renamed ghidra mcp wishlist to avoid gitignore
This commit is contained in:
parent
ecfe25087a
commit
f869a181a3
1 changed files with 70 additions and 0 deletions
70
ghidra-mcp_wishlist.md
Normal file
70
ghidra-mcp_wishlist.md
Normal file
|
|
@ -0,0 +1,70 @@
|
|||
# Ghidra MCP Wishlist
|
||||
|
||||
Short, concrete gaps hit during live Crusader work. Each entry records what MCP lacked, what fallback was needed, and what a useful MCP feature should look like.
|
||||
|
||||
## Open Gaps
|
||||
|
||||
### Byte-pattern search across program memory
|
||||
|
||||
- Status: open
|
||||
- Missing MCP capability: search raw bytes or byte patterns across the current program's mapped segments / address spaces.
|
||||
- Fallback used: manual `read_region` sweeps plus local Python over the MCP HTTP bridge to scan live Spanish `CRUSADER.EXE` memory for the `jassica16` scan-code table.
|
||||
- Useful MCP feature:
|
||||
- `search_bytes(pattern, start?, end?, segment_filter?, max_hits?)`
|
||||
- accepts hex byte patterns with optional wildcards
|
||||
- returns exact hit addresses plus nearby hex context
|
||||
- Why it matters: this would have closed the Spanish cheat-sequence question directly inside MCP instead of forcing ad hoc local scripting.
|
||||
|
||||
### Reliable caller/xref recovery for local call sites
|
||||
|
||||
- Status: open
|
||||
- Missing MCP capability: reliable function-call xrefs for near/local calls inside the active program.
|
||||
- Fallback used: manual `search_instructions` and instruction-window inspection because `get_function_xrefs` did not surface some obvious local call sites in the Spanish keyboard/helper cluster.
|
||||
- Useful MCP feature:
|
||||
- improve `get_function_xrefs` so it includes near calls, far calls, tail-call-style jumps, and thunk references consistently
|
||||
- or add `get_callers(address_or_name, include_near=true, include_far=true, include_jumps=true)`
|
||||
- Why it matters: tracing helper chains around hidden key-sequence code is slower and less reliable when local callers have to be reconstructed by text search.
|
||||
|
||||
### Cross-program reads inside the same Ghidra project
|
||||
|
||||
- Status: open
|
||||
- Missing MCP capability: read/query another program or assembly in the same project without switching the active program first.
|
||||
- Fallback used: indirect comparison against repo notes, workspace-side files, and ad hoc local scripts instead of querying `/CRUSADER.EXE`, `/es/CRUSADER.EXE`, `/Writable/...`, or other domain files side by side through MCP.
|
||||
- Useful MCP feature:
|
||||
- allow explicit target selectors on all read/query endpoints, not only write endpoints
|
||||
- example: `read_region(start, end, project_dir?, project_name?, folder_path?, program_name?)`
|
||||
- same for strings, functions, xrefs, data uses, decompile, disassemble, symbol lookup, and segment listing
|
||||
- Why it matters: live localized-build comparisons and writable-copy verification should not require changing the active Ghidra tab just to inspect another program.
|
||||
|
||||
### Cross-project / cross-program compare tooling
|
||||
|
||||
- Status: open
|
||||
- Missing MCP capability: first-class compare operations between two programs in the same project or across projects.
|
||||
- Fallback used: manual note-to-note comparison, address math, and repeated per-program queries.
|
||||
- Useful MCP feature:
|
||||
- `compare_regions(left_program, left_range, right_program, right_range, mode=bytes|words|disasm|strings)`
|
||||
- `compare_strings(left_program, right_program, filter?)`
|
||||
- `compare_functions(left_program, left_addr_or_name, right_program, right_addr_or_name, mode=signature|disasm|decompile|xrefs)`
|
||||
- machine-readable output with address pairs, similarity score, and differing bytes/instructions/strings
|
||||
- Why it matters: this would make English vs Spanish / Remorse vs Regret / raw vs live NE comparisons much faster and less error-prone.
|
||||
|
||||
### Port renames/comments/symbol facts between programs
|
||||
|
||||
- Status: open
|
||||
- Missing MCP capability: apply verified names/comments from one program to another program with explicit provenance instead of re-entering them one by one.
|
||||
- Fallback used: manual rename/comment batches plus external notes to carry mapping provenance.
|
||||
- Useful MCP feature:
|
||||
- `port_symbols(source_program, target_program, mappings, apply=names|comments|both, provenance_comment_template?)`
|
||||
- support direct address maps, segment-relative maps, and user-supplied CSV/JSON mapping tables
|
||||
- dry-run mode showing collisions and ambiguous targets
|
||||
- Why it matters: porting verified English or raw-import findings into Spanish or live NE targets is a recurring workflow.
|
||||
|
||||
### Project inventory / browse endpoint
|
||||
|
||||
- Status: open
|
||||
- Missing MCP capability: list project folders and available programs through MCP.
|
||||
- Fallback used: repo-side assumptions and local tooling; the current MCP read tools expose only the active program cleanly.
|
||||
- Useful MCP feature:
|
||||
- `list_project_programs(project_dir?, project_name?, folder_path?, recursive=true)`
|
||||
- returns folder path, program name, read-only/writable/versioned state, and whether it is currently open
|
||||
- Why it matters: comparing or porting across programs is awkward without a discoverable inventory of assemblies already in the Ghidra project.
|
||||
Loading…
Add table
Add a link
Reference in a new issue