PCM
- python
47
GitHub Stars
python
Language
6 months ago
First Indexed
2 months ago
Catalog Refreshed
Documentation & install
Readme and setup notes from the catalogue, plus a client-ready config you can copy for your MCP host.
Installation
Add the following to your MCP client configuration file.
Configuration
View docs{
"mcpServers": {
"rand-tech-pcm": {
"command": "uv",
"args": [
"--directory",
"path_to/pcm",
"run",
"server.py"
]
}
}
}PCM is an MCP server focused on reverse engineering analysis with integrated IDA-like tooling. It exposes a rich set of functions to inspect, decompile, disassemble, and annotate binaries, enabling you to automate and orchestrate reverse-engineering tasks through MCP clients.
How to use
You connect to PCM using an MCP client and start by selecting a server entry named pcm. The server runs locally via the uv runner and executes server.py from the pcm project directory. Once connected, you can call the available functions to inspect code, generate disassembly or pseudocode, modify types and prototypes, and attach notes to your analysis.
How to install
{
"mcpServers": {
"pcm": {
"command": "uv",
"args": [
"--directory",
"path_to/pcm",
"run",
"server.py"
]
}
}
}
Prerequisites:
- Ensure the uv runtime is installed on your system.
Install steps:
- Clone the PCM repository.
- Add PCM as an MCP server in your MCP client configuration using the snippet above.
- Start your MCP client and connect to the pcm server entry. PCM will start the server via uv and expose its functions to your MCP client.
Note: The example assumes you place PCM in a directory at path_to/pcm. Adjust path_to/pcm to the actual location on your machine before starting the server.
## Additional notes and practical usage
PCM provides a comprehensive suite of analysis tools. You can decompile functions, disassemble code, manage variable types and prototypes, rename locals or functions, create structure types, and attach notes to any address or function. Use these capabilities to build automated analysis workflows that suit your reverse-engineering needs.
- Get a function by name with `get_function_by_name(name)`
- Find a function by address with `get_function_by_address(address)`
- List all functions in the database with `list_functions()`
- Decompile a function with `decompile_function(address)`
- Disassemble a function with `disassemble_function(address)`
- Work with entrypoints using `get_entrypoints()`
- Inspect function blocks via `get_function_blocks(address)` and see the CFG with `get_function_cfg(address)`
- Explore cross references using `get_xrefs_to(address)` and `get_xrefs_from(address)`
- Annotate code with `set_decompiler_comment(address, comment)` and `set_disassembly_comment(address, comment)`
- Rename a local variable with `rename_local_variable(function_address, old_name, new_name)` and rename a function with `rename_function(function_address, new_name)`
- Set function prototypes with `set_function_prototype(function_address, prototype)` and adjust local variable types with `set_local_variable_type(function_address, variable_name, new_type)`
- Create and manage structure types with `create_structure_type(name, members, is_union)`
- Query metadata via `get_metadata()`
- Run IDAPython code through `repl_idapython(content)`
- Add and manage analysis notes with `add_note`, `update_note`, `get_notes`, and `delete_note`
## Security and maintenance
Keep PCM up to date and run it in a controlled environment. If you enable network access for the MCP server, ensure only trusted clients can connect and that all interactions are properly authenticated and logged.
## Available tools
### get\_function\_by\_name
Retrieve a function object by its textual name, enabling targeted analysis and navigation.
### get\_function\_by\_address
Fetch a function using its memory address for precise inspection.
### get\_current\_address
Return the address currently selected by the user in the analysis session.
### get\_current\_function
Get the function that is currently active or selected.
### list\_functions
List all known functions stored in the analysis database for quick reference.
### decompile\_function
Decompile the function at the given address using the available decompiler backend.
### disassemble\_function
Produce assembly listing for the function, including addresses and comments.
### get\_entrypoints
Return all entrypoint addresses detected in the binary.
### get\_function\_blocks
Retrieve all basic blocks that belong to a specific function.
### get\_function\_cfg
Generate a control flow graph for a function to visualize its structure.
### get\_xrefs\_to
Find all cross-references that point to a given address.
### get\_xrefs\_from
Find all cross-references originating from a given address.
### set\_decompiler\_comment
Attach a comment to a specific address in the decompiled pseudocode.
### set\_disassembly\_comment
Attach a comment to a specific address in the disassembly view.
### rename\_local\_variable
Rename a local variable within a function to improve readability.
### rename\_function
Rename a function to reflect its purpose or behavior more clearly.
### set\_function\_prototype
Set or adjust the prototype for a function to match its signature.
### set\_local\_variable\_type
Set or update the type of a local variable inside a function.
### create\_structure\_type
Create a new structure type defined by a name and member layout.
### get\_metadata
Retrieve metadata about the current database or index.
### repl\_idapython
Execute IDAPython code and return results including stdout and stderr.
### add\_note
Add a new analysis note tied to a binary with optional tags.
### update\_note
Update an existing analysis note with new content or tags.
### get\_notes
Fetch analysis notes for a given binary MD5, address, or tag.
### delete\_note
Remove an existing analysis note by its identifier.