I hope that one day we have a tool that can convert any proprietary binary to source code with a single click. It would be so much fun to have an "open source" version of all games. Currently, there are projects like https://github.com/Try/OpenGothic and https://github.com/SFTtech/openage, but these require years of community effort.
Current SOTA models are really bad at RE and i don't really expect this to improve through training on open data.
There are just not a lot of high quality examples on the internet, and more importantly the people writing this code are doing their best to make it actively more difficult.
For LLMs to solve code I think they should be AST-native. Code is a tree, not a sequence — yet we feed it to models linearly, with no explicit structure. Todays models lack recurrence or true memory, so they can’t reason over hierarchical structures effectively.
LLMs are autoregressive models. However, the notion of order in ASTs might be nonexistent, especially for parallel branches of computation/control flow.
You could attempt to untangle each branch into N sequences, but this would erase control-flow information.
Even when there is an objective ordering of the children of every node, you still have four traversal options: {preorder, postorder} × {BF, DF}.
Note: For children lacking an objective ordering, you might apply generic rules to define a traversal order, but you’d end up with as many depth-first traversals as there are possible orders—essentially a crude heuristic. If you want the evaluation order to be dynamic at each step (e.g., using RL), the complexity grows geometrically worse.
That’s been my experience tinkering with a custom AST DSL for ARC-AGI.
Has there been much work on reversing binaries into an AST form? It seems like something that somebody would have thought of researching, but I've not come across any efforts.
Is it something you can do generically, or do you need to know the specific compiler? Do you need to know the specific language, even, or could you perhaps create some other hypothetical AST in a different language that would have led to the same binary?
The graph part , more so than the ast part, makes sense to me. We reason over programs as hairy dataflow/controlflow/etc dependency graphs that happen to originally be encoded as some sort of text->ast.
GNNs went down some roads here, but never felt like a path to reasoning. So how to get an RL reasoner flow to do what is easy for datalog, natively and/or as a tool?
Which tools can currently invoke MCP? I have read only a little about MCP and got to know that Claude's desktop application is capable of using MCP locally.
Are there any chat interfaces which allow using MCP remotely?
I would like to be able to specify MCP endpoints and the functions they offer in ChatGPT's, Claude's and Gemini's web interfaces so that I can have them call my servers remotely. A bit like "GPTs" and "Gems".
I use them in Cursor. Writing an MCP server is trivial, just ask Cursor to put one together in TypeScript. You would use your local MCP server to call whatever remote API you want (or perform some other task). The MCP server uses stdin/stdout to talk to Cursor.
You can use MCP servers in SAM (Solace Agent Mesh). That has a chat interface and can be run remotely. Perhaps the easiest way to do it remotely is to use a Slack integration to SAM with a free Slack workspace, which doesn't require poking a hole to serve the browser UI
If you haven't watched her Youtube channel before I recommend checking it out. Besides the technical content I think the editing with retro OS graphics are fun.
It's really impressive. Technical content, GitHub repos that go along with the videos, set design, retro editing -- much higher quality than a lot of stuff out there from major studios
Everyone would just replace all their proprietary programs with dumb clients that communicate with a server. Either that, or they'd go all in on homomorphic encryption.
my experience with just copying and pasting things from ghidra into LLMs and asking it to figure it out wasn't so successful. it'd be cool to have benchmarks for this stuff though.
I actually have only tried this once but had the opposite experience. Gave it 5 or so related functions from a ps2 game and it correctly inferred they were related to graphics code, properly typing and naming the parameters. I’m sure this sort of thing is extremely hit or miss though
I've been thinking on how to build a benchmark for this stuff for a while, and don't have a good idea other than LLM-as-judge (which quickly gets messy). I guess there's a reason why current neural decompilation attempts are all evaluated on "seemingly meaningless" benchmarks like "can it recompile without syntax error" or "functional equivalence of recompilation" etc.
This is very cool but it would be nice to have more features on the MCP server, such as arbitrary read and write of programs. For example, I was working on a self-unpacking CTF challenge which XORed instructions. It would be nice to have it be able to read the values at the addresses it xored.
RE is exactly the sort of work that requires precision and careful reasoning, not hallucinatory statistical inference. Seeing how LLMs stumble very heavily on the former makes it clear that AI will not replace us.
I hate to be that guy, but one does not follow the other. To some, just the initial appearance of 'acceptable'/'good enough' is, well, good enough. Current set of LLMs can absolutely replace us while breaking a lot in the process.
