MCP Servers

模型上下文协议服务器、框架、SDK 和模板的综合目录。

I
Ida Pro MCP Multi
作者 @QYmag1c
GitHub 仓库(1 星标)

MCP server by QYmag1c

创建于 1/27/2026
更新于 28 days ago
README
View Source
Repository documentation and setup instructions

IDA Pro MCP Multi

English | 中文

📌 Based on: This project is developed based on mrexodia/ida-pro-mcp, extending it with multi-instance support and vulnerability scanning capabilities.

A powerful MCP Server for AI-assisted reverse engineering in IDA Pro, with support for analyzing multiple binaries simultaneously.

Why This Project?

The original ida-pro-mcp is an excellent tool for AI-assisted reverse engineering, but we encountered limitations in real-world scenarios:

Problem 1: Single Instance Limitation

When reverse engineering complex software, you often need to analyze multiple related binaries:

  • A main executable (main.exe)
  • Multiple DLLs/shared libraries (helper.dll, crypto.dll, etc.)
  • Third-party libraries

The original project only supports one IDA instance at a time, making cross-binary analysis tedious and inefficient.

Problem 2: No Built-in Vulnerability Detection

Security researchers need to quickly identify potentially dangerous code patterns. Manually searching for vulnerable function calls is time-consuming.

New Features

🔗 Multi-Instance Support

Analyze multiple binaries simultaneously with a Gateway architecture:

AI Client ──MCP──> Gateway (port 13337) ──> IDA Instance 1 (main.exe, port 13338)
                                        ──> IDA Instance 2 (helper.dll, port 13339)
                                        ──> IDA Instance 3 (crypto.dll, port 13340)

How It Works:

  1. The first IDA instance automatically starts a Gateway Server (port 13337)
  2. Each subsequent IDA instance registers with the Gateway and gets a unique port
  3. AI clients connect to the Gateway, which routes requests to the appropriate instance

Instance Management Tools:

| Tool | Description | |------|-------------| | list_instances() | List all registered IDA instances | | switch_instance(target) | Switch the default target instance (by ID or binary name) | | get_current_instance() | Get info about the current default instance | | check_instance_health(target) | Check if an instance is responding | | open_library(name) | Auto-search and open a library file in a new IDA instance |

Auto-Open Library:

When analyzing a program that uses external libraries, you can ask AI to open them automatically:

  • Searches the current directory and subdirectories for the library file
  • Auto-detects architecture (x86/x64/ARM)
  • Opens in IDA Pro with automatic analysis (no dialogs)
  • MCP plugin starts automatically after loading

Targeting Specific Instances:

Most tools accept an optional target parameter:

{
  "method": "decompile",
  "params": {
    "addr": "0x401000",
    "target": "helper.dll"
  }
}

Legacy Mode:

To disable multi-instance support:

IDA_MCP_LEGACY=1

🔍 Vulnerability Scanning

Comprehensive vulnerability scanning to identify potentially dangerous function calls with advanced detection:

Tools:

| Tool | Description | |------|-------------| | vuln_scan(output_dir, categories, min_risk) | Scan binary for vulnerabilities, returns summary | | vuln_scan_details(category, limit, offset, risk_level) | Get detailed findings for a specific category | | vuln_scan_function(addr) | Scan a specific function for vulnerability patterns | | vuln_categories() | List all vulnerability categories and associated functions |

Supported Vulnerability Categories (11 categories, 150+ dangerous functions):

| Category | Dangerous Functions | Description | |----------|---------------------|-------------| | Format String | printf, sprintf, scanf, snprintf, syslog, etc. | Non-constant format strings, %s without width limit | | Buffer Overflow | strcpy, memcpy, gets, recv, fread, etc. | Unbounded copies, controllable sizes, %s in scanf | | Command Injection | system, popen, exec*, CreateProcess, ShellExecute, etc. | Non-constant commands | | Integer Overflow | malloc, calloc, realloc, alloca, VirtualAlloc, etc. | Potentially overflowing sizes | | Use After Free | free, delete, HeapFree, VirtualFree, etc. | Potential UAF/double-free | | Path Traversal | fopen, open, CreateFile, CopyFile, etc. | Controllable paths | | SQL Injection | sqlite3_exec, mysql_query, PQexec, etc. | Non-constant SQL queries | | Unchecked Return | malloc, setuid, setgid, chdir, etc. | Missing return value checks | | Race Condition | access, stat, lstat, etc. | TOCTOU vulnerabilities | | Information Leak | write, send, sendto, fwrite, etc. | Potentially leaking data | | Signed Comparison | strncmp, memcmp, memchr, etc. | Size parameters with signed comparison |

Detection Features:

  • Format String Analysis: Checks for non-constant format strings AND dangerous %s specifiers without width limits
  • strlen Check: Detects if strlen() was called before unbounded copy operations
  • Return Value Check: Verifies if return values from malloc/setuid/etc. are properly validated
  • MSVC Secure Functions: Handles _s suffix variants (strcpy_s, sprintf_s, etc.)
  • glibc Fortified Functions: Handles _chk suffix variants (__printf_chk, __memcpy_chk, etc.)
  • Risk Assessment: High/Medium/Low/Info based on parameter controllability

Workflow:

  1. Ask AI to "scan for vulnerabilities"
  2. AI calls vuln_scan() to get a summary by category and risk level
  3. Review the summary and select categories for deep analysis
  4. AI uses vuln_scan_details(category) and decompile() to analyze specific findings

Note: Detailed results are saved to .ida-mcp-vuln/ folder to minimize token usage.

