Author here. Great question — the MCP landscape for Ghidra has exploded lately. Here's my take:

*LaurieWired's GhidraMCP* (the one I contribute to): Most complete toolset — 110+ MCP tools, 130+ REST endpoints. Active development, Ghidra 11.3-12.0.2 support, localhost-only binding for security. Best for interactive RE sessions with Claude/GPT where you want maximum capability.

*pyghidra-mcp*: Runs headless via pyghidra. Great for batch processing or CI pipelines, but you lose the GUI workflow.

*ReVa*: More of an autonomous agent approach — it tries to do RE for you rather than with you. Different philosophy, interesting for automated triage.

*GhidrAssist*: Focuses on the Ghidra plugin side, less on MCP integration.

If you want the most tools and active maintenance for interactive AI-assisted RE, LaurieWired's is what I'd recommend. I've been using it for multi-version game RE (Diablo 2, GTA) and it handles the "analyze v1.07, port annotations to v1.08" workflow really well.

Hi HN,

I built this because reverse engineering software across multiple versions is painful. You spend hours annotating functions in version 1.07, then version 1.08 drops and every address has shifted — all your work invisible.

The core idea is a normalized function hashing system. It hashes functions by their logical structure — mnemonics, operand categories, control flow — not raw bytes or absolute addresses. When a binary is recompiled or rebased, the same function produces the same hash. All your documentation (names, types, comments) transfers automatically.

Beyond that, it's a full MCP bridge with 110 tools for Ghidra: decompilation, disassembly, cross-referencing, annotation, batch analysis, and headless/Docker deployment. It integrates with Claude, Claude Code, or any MCP-compliant client.

For context, the most popular Ghidra MCP server (LaurieWired's, 7K+ stars) has about 15 tools. This started as a fork of that project but grew into 28,600 lines of substantially different code.

Architecture:

  Java Ghidra Plugin (22K LOC) → embeds HTTP server inside Ghidra
  Python MCP Bridge (6.5K LOC) → 110 tools with batch optimization
  Any MCP client → Claude, scripts, CI pipelines

The headless mode runs in Docker (docker compose up) for batch processing and CI integration — no GUI required.

v2.0.0 adds localhost-only binding (security), configurable timeouts, label deletion tools, and .env-based configuration.

Happy to discuss the hashing approach, MCP protocol design decisions, or how this fits into modern RE workflows.