Back to Apps
Rogue Binary MCP
by kirkderp
Docker-packaged binary analysis lab for AI agents featuring reverse engineering, malware triage, and artifact comparison.
21 stars
2 views
Updated 8 days ago
Works in:claude
Exposes:Tools
What it does\nRogue Binary MCP provides a complete binary analysis environment inside Docker, exposing powerful tools for reverse engineering, malware triage, and binary diffing to AI agents. It minimizes the need for agents to manage complex local installations of analysis tools.\n\n## Tools\n- triage_binary: High-level analysis including hashes, imports, and function stats.\n- static_view: Cheap metadata extraction for PE, ELF, and Mach-O files.\n- ghidra_import: Cache-backed Ghidra project import for deep decompilation.\n- r2_function_view: Fast function-level context using radare2.\n- dotnet_decompile: Focused C# source recovery for managed .NET assemblies.\n- binary_diff: Comparison of related binary artifacts.\n\n## Installation\nAdd the following to your claude_desktop_config.json (replacing /absolute/path/to/samples with your actual samples folder):\n\n```json\n{\n "mcpServers": {\n "rbinmcp": {\n "command": "docker",\n "args": [\n "run",\n "--rm",\n "-i",\n "-v",\n "/absolute/path/to/samples:/samples:ro",\n "-v",\n "rbinmcp-cache:/cache/rbinmcp",\n "ghcr.io/kirkderp/rbinmcp:1.3.0"
]\n }\n }\n}\n```\n\n## Supported hosts\nConfirmed support for Claude Desktop and Claude Code.
Quick install
docker run --rm -i -v /absolute/path/to/samples:/samples:ro -v rbinmcp-cache:/cache/rbinmcp ghcr.io/kirkderp/rbinmcp:1.3.0Information
- Pricing
- free
- Published
