Building Agentic RE: Automating Reverse Engineering & Vulnerability Research with AI // John McIntosh

Virtual | October 26-31 | 32 Hours

BOOK NOW

ABSTRACT

Reverse engineering is evolving beyond static tools and manual workflows. This 32-hour, hands-on course teaches a new paradigm — agentic reverse engineering — where large language models stop being passive assistants and become autonomous collaborators that reason, act, and validate alongside you.

Throughout the course, you will learn to:

• Build local AI stacks for privacy, reproducibility, and control
• Use LLMs to explain, annotate, and reason about binaries across the full device landscape — Windows, Apple (macOS/iOS), Android, Linux, and IoT firmware
• Develop custom MCP servers that expose your RE and VR tools to agents
• Integrate static and dynamic analysis pipelines with AI-driven insight
• Validate findings through automated cross-checks and guardrails that fight hallucination
• Deliver an integrated agentic workflow for reverse engineering and vulnerability research

This reflects the principle at the heart of the course — system over model: the system you engineer around an LLM, not the size of the model, is what holds the work up. The same stack you'll build has reproduced real-world CVEs on local, open-weight models in published research, with engineered validation stages cutting false positives sharply while preserving the find.

By the end of the course you will have built an integrated agentic AI workflow — capable of analyzing binaries, surfacing potential vulnerabilities, validating results, and triaging findings with a human in the loop — that is entirely yours to keep, extend, and deploy.

Why This Matters

Modern binary analysis is bottlenecked by scale: too many binaries, too many versions, too much decompiled code, too little time. Agentic AI changes the economics — when you build it right.

Done well, agentic RE lets you:

• Shorten analysis cycles — collapse repetitive triage from days into minutes
• Surface subtle patterns — across functions, versions, and whole binaries at once
• Scale research — without sacrificing depth, accuracy, or your own judgment
• Stay in control — humans validate; agents accelerate

This course is built around five convictions that set it apart:

• Private & local first. You'll run real models on your own hardware. No binary ever has to leave your machine — the only way agentic RE works for defense, government, malware-lab, and IP-sensitive work.
• Every platform you'll face. Windows, Apple (macOS and iOS), Android, and IoT/embedded firmware — the agentic workflows you build span the full device landscape, not a single OS or architecture.
• You build it, you own it. You leave with a system you authored end to end — custom MCP servers, fine-tuned models, and a working RE HUD — not a one-off result that evaporates when class ends.
• Reliable, not just fast. "Faster" is worthless if the answers are wrong. You'll engineer cross-checks, grounding, and validation so your agents are trustworthy, not merely confident.
• Train, don't just prompt. Go beyond prompting and learn the full process of fine-tuning a model to leverage specialized, domain-specific knowledge for the RE and VR tasks you care about.

This is the difference between prompting an AI and engineering one. Momentum, not autopilot. AI as accelerant, not replacement.

INTENDED AUDIENCE

• Reverse Engineers who want to augment their workflows with AI-driven automation
• Vulnerability Researchers looking to accelerate bug discovery and triage with agentic frameworks
• Security Professionals who need private, reproducible AI stacks for sensitive or air-gapped analysis
• Developers & Tool Builders exploring how to extend MCP servers and integrate AI into RE pipelines
• Applied AI Practitioners moving beyond prompt-hacking into orchestration, reproducibility, and workflow design

If you've ever wished your RE tools could act as autonomous collaborators — not just answer questions — this course is for you.

No prior experience with LLMs or AI frameworks is required. The fundamentals are covered from the ground up before you build anything advanced. You bring the reverse engineering; we'll bring the AI.

