IDA-MCP Is Now RE-MCP With Ghidra Support
When I started building ida-mcp, the goal was simple: give an LLM headless access to IDA Pro through MCP (Model Context Protocol). Open a binary,...
Read more : IDA-MCP Is Now RE-MCP With Ghidra SupportJoe T. Sylve, Ph.D. – Blog
Series
APFS Internals
An 18-part deep dive into the Apple File System covering on-disk structures, B-Trees, encryption, and more.
View the series : APFS InternalsPosts (Page 1 of 3)
ida-mcp 2.2: From Tool Calls to Analysis Scripts
ida-mcp 2.2.0 is out. This release removes the friction between what the LLM wants to do and what MCP lets...
ida-mcp 2.1: Progressive Tool Discovery, Background Analysis, and Batch Operations
ida-mcp 2.1.0 is out. This release focuses on making the LLM a more efficient analyst: fewer wasted tool calls, less...
Announcing ida-mcp 2.0: A Headless MCP Server for IDA Pro
The Model Context Protocol (MCP) lets LLMs call external tools, and for reverse engineers the obvious application is connecting an...
A Copy-Paste Bug That Broke PSpice® AES-256 Encryption
PSpice is a SPICE circuit simulator from Cadence Design Systems that encrypts proprietary semiconductor model files to protect vendor IP...
2022 APFS Advent Challenge - Retrospective
As 2022 ends, so does my APFS Advent Challenge. Deciding at the last minute to write this series of blogs...
Fusion Containers
As we discussed in an earlier post, Apple’s Fusion Drives combine the storage capacity of a hard disk drive (HDD)...
Snapshot Metadata
Our previous post covered how Object Maps facilitate the implementation of point-in-time Snapshots of APFS file systems by preserving File...
Decryption
Now that we know how to parse the File System Tree, analyze keybags, and unwrap decryption keys, it’s time to...
Update: Blazingly Fast-er SIMD Checksums
This is a quick update to yesterday’s post on using std::experimental::simd to speed up APFS Fletcher-64 calculations. It turns out...