// MCP TOOL REFERENCE

GHIDRA TOOLS

27 tools from the Ghidra MCP Server, categorised by risk level.

View the Ghidra policy →

READ TOOLS

19
decompile_function Decompile a function by name to C-like code 2/5 decompile_function_by_address Decompile a function at a given address 2/5 disassemble_function Get raw disassembly for a function 2/5 get_current_address Get the currently selected address in Ghidra 2/5 get_current_function Get the currently selected function in Ghidra 2/5 get_function_by_address Retrieve function info for a given address 2/5 get_function_xrefs Get cross-references for a named function 2/5 get_xrefs_from Get cross-references from an address 2/5 get_xrefs_to Get cross-references pointing to an address 2/5 list_classes List all classes defined in the binary 2/5 list_data_items List labelled data items with pagination 2/5 list_exports List all exported symbols 2/5 list_functions List all functions in the binary 2/5 list_imports List all imported symbols 2/5 list_methods List all methods/functions in the binary 2/5 list_namespaces List all namespaces in the binary 2/5 list_segments List all memory segments in the binary 2/5 list_strings List all strings found in the binary 2/5 search_functions_by_name Search functions by name substring 2/5

WRITE TOOLS

8
rename_data Rename a data label at a given address 3/5 rename_function Rename a function by its current name 3/5 rename_function_by_address Rename a function by its memory address 3/5 rename_variable Rename a local variable within a function 3/5 set_decompiler_comment Add a comment in the decompiler view 2/5 set_disassembly_comment Add a comment in the disassembly view 2/5 set_function_prototype Set the type signature of a function 3/5 set_local_variable_type Set the data type of a local variable 3/5
// FAQ
How many tools does the Ghidra MCP server have? +

The Ghidra MCP server exposes 27 tools across 2 categories: Read, Write.

How do I enforce policies on Ghidra tools? +

Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the Ghidra server.

What risk categories do Ghidra tools fall into? +

Ghidra tools are categorised as Read (19), Write (8). Each category has a recommended default policy.

Enforce policies on Ghidra

Open source. One binary. Zero dependencies.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.