KEY LEARNING OBJECTIVES

• Foundations of Agentic RE — understand the intersection of generative AI, MCP, and reverse engineering
• Private Local LLM Stack — build and configure your own stack with Ghidra, Ollama, and OpenWebUI, with a clear-eyed focus on hardware and performance trade-offs
• Custom MCP Development — extend MCP servers to expose binary metadata, integrate semantic search, and connect your RE tools to agents
• LLM Training for RE — create datasets, fine-tune models with QLoRA, and teach models to detect vulnerabilities or identify key functions
• Agentic Workflow Design — learn modern orchestration patterns (DSPy, LangGraph) to build resilient, compositional workflows
• Reliable AI & Validation — implement automated cross-checks and guardrails that reduce hallucination and validate AI-generated findings
• Custom RE HUDs — build interactive dashboards that guide multi-platform analysis
• Capstone Project — deliver a single HUD with two workflow paths: one for RE, one for VR, including discovery, triage, and validation

COURSE OUTLINE

The course follows a deliberate progression: from your first raw LLM API calls, to exposing your RE tools through MCP, to orchestrating multi-step workflows, to standing up full reversing agents that drive the entire process. Four parts, each a rung on that ladder:

Part 1 — Foundations of Agentic RE

"AI here is a computational and systems layer."

• The Agentic Era: how LLMs are reshaping reverse engineering and vulnerability research
• LLM essentials for reversers: tokens, embeddings, context, and quantization — only what you need
• Model selection & hardware: trade-offs between model size, speed, quantization, and realistic VRAM budgets
• Why local LLMs matter: privacy, reproducibility, and control
• Standing up your local stack: Ollama, OpenWebUI, and connecting models to Ghidra
• AI-assisted reverse engineering: use a local model to explain code, recover constants, annotate functions, and dig into real binaries

Part 2 — Extending the Stack: Custom MCP Servers

"AI here is an environment you control."

• MCP server fundamentals in Python
• Designing tool-specific MCPs with structured, agent-friendly inputs and outputs
• Static-analysis MCPs: expose pattern-based and query-driven analysis to agents, and compare their output
• Custom Ghidra MCP: drive headless Ghidra to surface functions, cross-references, and decompiled code on demand
• Multi-binary analysis: detect reused code, suspicious patterns, and API call flows across many binaries at once
• Building and extending advanced, project-wide MCP servers

Part 3 — Training & Adapting LLMs for RE/VR

"AI here is a programmable collaborator."

• Programming with LLMs: context engineering, handling non-determinism, and designing well-defined tools
• Securing agentic workflows: prompt injection, data sanitization, and locking down MCP endpoints
• Prompt optimization: build evaluation sets and automatically discover prompts that take small local models from coin-flip to reliable
• Training data for RE: sourcing and curating high-quality datasets from open-source code, CVE corpora, and your own projects
• Fine-tuning your first model: the end-to-end process of adapting a model to leverage specialized, domain-specific knowledge, for example teaching it to recognize a specific vulnerability class

Part 4 — Advanced Workflows & Orchestration

"AI here is a workflow partner."

• Orchestrating multi-step workflows that combine RE tools with agentic reasoning where it actually helps
• Multi-agent teams: you set the goals; an orchestrator agent decomposes them and delegates to specialized subagents — then put the whole team on a schedule to run unattended, accomplishing RE and triage work while you're away
• Reversing agents: turn a general-purpose coding agent (such as Claude Code) into a specialized reversing agent that drives your RE tools and follows your methodology
• Capture your RE workflows as Skills: encode a reverse-engineering methodology once as a portable skill, reusable across today's leading coding agents and not locked to a single vendor
• Multi-platform analysis: dispatch logic spanning Windows, Linux, macOS, iOS, and Android
• Firmware & embedded: applying agentic workflows to firmware extraction and IoT targets
• Building a RE HUD: an interactive interface that visualizes and guides your analysis
• Capstone — Integrated RE + VR Workflow: combine your Ghidra MCP, semantic search, and static-analysis tooling into a single HUD that analyzes binaries, surfaces vulnerabilities, validates them, and triages with contextual explanations. The result is a showcase-ready system that is entirely your own.