Prerequisites

  • IDA Pro (8.3 or higher, 9 recommended)
  • Any MCP-compatible client (Claude, Cursor, VS Code, Roo Code, etc.)

Installation

For Users Who Have Installed the Original ida-pro-mcp

If you have previously installed the original ida-pro-mcp, you need to uninstall it first and then force reinstall:

# Uninstall old versions
"D:\your\path\to\ida\python311\python.exe" -m pip uninstall -y ida-pro-mcp ida-pro-mcp-multi

# Force reinstall the new version
"D:\your\path\to\ida\python311\python.exe" -m pip install --no-cache-dir --force-reinstall --upgrade git+https://github.com/QYmag1c/ida-pro-mcp-multi

# Reinstall IDA plugin and configure MCP clients
"D:\your\path\to\ida\python311\Scripts\ida-pro-mcp.exe" --install

# View MCP configuration
"D:\your\path\to\ida\python311\Scripts\ida-pro-mcp.exe" --config

Then restart IDA Pro and your MCP client.

Fresh Installation

Step 1: Install MCP Package

Open a terminal in IDA's Python directory and run:

# Navigate to IDA's Python directory
cd "D:\your\path\to\ida\python311"

# Install the MCP package
python.exe -m pip install --upgrade git+https://github.com/QYmag1c/ida-pro-mcp-multi

Step 2: Install IDA Plugin and Configure MCP Clients

# Install IDA plugin and configure MCP clients
"D:\your\path\to\ida\python311\Scripts\ida-pro-mcp.exe" --install

# View MCP configuration for manual setup
"D:\your\path\to\ida\python311\Scripts\ida-pro-mcp.exe" --config

Note: Replace D:\your\path\to\ida with your actual IDA Pro installation path.

Step 3: Restart

Important: Restart IDA Pro and your MCP client completely for the installation to take effect.

Verify Installation

  1. Open IDA Pro and load a binary
  2. Go to Edit → Plugins → MCP (or press Ctrl+Alt+M)
  3. You should see [MCP] Server started in the output window

Architecture

src/ida_pro_mcp/
├── server.py              # MCP server + instance management tools
├── gateway.py             # Gateway Server for multi-instance routing
├── ida_mcp.py             # IDA plugin loader (registers with Gateway)
└── ida_mcp/
    ├── api_core.py        # Core functions (decompile, disasm, etc.)
    ├── api_analysis.py    # Analysis operations
    ├── api_vuln.py        # Vulnerability scanning (NEW)
    ├── api_memory.py      # Memory operations
    ├── api_types.py       # Type operations
    ├── api_modify.py      # Modification operations
    ├── api_stack.py       # Stack frame operations
    ├── api_debug.py       # Debugger operations
    └── ...

All Available Tools

This project includes all tools from the original project, plus the new multi-instance and vulnerability scanning features.

Instance Management (NEW)

  • list_instances(), switch_instance(), get_current_instance(), check_instance_health()

Vulnerability Scanning (NEW)

  • vuln_scan(), vuln_scan_details(), vuln_scan_function(), vuln_categories()

Core Functions

  • lookup_funcs(), int_convert(), list_funcs(), list_globals(), imports(), decompile(), disasm(), xrefs_to(), callees()

Modification Operations

  • set_comments(), patch_asm(), declare_type(), rename()

Memory Operations

  • get_bytes(), get_int(), get_string(), get_global_value(), patch(), put_int()

Analysis Operations

  • py_eval(), analyze_funcs(), find_regex(), find_bytes(), find_insns(), find(), basic_blocks(), callgraph()

Type Operations

  • set_type(), infer_types(), read_struct(), search_structs()

Stack Operations

  • stack_frame(), declare_stack(), delete_stack()

Debugger Operations (requires --unsafe flag)

  • dbg_start(), dbg_exit(), dbg_continue(), dbg_step_into(), dbg_step_over(), etc.

Acknowledgments

License

MIT License - See LICENSE for details.

快速设置
此服务器的安装指南

安装包 (如果需要)

uvx ida-pro-mcp-multi

Cursor 配置 (mcp.json)

{ "mcpServers": { "qymag1c-ida-pro-mcp-multi": { "command": "uvx", "args": [ "ida-pro-mcp-multi" ] } } }