Reversecore_mcp
@sjkim1127
About Reversecore_mcp
A security-first MCP server that empowers AI agents to perform automated reverse engineering, malware analysis, forensics, vulnerability research, and SAST — powered by Radare2, YARA, LIEF, Capstone, and more.
Basic information
Config
Add this server to your MCP-compatible client using the configuration below.
{
"mcpServers": {
"reversecore": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-v",
"C:/Reversecore_Workspace:/app/workspace",
"-e",
"REVERSECORE_WORKSPACE=/app/workspace",
"-e",
"MCP_TRANSPORT=stdio",
"reversecore-mcp"
]
}
}
}Tools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Reversecore_MCP?
Reversecore_MCP is an enterprise-grade Model Context Protocol server that transforms AI assistants like Claude and Cursor into expert-level security research workstations. It integrates 50+ analysis tools across static analysis, dynamic triage, malware analysis, vulnerability research, SAST, digital forensics, and reporting.
How to use Reversecore_MCP?
Run the Docker container (recommended) or build from source, then connect any MCP-compatible AI client via stdio or HTTP/SSE transport. Configure workspace and environment variables as needed.
Key features of Reversecore_MCP
- 50+ tools for static, dynamic, malware, and forensic analysis
- Natural language interface – describe tasks, server invokes tools
- Guided analysis prompts with expert personas and Chain-of-Thought
- MITRE ATT&CK technique mapping with evidence classification
- Persistent AI memory store via async SQLite
- Built-in security model with input sanitization and path validation
Use cases of Reversecore_MCP
- Malware triage and IOC extraction with automated reporting
- Vulnerability research using symbolic execution and binary diffing
- Digital forensics on memory dumps, disk images, and network captures
- Firmware analysis for IoT/embedded devices
- Source code auditing for Python, C, and C++ projects
FAQ from Reversecore_MCP
What are the runtime requirements?
Python 3.10–3.12, or Docker. Underlying tools include Radare2, r2ghidra, YARA, LIEF, Capstone, Volatility3, and others – all bundled in the Docker image.
How does it connect to AI clients?
Via the Model Context Protocol over stdio or HTTP/SSE. Any MCP-compatible client (e.g., Claude, Cursor) can use it.
What analysis tools are included?
Over 50 tools across seven categories: static analysis, disassembly/decompilation, cross-referencing, dynamic/symbolic analysis, malware detection, session reporting, and digital forensics.
Is there a security model?
Yes – the server includes input sanitization, path validation, a Radare2 connection pool, and a resilience layer with retry/circuit-breaker patterns.
Can I generate reports with MITRE ATT&CK mapping?
Yes – use create_analysis_report with modes like full, triage, ioc_summary, or executive, and map techniques via add_session_mitre.
More Other MCP servers
Nginx UI
0xJackyYet another WebUI for Nginx
Awesome-MCP-ZH
yzflyMCP 资源精选, MCP指南,Claude MCP,MCP Servers, MCP Clients
ICSS
chokcoco不止于 CSS
MCP Registry
modelcontextprotocolA community driven registry service for Model Context Protocol (MCP) servers.

EverArt
modelcontextprotocolModel Context Protocol Servers
Comments