IDA Auto MCP Server

Local setup required. This server has to be cloned and prepared on your machine before you register it in Claude Code.
1

Set the server up locally

Run this once to clone and prepare the server before adding it to Claude Code.

Run in terminal
git clone https://github.com/mufeng05/ida-auto-mcp.git
cd ida-auto-mcp
pip install -e .
2

Register it in Claude Code

After the local setup is done, run this command to point Claude Code at the built server.

Run in terminal
claude mcp add -e "IDADIR=${IDADIR}" ida-auto-mcp -- python -m ida_auto_mcp --ida-dir "<FULL_PATH_TO_IDA_AUTO_MCP>/dist/index.js"

Replace <FULL_PATH_TO_IDA_AUTO_MCP>/dist/index.js with the actual folder you prepared in step 1.

Required:IDADIR
README.md

Headless IDA Pro MCP server for automated binary analysis

IDA Auto MCP

English | 中文

English

Headless IDA Pro MCP server that enables AI agents to automatically open, analyze, and query multiple binary files — no manual IDA GUI interaction required.

Why This Project?

Existing IDA MCP solutions (like ida-pro-mcp) require you to:

  1. Manually open IDA Pro GUI
  2. Manually activate the MCP plugin (Ctrl+Alt+M)
  3. Repeat for every binary you want to analyze

This makes multi-file analysis (e.g., a program with multiple DLLs) painful. IDA Auto MCP solves this by using IDA's headless idalib library, letting AI agents autonomously open and analyze any number of binaries.

Key Features

  • Fully Automatic — AI agents call open_binary("path/to/file.dll") to start analysis, no human in the loop
  • Multi-Binary Sessions — Open multiple binaries simultaneously, switch between them freely
  • Headless — Uses idalib (IDA as a library), no GUI needed
  • 36 Analysis Tools — Decompile, disassemble, xrefs, strings, imports, search, rename, and more
  • MCP Standard — Works with Claude Desktop, Claude Code, and any MCP-compatible client
  • Stdio + HTTP — Stdio transport for MCP clients, HTTP for debugging

Prerequisites

  1. IDA Pro 9.0+ (with valid license)
  2. idapro Python package — shipped with IDA Pro:
    pip install "<IDA_INSTALL_DIR>/idalib/python/idapro-9.0-py3-none-win_amd64.whl"
  3. IDADIR — set via environment variable or --ida-dir flag

Installation

git clone https://github.com/mufeng05/ida-auto-mcp.git
cd ida-auto-mcp
pip install -e .

Quick Start

Claude Code (`~/.claude.json`)
{
  "mcpServers": {
    "ida": {
      "command": "python",
      "args": ["-m", "ida_auto_mcp", "--ida-dir", "C:/Program Files/IDA Pro"],
      "env": {
        "IDADIR": "C:/Program Files/IDA Pro"
      }
    }
  }
}
Claude Desktop (`claude_desktop_config.json`)
{
  "mcpServers": {
    "ida": {
      "command": "python",
      "args": ["-m", "ida_auto_mcp", "--ida-dir", "C:/Program Files/IDA Pro"],
      "env": {
        "IDADIR": "C:/Program Files/IDA Pro"
      }
    }
  }
}
Command Line
# Start server (stdio mode, default)
python -m ida_auto_mcp

# Pre-load a binary on startup
python -m ida_auto_mcp C:/samples/target.exe

# HTTP mode for debugging
python -m ida_auto_mcp --transport http --port 8765

# Verbose logging
python -m ida_auto_mcp -v

Tools (36 total)