Technology Stack

• AI: Local & frontier LLMs, Ollama, OpenWebUI, LM Studio
• RE/VR: Ghidra (headless & GUI), pyghidra, semantic code search, pattern- and query-based static analysis
• Model Context Protocol: custom Python MCP servers, project-wide multi-binary analysis
• Development: Python (primary), with MCP SDKs available across TypeScript, Go, and Rust
• Workflow Orchestration: DSPy, LangGraph
• UI / Integration: Chainlit, Streamlit
• Model Adaptation: QLoRA fine-tuning, automated prompt optimization, experiment tracking

Student Requirements

• Intermediate reverse engineering experience (Ghidra, IDA, or similar)
• Basic vulnerability research knowledge (common bug classes and analysis workflows)
• Comfort scripting in Python (used for MCP servers, orchestration, and workflow glue)
• Familiarity with a Linux or macOS command line for stack setup and automation
• No prior experience with LLMs or AI frameworks is required — fundamentals are covered before any advanced work
• No special AI hardware required — model inference is provided for every student; running your own local models is fully supported and encouraged, but entirely optional

System AI Requirements and Alternatives

• Inference is provided. Every student gets access to course-provided model inference — you can complete every exercise with no special hardware and no API bills of your own.
• Running local models is optional and encouraged. Building your own private, local stack is part of the course; if you want to run models on your own machine, a modern GPU (RTX 3060+ or Apple M-series) with 16GB+ RAM is ideal — enough to run an 8B–20B model at usable speeds with a large context window.
• Bring-your-own API works too. Prefer your own frontier keys (OpenAI, Anthropic, and others)? Provided inference, local models, and your own API can be used interchangeably throughout the course.

Software Requirements

• Python 3.11+
• Docker (to run OpenWebUI, Ollama, and the course environment)
• git and a Linux-style command line with administrator privileges
• A free Google account (for optional GPU-backed fine-tuning exercises)

Practical Takeaways

You leave with a working system and the skills to extend it:

• A fully configured local RE + LLM stack (Ollama, OpenWebUI, Ghidra integration)
• A clear understanding of the hardware trade-offs for running local models effectively
• Custom MCP servers for binary metadata, semantic search, and static analysis
• Hands-on experience with the model fine-tuning process: adapting a model to leverage specialized, RE-specific knowledge
• Reusable, multi-platform workflow templates (Windows, Apple, Android, IoT) for binary analysis, vulnerability discovery, and validation
• A RE HUD that integrates multiple MCPs into one interactive interface
• A reversing agent of your own (a coding agent turned RE specialist), plus portable Skills that capture your RE workflows across the coding agents you already use
• An integrated capstone with two paths:
  • RE Path — analyze and explain binaries with Ghidra MCP and semantic search
  • VR Path — discover, triage, and validate vulnerabilities with static analysis and LLM-driven cross-checks
• A showcase-ready, private system demonstrating agentic AI partnering with a human across RE and VR — yours to keep, extend, and deploy

YOUR INSTRUCTOR: John McIntosh

John McIntosh (@clearbluejar) is a security researcher and founder of ClearSec Labs, where he is all-in on agentic, AI-driven reverse engineering. With over a decade of offensive-security experience, his expertise spans binary analysis, patch diffing, and vulnerability discovery.

John doesn't just teach this stack — he built it. He is the author of the open-source ghidriff (the widely used Ghidra binary-diffing engine, 700+ GitHub stars) — the very tool Anthropic's Frontier Red Team used to generate the function-level binary diffs that fed Claude's autonomous N-day exploit chains in their June 2026 research — along with pyghidra-mcp (a headless, project-wide Ghidra MCP server purpose-built for agentic workflows) and ghidrecomp (a command-line Ghidra decompiler). When this course puts Ghidra in an agent's hands, you are learning from the person who wrote the tools that make it possible.

His research blog, clearbluejar.github.io, is a go-to source for detailed CVE RE and RE-tooling deep dives — including using LLMs to chase a Windows CLFS use-after-free and his "system over model" research, which reproduced a decades-old FreeBSD RCE on local, open-weight models. He has presented and trained at the field's most respected venues, including RECon, DEF CON Trainings (Las Vegas and Singapore), Objective by the Sea, and Ringzer0 — most recently with RECon 2026's "Building Agentic RE Skills."

Links:

• clearseclabs.com
• clearbluejar.github.io
• github.com/clearbluejar

Ringzer0’s Virtual Training Experience & FAQ

What can I expect from a virtual training delivered by Ringzer0, and answers to frequently asked questions.

Ringzer0Ringzer0

OTHER VIRTUAL TRAINING COURSES