ghidra-mcp-zig
A Ghidra plugin that provides a bridge between Ghidra and a Zig-based MCP server for enhanced program analysis capabilities.
GitHub Stars
5
User Rating
Not Rated
Forks
0
Issues
0
Views
1
Favorites
0
README
Ghidra MCP Zig Plugin
A Ghidra plugin that provides a bridge between Ghidra and a Zig-based MCP server for enhanced program analysis capabilities.
Features
- JNI-based communication between Ghidra and Zig
- Function decompilation and renaming
- Data symbol management
- Import/Export listing
- MCP server integration
- Comprehensive test suite
- Modern build system with Zig
- Efficient memory management
- Type-safe JNI bridge implementation
- Go client library for easy integration
Prerequisites
- Zig (version 0.13.0 or later)
- Ghidra (version 11.3.1 or later)
- Java Development Kit (JDK) 17 or later
- Go (version 1.22.4 or later)
- Gradle (version 8.13 or later)
- Make
Project Structure
ghidra-mcp-zig/
├── src/
│ ├── plugin/
│ │ ├── jni/
│ │ │ └── bridge.zig # JNI interface implementation
│ │ ├── analysis.zig # Program analysis logic
│ │ └── plugin.zig # Plugin initialization
│ └── server/
│ └── main.zig # MCP server implementation
├── java/ # Ghidra plugin Java code
│ ├── build.gradle # Gradle build configuration
│ ├── gradlew # Gradle wrapper script
│ └── src/ # Java source files
├── pkg/
│ └── mcp/
│ └── client/ # Go MCP client library
│ ├── client.go # Client implementation
│ └── client_test.go # Client tests
├── build.zig # Build configuration
├── build.zig.zon # Dependencies configuration
├── go.mod # Go module definition
└── Makefile # Build automation
Dependencies
- zig-jni (v0.0.9) - JNI bindings for Zig
Building
Clone the repository:
git clone https://github.com/yourusername/ghidra-mcp-zig.git cd ghidra-mcp-zigCreate a
.envfile with the following variables:GHIDRA_PATH=/path/to/ghidra_11.3.1_PUBLIC/Ghidra/Features/Base/lib/Base.jar JAVA_HOME=/path/to/your/jdkBuild the project:
# Build everything make all # Or build specific components make build-server # Build the MCP server make build-plugin # Build the Ghidra pluginRun the server:
make run-server
Build Targets
| Target | Description | Example Usage |
|---|---|---|
all |
Build all components | make all |
build-server |
Build MCP server | make build-server |
build-plugin |
Build Ghidra plugin | make build-plugin |
clean |
Clean all artifacts | make clean |
clean-server |
Clean server artifacts | make clean-server |
clean-plugin |
Clean plugin artifacts | make clean-plugin |
Run Targets
| Target | Description | Example Usage |
|---|---|---|
run-server |
Start MCP server | make run-server |
run-plugin |
Start Ghidra plugin | make run-plugin |
Test Targets
| Target | Description | Example Usage |
|---|---|---|
test |
Run all tests | make test |
test-server |
Run server tests | make test-server |
test-plugin |
Run plugin tests | make test-plugin |
For a complete list of available targets, run:
make help
Installation
Build the plugin:
make build-pluginCopy the built plugin to your Ghidra plugins directory:
cp zig-out/lib/libghidra-mcp-zig.dylib /path/to/ghidra/Extensions/Ghidra/ghidra-mcp-zig/Restart Ghidra
Usage
- Start Ghidra and open a program for analysis
- The MCP plugin will be available in the Ghidra plugin manager
- Use the plugin's features through the Ghidra interface
Available MCP Commands
| Command | Description | Parameters |
|---|---|---|
decompile |
Decompile a function | address: u64 |
rename_function |
Rename a function | address: u64, new_name: string |
rename_data |
Rename a data object | address: u64, new_name: string |
list_functions |
List all functions | None |
list_data |
List all data objects | None |
list_imports |
List all imports | None |
list_exports |
List all exports | None |
Error Handling
The implementation includes comprehensive error handling with specific error types:
| Error Type | Description |
|---|---|
ConnectionError |
Connection-related errors |
MessageError |
Message handling errors |
ResponseError |
Response parsing errors |
InvalidAddress |
Invalid memory address |
InvalidFunction |
Invalid function reference |
InvalidData |
Invalid data reference |
DecompilationFailed |
Function decompilation failed |
RenameFailed |
Rename operation failed |
OutOfMemory |
Memory allocation failed |
InvalidProgram |
Invalid program state |
JNIError |
JNI bridge errors |
Development
Adding New Features
- Update the JNI interface in
src/plugin/jni/bridge.zig - Implement the corresponding functionality in
src/plugin/analysis.zig - Update the server implementation in
src/server/main.zigif needed - Rebuild and test
Debugging
- Use
make cleanto remove build artifacts - Check the Ghidra log for plugin-related messages
- The server logs will be available in the console when running with
make run-server
JNI Bridge Implementation
The JNI bridge provides a type-safe interface between Zig and Java:
- Memory management with proper allocation/deallocation
- JNI reference management with
DeleteLocalRef - Error handling with null checks
- Type conversion between Zig and Java types
- Array creation and element setting
- Object creation and field setting
Key Features
Memory Safety
- Automatic cleanup of JNI references
- Proper string handling with UTF-8 conversion
- Safe memory allocation and deallocation
Type Safety
- Strong typing for all JNI operations
- Compile-time type checking
- Safe type conversions
Error Handling
- Comprehensive error types
- Null checks for all JNI operations
- Proper cleanup on error
Object Management
- Safe object creation and destruction
- Field access with type checking
- Array handling with bounds checking
Contributing
- Fork the repository
- Create a feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
License
This project is licensed under the MIT License - see the LICENSE file for details.
Author Information
0
Followers
148
Repositories
12
Gists
2
Total Contributions
Top Contributors
Threads