MCP (Multi-Context Prompt) Debugger is a powerful debugging utility that integrates x64dbg/x32dbg with Large Language Models (Claude, GPT, Gemini) through a custom S-Expression DSL.
- Windows 10/11 (x64/x86)
- Visual Studio 2019+ or Build Tools
- CMake 3.16+
- x64dbg/x32dbg (for debugging functionality)
- Open PowerShell as Administrator
- Run the dependency installer:
cd path\to\mcp-debugger .\scripts\install-deps-windows.ps1
- Build the project:
build-windows.bat
-
Install Visual Studio Build Tools:
- Download from: https://visualstudio.microsoft.com/downloads/
- Select "C++ build tools" workload
-
Install CMake:
- Download from: https://cmake.org/download/
- Add to PATH during installation
-
Clone and build:
git clone <repository-url> cd mcp-debugger build-windows.bat
# Interactive REPL
mcp-debugger.exe
# Execute single command
mcp-debugger.exe -c "(llm \"Explain this assembly code\" (dbg \"disasm main\"))"
# Run script file
mcp-debugger.exe -f scripts\demo-session.mcp- Copy
mcp_debugger.dp64tox64dbg\plugins\ - Restart x64dbg
- Use MCP commands in x64dbg command line
Create or edit config.json:
{
"api_configs": {
"claude": {
"model": "claude-3-sonnet-20240229",
"endpoint": "https://api.anthropic.com/v1/messages"
}
}
}Set API keys securely:
mcp-debugger.exe -c "(config set-api-key claude \"your-api-key-here\")"Update config for your x64dbg installation:
{
"debug_config": {
"x64dbg_path": "C:\\x64dbg\\release\\x64\\x64dbg.exe",
"auto_connect": true
}
}; Connect to debugger
:connect
; Set breakpoints
(dbg "bp main")
(dbg "bp CreateFileA")
; Analyze with LLM
(llm "What does this function do?" (dbg "disasm main L10"))
; Memory analysis
(llm "Analyze this memory dump" (read-memory 0x401000 256)); Conditional analysis
(if (= (read-memory eip 2) 0x4889)
(llm "Analyze this x64 instruction" (dbg "u eip L5"))
(log "warn" "Unexpected instruction pattern"))
; Pattern matching
(llm "Does this contain malware signatures?"
(parse-pattern "suspicious-bytes" (read-memory base-addr 1024)))
; Session variables
(set current-func (dbg "? main"))
(llm "Analyze function at" current-func (dbg "u" current-func "L20"))- "cl is not recognized": Run from Visual Studio Developer Command Prompt
- CMake not found: Ensure CMake is in PATH, restart command prompt
- Missing dependencies: Run
install-deps-windows.ps1as Administrator
- x64dbg not connecting: Check x64dbg path in config.json
- API errors: Verify API keys are set correctly
- Plugin not loading: Ensure x64dbg has write permissions to plugins folder
# Reset configuration
del config.json credentials.encrypted
# Verbose logging
mcp-debugger.exe --verbose
# Test without x64dbg
mcp-debugger.exe -c "(llm \"Hello world\")"- API keys are encrypted and stored locally
- Memory dumps are sanitized before LLM transmission
- Plugin runs with x64dbg permissions only
- No data transmitted without explicit LLM commands
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ CLI/Plugin │ │ Core Engine │ │ LLM APIs │
│ Interface │◄──►│ (DI Container)│◄──►│ (Claude/GPT) │
└─────────────────┘ └─────────────────┘ └─────────────────┘
│ │ │
│ ┌─────────────────┐ │
└─────────────►│ x64dbg Bridge │ │
│ (Named Pipes) │ │
└─────────────────┘ │
│ │
┌─────────────────┐ │
│ Memory/Pattern│ │
│ Analyzer │ │
└─────────────────┘──────────────┘
- Language: C++17 with MSVC
- Build System: CMake
- Testing: Custom test framework
- Architecture: Interface-based DI with SOLID principles
For advanced development, see CLAUDE.md for architectural details.