Ap3x

Ap3x / BinaryAnalysis-MCP

Public

MCP server for analyzing PE, ELF, and Mach-O binaries using LIEF

ap3x.github.ioBinaryAnalysis-MCP binary-analysis malware-analysis mcp mcp-server reverse-engineering
10
0
100% credibility
Found Mar 01, 2026 at 10 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Python
AI Summary

A server that equips AI assistants with tools to inspect the structure, dependencies, headers, sections, exports, imports, libraries, and security features of PE, ELF, and Mach-O binary files.

How It Works

1
🔍 Discover the tool

You find a helpful companion for your AI assistant that can examine the inner workings of computer programs like executables.

2
📥 Bring it home

You download the files to your computer and prepare them with simple setup steps.

3
🔗 Connect to your AI

You add a quick note in your AI chat app's settings pointing it to this new helper.

4
🚀 Launch the helper

You start the service with one command, and it quietly waits ready to assist your AI.

5
🔬 Analyze a file

Tell your AI the full location of a program file, like notepad.exe, and ask it to check security, imports, or sections.

Get clear insights

Your AI delivers a neat breakdown of the file's format, libraries, security features, and more, making complex analysis feel simple and safe.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 10 to 10 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is BinaryAnalysis-MCP?

BinaryAnalysis-MCP is a Python MCP server that lets you analyze PE, ELF, and Mach-O binaries by passing absolute file paths to tools like get_binary_info for quick triage or get_binary_security for hardening checks. Built on LIEF for parsing and the MCP protocol over stdio, it auto-detects formats and returns structured JSON on headers, sections, imports, exports, libraries, and security flags. It's designed for seamless integration into MCP clients, turning binary analysis into simple AI prompts like "check imports on this exe."

Why is it gaining traction?

This MCP GitHub Python server stands out by packaging essential static analysis into MCP tools that plug right into Claude Desktop, Copilot in VSCode, or other MCP GitHub Copilot setups—no extra setup beyond a config tweak. Developers grab it for fast, format-agnostic insights like entropy per section or RELRO status, with limits to avoid overload, making it a lightweight alternative to full RE suites. Pairs nicely with tools like GhidraMCP for deeper dives, and MCP server examples in the README speed onboarding.

Who should use this?

Malware analysts triaging samples in Claude workflows, reverse engineers scouting imports and security flags before Ghidra, or security devs auditing binaries via MCP server AI in VSCode. Ideal for anyone with MCP GitHub registry access needing quick checks on suspicious files without spinning up Docker or heavy tools.

Verdict

Worth a spin for MCP server Python users analyzing binaries—docs, tests, and Claude configs are polished despite 10 stars and 1.0% credibility score. Still early; fork or watch MCP GitHub issues for maturity.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.