$ timeahead.in
/ servers/pypi/ida-pro-mcp
pypi

ida-pro-mcp

AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.

10k stars2k/wkupdated 14d agogithub ↗
90good
▣ Overview

What it does

This server integrates IDA Pro, a commercial reverse engineering platform, with language models via MCP. It exposes IDA's analysis capabilities—disassembly, decompilation, and binary inspection—as tools that Claude and other LLM clients can use. Users can ask the model to analyze binaries, rename variables, add comments, and interpret disassembled code, with the LLM reading and modifying the IDA database in real time.

Who it's for

Security researchers, malware analysts, and reverse engineers with IDA Pro licenses who want AI-assisted analysis. Not for casual users—this requires a paid IDA Pro installation (IDA Free is unsupported) and Python 3.11 or higher.

Common use cases

  • Analyze crackmes or CTF challenges by asking the model to reason about decompiled code
  • Derive encryption keys or passwords from disassembly without manual calculation
  • Annotate binaries: rename functions, correct variable types, and add explanatory comments
  • Identify suspicious patterns in malware and understand control flow with AI assistance
  • Convert numeric literals between bases using tools rather than manual work

Setup pitfalls

  • IDA Free is not supported; requires IDA Pro 8.3 or later (9.x recommended)
  • Headless use (Claude Code, CLI clients) requires idalib activation via py-activate-idalib.py, which is OS-specific and one-time per environment
  • CI is currently failing—verify the repository for known issues and check stability before deploying to production
  • Both IDA and your MCP client must be fully restarted for configuration changes to take effect; some clients hide in system trays
▣ Score BreakdownMCPScore = Σ(raw × weight)
DimensionRawWeighted
Security
35%
100
35.0
Freshness
25%
100
25.0
Adoption
20%
78
15.7
Quality
10%
90
9.0
Trust
10%
50
5.0
Total
89.7
⚿ Capabilities & Risk Explainer
fs readfs writenetworkexecevalsecrets
◆ Risk level: high
fs read + fs write + network + exec + eval + secrets active — can execute code, access credentials, and make external network calls.
⚙ Install config
Claude Desktop · Cursor · Windsurf · VS Code (Copilot) · Claude Code
add to your MCP client config:
{
  "mcpServers": {
    "ida-pro-1": {
      "command": "uvx",
      "args": [
        "ida-pro-mcp"
      ]
    }
  }
}
📈 Score historylast 45 snapshots
5/10/20267/6/2026 · 45 snapshots
⚙ Maintenance health
39/ 100 · is this project alive?
contributors (1y)54
top contributor share48%
releases (1y)1
last release272d ago
ci⚠ failing
⛁ Raw data
weekly downloads2k
github stars10k
forks1k
open issues39
license✓ present
readme length13751 chars
last publish0d ago
last commit14d ago
last updated20h ago
install verified✓ pass · 50d ago
owner of this server? claim your listing to get a verified badgeclaim →
🔔 Score drop alerts
get notified by email when this server's score drops 5+ points