Skip to main content

Agentic RE: Automating Reverse Engineering & Vulnerability Research with AI

Laptop and code editor representing AI‑powered reverse engineering

Hands‑on labs bring together RE tools and agentic AI for scalable workflows.

Registration Opening Soon

📅 This training launches in the next release cycle.
Join the waitlist to secure early access and updates. Also, check at Upcoming Events** for the latest listing.

🤖 Building Agentic RE Radar

Profile Insight: This course emphasizes Agentic AI (95) and Automation (85). It’s designed for advanced learners ready to blend reverse engineering with orchestration of LLMs and reproducible pipelines.

📘 Overview

Reverse engineering is evolving beyond static tools and manual workflows. This hands‑on course introduces a new paradigm: Agentic Workflows. By combining large language models (LLMs), the Model Context Protocol (MCP), and reverse engineering tools like Ghidra, participants will learn how to design, configure, and orchestrate AI‑powered systems that automate and accelerate binary analysis.

Rather than focusing on a single operating system, the course demonstrates how agentic pipelines can be applied across Windows, macOS, iOS, and Android. Students will see how MCP servers and AI‑assisted workflows adapt to different platforms, enabling reproducible analysis and vulnerability triage in diverse environments.

By the end of the course, participants will have built a reproducible agentic AI workflow capable of analyzing software, surfacing potential vulnerabilities, validating, and triaging results across multiple platforms.

🗂 High‑Level Course Outline

Part 1 – Foundations

  • How AI is reshaping reverse engineering
  • Core LLM concepts (overview only)
  • Choosing models & hardware trade‑offs
  • Why local models matter

Part 2 – Local Setup & Assisted RE

  • Connecting RE tools to LLMs (MCP)
  • Setting up a local LLM stack
  • Using AI to explain and annotate code
  • Exploring new research areas with AI

Part 3 – Development & Security

  • Building custom MCP servers
  • Customizing Ghidra MCP for analysis
  • Combining static analysis tools with LLMs
  • Insights from advanced bug‑finding systems (DARPA AIxCC)
  • Securing agentic workflows

Part 4 – Orchestration & Capstone

  • Orchestrating LLM workflows
  • Optimizing prompts for better results
  • Building a prototype RE HUD
  • Capstone: Create a reproducible Agentic RE workflow

🛠 Technology Stack

  • AI: LLMs, Llama.cpp, OpenWebUI, Local + Frontier Models
  • RE/VR: Ghidra, SAST tools, Symbols, etc.
  • Development: Python (primary), MCP SDKs (TypeScript, Go, Rust, etc.)
  • Workflow Orchestration: DSPy, LangGraph, dapr‑agents
  • UI/Integration: Chainlit, Streamlit

🎯 Who Should Attend

This course is designed for:

  • Reverse Engineers who want to augment their workflows with AI‑driven automation
  • Vulnerability Researchers looking to accelerate bug discovery and triage with agentic frameworks
  • Security Professionals interested in building private, reproducible AI stacks for sensitive analysis
  • Developers & Tool Builders exploring how to extend MCP servers and integrate AI into RE pipelines
  • Applied AI Practitioners who want to move beyond prompt‑hacking into orchestration, reproducibility, and workflow design

If you’ve ever wished your RE tools could act as autonomous collaborators—not just assistants—this course is for you.

📋 Prerequisites

To get the most out of this training, participants should have:

  • Intermediate reverse engineering experience (familiarity with Ghidra, IDA, or similar tools)
  • Basic vulnerability research knowledge (understanding of common bug classes and analysis workflows)
  • Comfort with scripting in Python (used for MCP servers, orchestration, and workflow glue)
  • Familiarity with Linux or macOS command‑line environments for stack setup and automation

No prior experience with LLMs or AI frameworks is required—we’ll cover the fundamentals before diving into advanced orchestration.

🎓 Practical Takeaways

By the end of this course, participants will walk away with:

  • A fully configured local RE+LLM stack (Ollama, OpenWebUI, LM‑Studio, GhidraMCP)
  • An understanding of hardware trade‑offs for running local LLMs effectively
  • Custom MCP servers for binary metadata, semantic search, and static analysis
  • Hands‑on experience fine‑tuning models for RE‑specific tasks (e.g., vulnerability class detection, function identification)
  • Reusable workflow templates for binary analysis, vulnerability discovery, and results validation
  • A Chainlit‑based RE HUD that integrates multiple MCPs and provides an interactive interface for analysis
  • A showcase‑ready Agentic Workflow that demonstrates how agentic AI can partner with humans in both reverse engineering and vulnerability research

Upcoming Courses

  • 📅 Browse Upcoming Events — Find the next in‑person or virtual session that fits your schedule.