Session Management
Tool Description
open_binary Open a binary for analysis (auto-analysis included)
close_binary Close a session
switch_binary Switch active session
list_sessions List all open sessions
get_current_session Get active session info
Database
Tool Description
get_database_info Binary metadata (filename, arch, imagebase)
wait_analysis Wait for auto-analysis to complete
save_database Save IDA database to disk
Analysis
Tool Description
list_functions List/filter functions with pagination
get_function_info Detailed function info (prototype, size)
decompile_function Hex-Rays decompilation to C pseudocode
disassemble_function Assembly disassembly
get_xrefs_to Cross-references TO an address
get_xrefs_from Cross-references FROM an address
Data
Tool Description
list_strings Strings in the binary
search_strings Regex search in strings
list_imports Imported functions by module
list_exports Exported symbols
list_segments Memory segments/sections
Control Flow
Tool Description
get_callers Find all functions that call a given function
get_callees Find all functions called by a given function
get_callgraph Build call graph with depth control (BFS)
get_basic_blocks Get CFG basic blocks with successor/predecessor info
get_address_info Resolve address to segment/function/symbol context
Types & Structs
Tool Description
list_structs List structs/unions in the database
get_struct_info Get struct details with all member fields
get_stack_frame Get stack frame layout (locals, args)
list_entrypoints List binary entry points
get_globals List global variables
Search & Modify
Tool Description
search_bytes Byte pattern search with wildcards (48 89 5C ?? 57)
rename_address Rename function/address
set_comment Set disassembly comment
set_function_type Set function prototype
patch_bytes Patch bytes at an address (binary patching)
read_bytes Read raw bytes at address
run_script Execute arbitrary IDAPython code

Tools (5)

open_binaryOpen a binary for analysis (auto-analysis included)
close_binaryClose a session
decompile_functionHex-Rays decompilation to C pseudocode
list_functionsList/filter functions with pagination
patch_bytesPatch bytes at an address (binary patching)

Environment Variables

IDADIRrequiredThe installation directory of IDA Pro

Configuration

claude_desktop_config.json
{"mcpServers": {"ida": {"command": "python", "args": ["-m", "ida_auto_mcp", "--ida-dir", "C:/Program Files/IDA Pro"], "env": {"IDADIR": "C:/Program Files/IDA Pro"}}}}

Try it

Open the binary at C:/samples/malware.exe and list all imported functions.
Decompile the main function in the currently open binary and explain what it does.
Find all cross-references to the function at address 0x401000.
Search for the string 'password' in the binary and show me the surrounding code.
Patch the byte at 0x401234 with 0x90 and save the database.

Frequently Asked Questions

What are the key features of IDA Auto MCP?

Fully automatic headless analysis using idalib. Support for multi-binary sessions. 36 analysis tools including decompilation and cross-reference tracking. Compatible with Claude Desktop and Claude Code. Supports both Stdio and HTTP transport modes.

What can I use IDA Auto MCP for?

Automated reverse engineering of multi-file software projects. Rapid triage of malware samples without manual GUI interaction. Scripted binary patching and analysis workflows. Large-scale binary metadata extraction and reporting.

How do I install IDA Auto MCP?

Install IDA Auto MCP by running: git clone https://github.com/mufeng05/ida-auto-mcp.git && cd ida-auto-mcp && pip install -e .

What MCP clients work with IDA Auto MCP?

IDA Auto MCP works with any MCP-compatible client including Claude Desktop, Claude Code, Cursor, and other editors with MCP support.

Turn this server into reusable context

Keep IDA Auto MCP docs, env vars, and workflow notes in Conare so your agent carries them across sessions.

Need the old visual installer? Open Conare IDE.
Open Conare
View all other servers →

Related MCP Servers

Nuclear
Free, open-source music player without ads or tracking.
other17.1K stars
Domain Check
Fast domain availability checker with RDAP/WHOIS lookup and batch checking.
other253 stars
Ableton MCP Extended
Control Ableton Live using natural language via AI assistants
other142 stars
US Government Open Data MCP
MCP Server + TypeScript SDK for 40+ U.S. Government APIs
other90 stars
Garmin Connect
Access your fitness, health, and training data from MCP clients.
other71 stars
BinjaLattice MCP
Secure communication protocol for Binary Ninja and MCP servers
other61 stars