MCP.so
Sign In

Reversecore_mcp

@sjkim1127

About Reversecore_mcp

A security-first MCP server that empowers AI agents to perform automated reverse engineering, malware analysis, forensics, vulnerability research, and SAST — powered by Radare2, YARA, LIEF, Capstone, and more.

Basic information

Category

Other

License

MIT

Runtime

python

Transports

stdio

Publisher

sjkim1127

Submitted by

Kimsungjoo

Config

Add this server to your MCP-compatible client using the configuration below.

{
  "mcpServers": {
    "reversecore": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-v",
        "C:/Reversecore_Workspace:/app/workspace",
        "-e",
        "REVERSECORE_WORKSPACE=/app/workspace",
        "-e",
        "MCP_TRANSPORT=stdio",
        "reversecore-mcp"
      ]
    }
  }
}

Tools

No tools detected

We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.

Overview

What is Reversecore_MCP?

Reversecore_MCP is an enterprise-grade Model Context Protocol server that transforms AI assistants like Claude and Cursor into expert-level security research workstations. It integrates 50+ analysis tools across static analysis, dynamic triage, malware analysis, vulnerability research, SAST, digital forensics, and reporting.

How to use Reversecore_MCP?

Run the Docker container (recommended) or build from source, then connect any MCP-compatible AI client via stdio or HTTP/SSE transport. Configure workspace and environment variables as needed.

Key features of Reversecore_MCP

  • 50+ tools for static, dynamic, malware, and forensic analysis
  • Natural language interface – describe tasks, server invokes tools
  • Guided analysis prompts with expert personas and Chain-of-Thought
  • MITRE ATT&CK technique mapping with evidence classification
  • Persistent AI memory store via async SQLite
  • Built-in security model with input sanitization and path validation

Use cases of Reversecore_MCP

  • Malware triage and IOC extraction with automated reporting
  • Vulnerability research using symbolic execution and binary diffing
  • Digital forensics on memory dumps, disk images, and network captures
  • Firmware analysis for IoT/embedded devices
  • Source code auditing for Python, C, and C++ projects

FAQ from Reversecore_MCP

What are the runtime requirements?

Python 3.10–3.12, or Docker. Underlying tools include Radare2, r2ghidra, YARA, LIEF, Capstone, Volatility3, and others – all bundled in the Docker image.

How does it connect to AI clients?

Via the Model Context Protocol over stdio or HTTP/SSE. Any MCP-compatible client (e.g., Claude, Cursor) can use it.

What analysis tools are included?

Over 50 tools across seven categories: static analysis, disassembly/decompilation, cross-referencing, dynamic/symbolic analysis, malware detection, session reporting, and digital forensics.

Is there a security model?

Yes – the server includes input sanitization, path validation, a Radare2 connection pool, and a resilience layer with retry/circuit-breaker patterns.

Can I generate reports with MITRE ATT&CK mapping?

Yes – use create_analysis_report with modes like full, triage, ioc_summary, or executive, and map techniques via add_session_mitre.

Comments

More Other MCP servers