MCP Observatory
github re-analysis due

Heretek-RE/re-winedbg

github

MCP server wrapping winedbg + gdb for headless Windows-binary debugging on Linux/macOS.

maintainer
Heretek-RE
license
MIT
first seen
2026-06-10
last seen
2026-06-10
releases · 30d
0
short id

Drift inferred · capture-to-capture

No drift recorded — single capability capture; advisories appear once its surface changes.

capabilities 12 tools
transport stdio counts 12 tools · 0 res · 0 prompts permission surface via code analysis

tools

  • attach_winedbg_gdbserver

    Open a GDB client subprocess and target remote the gdbserver.

  • backtrace

    bt <n>.

  • check_winedbg

    Confirm wine + winedbg + gdb are installed (degraded-mode: returns WARN if missing).

  • continue_execution

    Resume; return the next stopped event.

  • end_session

    Close GDB client, stop the gdbserver, wineserver -k the per-session prefix, kill the Wine process tree.

  • gef_trace_breakpoint

    Server-side commands N; silent; printf ...; continue; end with a hit counter.

  • info_modules

    info sharedlibrary parsed (drives the RVA cache).

  • info_threads

    info threads.

  • launch_under_wine

    Run a .exe under Wine (no debugger); returns the host-side PID.

  • remove_breakpoint

    By breakpoint id.

  • set_breakpoint

    By symbol, *<addr>, or <module>+0x<RVA> (RVA resolved via the per-module base cache).

  • start_winedbg_gdbserver

    Spawn winedbg --gdb <port> <exe>; the binary is paused at entry.

skills & danger signals github-tarball
prompt-surface shipped agent-instruction files + hidden-content / dangerous-code findings — quoted from the analyzed source

analyzed commit 35f3dc3 · analyzer v17 · 1d ago

skills & prompt files 1

code evidence vHEAD · github-tarball
evidence-backed findings quoted directly from the published source artifact — not inferred

filesystem 2

  • fs Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/process_tree.py :25 from pathlib import Path
  • fs Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/winedbg.py :24 import shutil

shell / exec 2

  • shell Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/process_tree.py :22 import subprocess
  • shell Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/winedbg.py :27 import subprocess

network 1

  • net Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/winedbg.py :26 import socket

tool registrations 19

  • check_winedbg Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :24
  • launch_under_wine Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :37
  • start_winedbg_gdbserver Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :57
  • attach_winedbg_gdbserver Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :77
  • set_breakpoint Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :98
  • remove_breakpoint Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :122
  • gef_trace_breakpoint Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :128
  • continue_execution Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :163
  • step_into Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :174
  • step_over Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :180
  • step_out Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :186
  • read_registers Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :195
  • write_register Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :201
  • read_memory Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :210
  • write_memory Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :226
  • info_modules Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :242
  • info_threads Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :255
  • backtrace Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :261
  • end_session Heretek-RE-re-winedbg-35f3dc3/src/re_winedbg/server.py :270