Rogue Binary MCP

Name: Rogue Binary MCP
Author: kirkderp

kirkderp/rbinmcp

Wire Claude Code or Cursor to binary analysis and reverse-engineering workflows without leaving the agent chat.

Overview

Rogue Binary MCP is a MCP server for the Ship phase that exposes binary analysis and reverse-engineering capabilities to coding agents over stdio.

What is this MCP server?

Rust-native MCP server for binary analysis and RE tasks from the agent
stdio transport with OCI image ghcr.io/kirkderp/rbinmcp:1.3.0 for reproducible installs
Backed by Rogue Binary wiki and tooling ecosystem at roguebinary.com
Suited to firmware, malware triage, and exploit research from AI-assisted sessions
Model Context Protocol exposes analysis tools instead of one-off CLI copy-paste
Server version 1.3.0
Transport: stdio
Package: ghcr.io/kirkderp/rbinmcp:1.3.0 (OCI registryType)

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 22 GitHub stars.

What problem does it solve?

Jumping between RE tools and your agent breaks focus and makes it hard to document findings while you analyze unknown binaries.

Who is it for?

Solo builders shipping native or security-sensitive code who want agent-assisted RE during pre-release security checks.

Skip if: Teams that only need high-level app security linting without touching binaries or firmware images.

What do I get? / Deliverables

After registration, your agent can drive binary analysis steps in-thread so triage notes and next actions stay in one workspace.

Agent-invoked binary analysis steps documented in the session
Faster RE triage without leaving the coding agent
Repeatable MCP wiring for Rogue Binary tooling at v1.3.0

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

Security review and malware or firmware inspection belong in Ship when you harden or audit binaries before release. Reverse engineering and static analysis sit under security subphase alongside pentest and code review gates.

How it compares

MCP integration for binary RE, not a generic code-review skill or cloud SAST dashboard.

Common Questions / FAQ

Who is Rogue Binary MCP for?

Developers and indie security reviewers who analyze executables, firmware, or malware samples and want those tools callable from Claude Code or Cursor via MCP.

When should I use Rogue Binary MCP?

Use it during Ship security work when you need reverse engineering or static binary analysis alongside implementation, before or after release candidate builds.

How do I add Rogue Binary MCP to my agent?

Add an MCP server entry pointing at the stdio transport with package identifier ghcr.io/kirkderp/rbinmcp:1.3.0 (OCI) per your host’s config, then restart the agent.

Rogue Binary MCP

kirkderp/rbinmcp

Wire Claude Code or Cursor to binary analysis and reverse-engineering workflows without leaving the agent chat.

Overview

Rogue Binary MCP is a MCP server for the Ship phase that exposes binary analysis and reverse-engineering capabilities to coding agents over stdio.

What is this MCP server?

Rust-native MCP server for binary analysis and RE tasks from the agent
stdio transport with OCI image ghcr.io/kirkderp/rbinmcp:1.3.0 for reproducible installs
Backed by Rogue Binary wiki and tooling ecosystem at roguebinary.com
Suited to firmware, malware triage, and exploit research from AI-assisted sessions
Model Context Protocol exposes analysis tools instead of one-off CLI copy-paste
Server version 1.3.0
Transport: stdio
Package: ghcr.io/kirkderp/rbinmcp:1.3.0 (OCI registryType)

Compatible agents: Claude Code, Cursor, Codex, any compatible agent

Community signal: 22 GitHub stars.

What problem does it solve?

Jumping between RE tools and your agent breaks focus and makes it hard to document findings while you analyze unknown binaries.

Who is it for?

Solo builders shipping native or security-sensitive code who want agent-assisted RE during pre-release security checks.

Skip if: Teams that only need high-level app security linting without touching binaries or firmware images.

What do I get? / Deliverables

After registration, your agent can drive binary analysis steps in-thread so triage notes and next actions stay in one workspace.

Agent-invoked binary analysis steps documented in the session
Faster RE triage without leaving the coding agent
Repeatable MCP wiring for Rogue Binary tooling at v1.3.0

Recommended MCP Servers

1Claw Vault1clawAI/1claw-mcp

1Claw Vault exposes a stdio MCP server (@1claw/mcp) that connects AI agents to HSM-backed secret storage with just-in-ti…2 stars

1passwordCakeRepository/1Password-MCP

The 1Password MCP server lets solo builders wire service-account access into Claude Code, Cursor, or other stdio MCP hos…16 stars

402sentinel Mcpkaditang/402sentinel-mcp

402 Sentinel MCP gives solo builders and agent authors a pre-flight check before honoring x402 payment flows on Base. In…1 stars

A2adependencyinspector Mcpclauxel/a2a-dependency-inspector-mcp

A2A Dependency Inspector MCP is a hosted Clauxel server for builders shipping agent-to-agent (A2A) workflows who must pr…

A2a Governance Bridge Mcp

A2A Governance Bridge is a Model Context Protocol server that exposes governance-oriented tools for multi-agent setups: …

A2aidentitytoll Mcpclauxel/a2a-identity-toll-mcp

A2A Identity Toll MCP is a Clauxel-hosted remote MCP server that acts as an identity and policy toll booth for agent-to-…

Journey fit

Primary fit

How it compares

MCP integration for binary RE, not a generic code-review skill or cloud SAST dashboard.

Common Questions / FAQ

Who is Rogue Binary MCP for?

Developers and indie security reviewers who analyze executables, firmware, or malware samples and want those tools callable from Claude Code or Cursor via MCP.

When should I use Rogue Binary MCP?

Use it during Ship security work when you need reverse engineering or static binary analysis alongside implementation, before or after release candidate builds.

How do I add Rogue Binary MCP to my agent?

Add an MCP server entry pointing at the stdio transport with package identifier ghcr.io/kirkderp/rbinmcp:1.3.0 (OCI) per your host’s config, then restart the agent.

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Rogue Binary MCP for?

When should I use Rogue Binary MCP?

How do I add Rogue Binary MCP to my agent?

This week for builders

Overview

What is this MCP server?

What problem does it solve?

Who is it for?

What do I get? / Deliverables

Recommended MCP Servers

Journey fit

Who is Rogue Binary MCP for?

When should I use Rogue Binary MCP?

How do I add Rogue Binary MCP to my agent?