings": True } }) print(f"Architecture: {analysis[\"processor\"]}") print(f"Functions: {analysis[\"function_count\"]}") print(f"Imports: {len(analysis[\"imports\"])}") ``` #### 2. Decompilation ```python # Decompile specific function decomp = await mcp.call("ghidra", "decompile_function", { "program": "suspicious.exe", "function": "main" }) print(f"Decompiled code:\\n{decomp[\"c_code\"]}") # Get all function signatures functions = await mcp.call("ghidra", "list_functions", { "program": "suspicious.exe", "include_imports": False }) for func in functions[:10]: print(f"{func[\"address\"]}: {func[\"name\"]}({func[\"params\"]})") ``` #### 3. Pattern Searching ```python # Search for crypto constants patterns = await mcp.call("ghidra", "search_patterns", { "program": "malware.bin", "patterns": [ {"name": "AES S-box", "bytes": "637c777bf26b6fc5"}, {"name": "RC4 init", "bytes": "000102030405060708"} ] }) for match in patterns: print(f"Found {match[\"name\"]} at {match[\"address\"]}") # Find string references strings = await mcp.call("ghidra", "find_strings", { "program": "malware.bin", "min_length": 8, "filter": "http|socket|encrypt" }) ``` #### 4. Script Execution ```python # Run analysis script result = await mcp.call("ghidra", "run_script", { "program": "target.exe", "script": "FindCryptoConstants.py", "args": ["--verbose"] }) # Export function graph graph = await mcp.call("ghidra", "export_callgraph", { "program": "target.exe", "root_function": "main", "depth": 5, "format": "dot" }) ``` ### Configuration ```json { "mcpServers": { "ghidra": { "command": "npx", "args": ["-y", "@anthropic/mcp-ghidra"], "env": { "GHIDRA_HOME": "/opt/ghidra", "GHIDRA_PROJECT_DIR": "/projects", "GHIDRA_HEADLESS": "true" } } } } ``` ### Use Cases **Malware Analysis**: Reverse engineer malicious binaries to understand behavior. **Vulnerability Research**: Find buffer overflows and security flaws in binaries. **CTF Competitions**: Quickly analyze challenge binaries for capture-the-flag. **Firmware Analysis**: Examine IoT device firmware for security issues. The Ghidra MCP Server brings professional reverse engineering into your security research.

Installation

Configuration
{
  "mcpServers": {
    "ghidra": {
      "mcpServers": {
        "ghidra": {
          "args": [
            "ghidra-mcp"
          ],
          "command": "uvx"
        }
      }
    }
  }
}

How to Use

  1. 1Binary analysis
  2. 2Decompilation
  3. 3NSA Ghidra tool

Related MCP Servers

🧰

Toolhouse MCP

Universal AI tool platform that equips your AI with production-ready capabilities. Execute code, browse the web, manage files, send emails, and more through a unified MCP interface.

🔨

Smithery Registry MCP

The MCP server registry and discovery platform. Browse, search, and install MCP servers from the community. Find the perfect integrations for your AI development workflow.

🔍

MCP Inspector

Official debugging and testing tool for MCP servers. Inspect server capabilities, test tool calls, validate responses, and debug protocol communication in real-time.

← Back to All MCP Servers