Reversecore_MCP exposes a comprehensive enterprise-grade MCP server designed for AI-powered reverse engineering. It provides extensive static and dynamic analysis capabilities, including file type detection, string extraction, decompilation with Ghidra, and Radare2-based disassembly, all orchestrated through natural language commands. The server also includes advanced malware analysis features (IOC extraction, YARA scanning, adaptive defense tooling) and monitors health and performance for enterprise deployments. To use it, start the Python server (for example with python server.py) and connect MCP clients or the built-in web dashboard via the configured transport. The documentation emphasizes a docker-ready workflow and a client configuration example for Cursor AI to interact with the reversecore-mcp container, transferring files into a mounted workspace and performing analysis inside the container environment.

Prerequisites

• Python 3.10+ installed on your system
• Optional: Docker, if you prefer the Docker-based workflow
• Access to required tools referenced by the server (e.g., Ghidra is supported via installation scripts as described in the repo)

Installation steps

1. Clone the repository: git clone https://github.com/your-org/Reversecore_MCP.git cd Reversecore_MCP

2. (Recommended) Install dependencies for the Python server

   • Create a virtual environment (optional but recommended): python -m venv venv source venv/bin/activate # Linux/macOS venv\Scripts\activate # Windows

   • Install Python dependencies (adjust if a requirements.txt exists): pip install -r requirements.txt

3. Configure environment variables (example):

   • Create a .env file or export variables: export MCP_TRANSPORT=http export MCP_API_KEY=your-secret-key

     Additional optional envs as needed by the server

4. Run the server: python server.py

5. Optional Docker path (quick-start):

   • Use the provided docker-compose setup or run scripts to build and start the container. Follow the Docker Quick Start section in the README for architecture detection and container orchestration.

Tips and notes:

• The server is designed to run inside a container; when analyzing files inside the workspace, only use the filename (not the full host path) as the workspace is mounted inside the container (example: run_file("sample.exe") instead of a full path).
• If you enable the web dashboard, ensure MCP_TRANSPORT is set appropriately (http) and consider configuring MCP_API_KEY for access control.
• Ghidra integration requires a compatible environment. If you use the automatic installer, Ghidra will be placed under the Tools directory and GHIDRA_INSTALL_DIR will be set accordingly.
• For Cursor AI client usage, follow the provided MCP client configuration examples to point to the reversecore-mcp image and mount your workspace correctly.
• Monitor health and performance with the included health checks and metrics endpoints, and leverage the auto-recovery features for transient failures.