An AI agent that decompiles binaries and actually checks its homework
It exists to stop LLMs from confidently hallucinating decompiled C++ by forcing every guess through build tests and binary parity checks.

What it does
auto-re-agent is an autonomous pipeline that feeds decompiled binary evidence from Ghidra to LLMs acting as reverser and checker roles. It generates candidate C/C++ implementations for specific functions or classes, then subjects them to an objective structural verifier, project-specific build and test commands, and eleven heuristic parity signals that compare the candidate against assembly, control-flow graphs, and normalized P-code. The tool stops short of patching your source tree automatically; instead it produces validated overlay candidates and a knowledge graph of evidence.
The interesting bit
The unusual part is the adversarial loop: a reverser model proposes code, a checker model critiques it, and the system can spawn bounded “investigations” to gather more evidence from the binary when the two disagree. Rather than treating an LLM’s output as ground truth, the tool treats it as a hypothesis that must survive compilation, tests, and a conservative parity gate that can block acceptance on RED signals like stub markers or assembly-size mismatches.
Key highlights
- Dual-model architecture with separate
reverserandcheckerLLM roles, optionally using different providers (e.g., Claude for reversal, Codex for critique). - Evidence gathering from Ghidra including decompilation, cross-references, structs, vtables, normalized high P-code, and control-flow graphs.
- Candidate validation via temporary project copies that run configured build and test commands before acceptance.
- Eleven built-in parity signals comparing generated source against binary evidence, with configurable RED/YELLOW blocking policies.
- Session history and a JSON knowledge graph connecting functions, globals, and strings across investigations.
Caveats
- Conservative verification is the point, not the bug: the tool returns
UNKNOWNwhen evidence is thin and rejects candidates on strong mismatches, and it does not claim to prove semantic equivalence. - Overloaded C++ methods that cannot be disambiguated against existing source are rejected outright rather than risk replacing the wrong function body.
- The built-in parity signal set is fixed in
0.2.0; you can adjust thresholds and add semantic rules, but not disable individual signals.
Verdict
Worth a look if you are reverse engineering large C/C++ binaries and want an autonomous assistant that treats LLM output as suspect. Skip it if you need guaranteed semantic equivalence or a one-click decompiler that patches your codebase automatically.
Frequently asked
- What is Dryxio/auto-re-agent?
- It exists to stop LLMs from confidently hallucinating decompiled C++ by forcing every guess through build tests and binary parity checks.
- Is auto-re-agent open source?
- Yes — Dryxio/auto-re-agent is open source, released under the MIT license.
- What language is auto-re-agent written in?
- Dryxio/auto-re-agent is primarily written in Python.
- How popular is auto-re-agent?
- Dryxio/auto-re-agent has 1.1k stars on GitHub.
- Where can I find auto-re-agent?
- Dryxio/auto-re-agent is on GitHub at https://github.com/Dryxio/auto-re-agent.