// MCP TOOL REFERENCE

BINARY MCP SERVER TOOLS

59 tools from the Binary MCP Server MCP Server, categorised by risk level.

// ALL 59 BINARY MCP SERVER TOOLS

READ 48 tools

Read decompile_dotnet_assembly decompile_dotnet_assembly Read decompile_dotnet_type decompile_dotnet_type Read analyze_api_call_chains analyze_api_call_chains Read analyze_control_flow analyze_control_flow Read analyze_dotnet analyze_dotnet Read analyze_function_completeness analyze_function_completeness Read check_binary check_binary Read compute_similarity_hashes compute_similarity_hashes Read detect_dynamic_api_resolution detect_dynamic_api_resolution Read detect_loops detect_loops Read detect_malware_behaviors detect_malware_behaviors Read detect_packers detect_packers Read diff_binaries diff_binaries Read extract_embedded_binaries extract_embedded_binaries Read extract_iocs extract_iocs Read extract_iocs_with_context extract_iocs_with_context Read fid_match fid_match Read find_anti_analysis find_anti_analysis Read find_dead_code find_dead_code Read find_inlined_clones find_inlined_clones Read find_ioctl_handlers find_ioctl_handlers Read find_related_sessions find_related_sessions Read find_similar_functions find_similar_functions Read find_stack_strings find_stack_strings Read find_vtables find_vtables Read get_active_session Get information about the currently active session. Read get_dotnet_il get_dotnet_il Read get_dotnet_types get_dotnet_types Read get_function_callers get_function_callers Read get_function_complexity get_function_complexity Read get_function_hash get_function_hash Read get_param_sinks get_param_sinks Read get_pe_info get_pe_info Read get_review_package get_review_package Read get_session_summary Get a lightweight summary of a session without loading full data. Read get_switch_tables get_switch_tables Read inspect_authenticode inspect_authenticode Read list_sessions list_sessions Read quick_scan quick_scan Read scan_pseudocode scan_pseudocode Read search_dotnet_types search_dotnet_types Read vt_behavior vt_behavior Read vt_check_api Check if VirusTotal API is configured and working. Read vt_lookup vt_lookup Read vt_search vt_search Read diagnose_dotnet_setup Check .NET analysis tools installation status. Read diagnose_setup Run diagnostic checks on Ghidra installation and environment. Read export_iocs export_iocs

WRITE 2 tools

Write generate_yara_rule_from_session generate_yara_rule_from_session Write save_session save_session

DESTRUCTIVE 2 tools

Destructive delete_session Delete a saved session. Destructive clean_cache clean_cache

EXECUTE 2 tools

Execute batch_decompile batch_decompile Execute start_analysis_session start_analysis_session

OTHER 5 tools

Other load_full_session load_full_session Other load_session_section load_session_section Other configure_auto_session configure_auto_session Other generate_report generate_report Other generate_yara_rule_from_strings generate_yara_rule_from_strings

// FAQ

How many tools does the Binary MCP Server MCP server have? +

The Binary MCP Server MCP server exposes 59 tools across 5 categories: Read, Write, Destructive, Execute, Other.

How do I enforce policies on Binary MCP Server tools? +

Route the Binary MCP Server server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do Binary MCP Server tools fall into? +

Binary MCP Server tools are categorised as Read (48), Write (2), Destructive (2), Execute (2), Other (5). Each category has a recommended default policy.

Enforce policy on every Binary MCP Server tool call.

Start from Binary MCP Server, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.