[+] [-] randomtoast|11 months ago|reply
[+] [-] airza|11 months ago|reply
There are just not a lot of high quality examples on the internet, and more importantly the people writing this code are doing their best to make it actively more difficult.
[+] [-] gus_massa|11 months ago|reply
On the other direction, a company can't pick a GPL project, uncompile the code and release it as proprietary.
[+] [-] Xx_crazy420_xX|11 months ago|reply
[+] [-] Nesco|11 months ago|reply
Even when there is an objective ordering of the children of every node, you still have four traversal options: {preorder, postorder} × {BF, DF}.
Note: For children lacking an objective ordering, you might apply generic rules to define a traversal order, but you’d end up with as many depth-first traversals as there are possible orders—essentially a crude heuristic. If you want the evaluation order to be dynamic at each step (e.g., using RL), the complexity grows geometrically worse. That’s been my experience tinkering with a custom AST DSL for ARC-AGI.
[+] [-] gnfargbl|11 months ago|reply
Is it something you can do generically, or do you need to know the specific compiler? Do you need to know the specific language, even, or could you perhaps create some other hypothetical AST in a different language that would have led to the same binary?
[+] [-] lmeyerov|11 months ago|reply
GNNs went down some roads here, but never felt like a path to reasoning. So how to get an RL reasoner flow to do what is easy for datalog, natively and/or as a tool?
[+] [-] pilooch|11 months ago|reply
[+] [-] otabdeveloper4|11 months ago|reply
[+] [-] qwertox|11 months ago|reply
Are there any chat interfaces which allow using MCP remotely?
I would like to be able to specify MCP endpoints and the functions they offer in ChatGPT's, Claude's and Gemini's web interfaces so that I can have them call my servers remotely. A bit like "GPTs" and "Gems".
[+] [-] lauriewired|11 months ago|reply
sama also recently mentioned ChatGPT Desktop is getting MCP client functionality "soon".
As for remote clients, Cloudflare has some really useful tooling, look at their "AI Playground".
[+] [-] jauntywundrkind|11 months ago|reply
[+] [-] electroly|11 months ago|reply
[+] [-] efunnekol|11 months ago|reply
https://github.com/SolaceLabs/solace-agent-mesh
[+] [-] jevyjevjevs|11 months ago|reply
[+] [-] nekitamo|11 months ago|reply
https://github.com/punkpeye/awesome-mcp-clients
[+] [-] salgorithm|11 months ago|reply
[+] [-] fixprix|11 months ago|reply
[+] [-] mettamage|11 months ago|reply
[+] [-] asphodel_gray|11 months ago|reply
[+] [-] mdaniel|11 months ago|reply
Malimite – iOS and macOS Decompiler - https://news.ycombinator.com/item?id=42829402 - Jan, 2025 (37 comments)
[+] [-] sorenjan|11 months ago|reply
[+] [-] foooorsyth|11 months ago|reply
[+] [-] npace12|11 months ago|reply
https://github.com/dnakov/radare2-mcp
[+] [-] ngneer|11 months ago|reply
[+] [-] LegionMammal978|11 months ago|reply
[+] [-] ynniv|11 months ago|reply
[+] [-] xeckr|11 months ago|reply
[+] [-] gosub100|11 months ago|reply
[+] [-] brokensegue|11 months ago|reply
[+] [-] Everdred2dx|11 months ago|reply
[+] [-] rfoo|11 months ago|reply
[+] [-] Everdred2dx|11 months ago|reply
[+] [-] meander_water|11 months ago|reply
- https://mcpservers.org/
- https://glama.ai/mcp/servers
- https://www.claudemcp.com/servers
Not to mention the usual GitHub ones:
- https://github.com/punkpeye/awesome-mcp-servers
The hype is real.
[+] [-] dSebastien|11 months ago|reply
[+] [-] cocoflunchy|11 months ago|reply
[+] [-] celesian|11 months ago|reply
[+] [-] dang|11 months ago|reply
GhidraMCP: Now AI can reverse malware [video] - https://news.ycombinator.com/item?id=43475025
[+] [-] userbinator|11 months ago|reply
[+] [-] iugtmkbdfil834|11 months ago|reply
[+] [-] bitfieldz|11 months ago|reply
[deleted]
[+] [-] enigma101|11 months ago|reply
[+] [-] dprophecyguy|11 months ago|reply
[+] [-] securemepro|11 months ago|reply
[deleted]