Cariddi – MCP Client and Server
Complete MCP (Model Context Protocol) stack for CTF and reverse engineering workflows:
Cariddi Server
FastMCP server exposing filesystem and execution tools, with correct handling of escape characters when writing Python files.
Setup
cd Cariddi
python3 -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activate
pip install -r requirements.txt
Run
source venv/bin/activate
python main.py
Server listens on http://0.0.0.0:8000/mcp (streamable HTTP).
Environment
FASTMCP_HOST/MCP_HOST: host (default0.0.0.0)FASTMCP_PORT/MCP_PORT: port (default8000)
MCP Inspector
With the server running:
npx @modelcontextprotocol/inspector --url http://localhost:8000/mcp
Use transport Streamable HTTP and URL http://localhost:8000/mcp.
Or run inspector and server together:
npx @modelcontextprotocol/inspector python main.py
With Compose:
docker-compose up -d
Cariddi Client
Python MCP client that talks to Ollama and connects to MCP servers. Configured as a Crypto Solver Agent for CTF crypto challenges.
Requirements
- Python 3.7+
- Ollama installed and running
Install
cd CariddiClient
pip install -r requirements.txt
ollama serve
ollama pull ministral-3 # or llama3.2
Usage
# List models
python mcpClient.py --list-models
# Single prompt
python mcpClient.py --prompt "What is the capital of France?"
# Interactive
python mcpClient.py --interactive
# Custom Ollama and model
python mcpClient.py --base-url http://localhost:11434 --model ministral-3 --prompt "Hello!"
# Connect to MCP server (streamable HTTP)
python mcpClient.py --mcp-server "http://localhost:8000/mcp" --prompt "Use tools to help me"
python mcpClient.py --mcp-server "http://localhost:8000/mcp" --interactive
# With auth headers
python mcpClient.py --mcp-server "http://localhost:8000/mcp" --mcp-headers '{"Authorization": "Bearer token"}' --interactive
Defaults
- Ollama:
http://localhost:11434 - Model:
ministral-3 - MCP Server:
http://localhost:8000/mcp
Crypto Solver Agent
The client is tuned to:
- Explore: List files (e.g. in
/tmp) to find challenge files. - Analyze: Recognize crypto (RSA, AES, DES, XOR, encodings) and typical weaknesses.
- Execute: Write and run Python scripts to recover keys or plaintext.
- Validate: Look for flags in the form
flag{...}.
Covered areas: RSA (small modulus, low exponent, Wiener, Hastad, common modulus), symmetric (AES/DES, ECB/CBC, IV/key reuse), classical ciphers, Base64/Hex/endianness.
CTF Challenges
- cryptoEasy: Diffie–Hellman + AES encryption challenge (in
challs/cryptoEasy/).
Candidate MCP Servers
Other MCP servers you can combine with Cariddi or use in similar workflows (reverse engineering, binary analysis, malware analysis, shell execution):
| Project | Description |
|---|---|
| radare2-mcp | MCP stdio server for radare2 – binary analysis with r2, r2pipe, optional raw r2 commands. |
| headless-ida-mcp-server | Headless IDA Pro MCP server – analyze binaries via IDA’s headless mode (idat). |
| MalwareAnalyzerMCP | MCP server for malware analysis – file, strings, hexdump, objdump, xxd, shell commands with timeouts. |
| GhidrAssistMCP | Ghidra MCP extension – 34 tools, resources, prompts for reverse engineering (decompile, xrefs, structs, etc.). |
| shell-exec-mcp | MCP server for shell command execution – run bash commands with optional timeout and background jobs. |
| ida-pro-mcp | IDA Pro MCP bridge – AI-assisted reversing in IDA (decompile, disasm, xrefs, types, debugger extension). |