Reverse engineer executables with the NSA's GHIDRA disassembler

Cal Jeffrey

TS Evangelist
Staff member

The NSA notes the GHIDRA framework is essentially a disassembler for Window, Mac, and Linux. It is able to break an executable file down into assembly code for analysis. Disassemblers are very useful for security researchers who want to dig into a piece of malware to see how it works.

The NSA has already shared it with other government agencies. In fact, the public first heard about GHIDRA when WikiLeaks published Vault 7 in 2017, which were internal documents gathered from the Central Intelligence Agency.

The software is written in Java, so can run on any system with JRE installed. GHIDRA can break down binaries for virtually any operating system including Windows, macOS, Linux, iOS and Android. It is also modular in design so users can add packages to it for extended functionality.

"An interactive GUI enables reverse engineers to leverage an integrated set of features that run on a variety of platforms … and supports a variety of processor instruction sets."

Government officials who have used GHIDRA told ZDNet that the software is well-liked. It is reportedly comparable to Hex-Rays’ IDA, albeit somewhat buggy. By going open-source, developers outside the NSA will be able to dig in and squash the bugs pretty quickly making it a viable free alternative.

GHIDRA is not the only tool that the NSA has made available to the public. It has more than 30 other apps with various functionality and goofy names like Beer Garden, Maplesyrup, Lemongrenade, and Waterslide. The repositories for all NSA software can be found on its GitHub pages.

The NSA will demo GHIDRA during the RSA Conference on March 5 in San Francisco. The software will be made available later that day.

Permalink to story.

 

cliffordcooley

TS Redneck
I didn't read where they said this software was opensource. The use of this software doesn't make the software being evaluated opensource either. What I did read is the software will be available free to use for evaluating other software.
 

cliffordcooley

TS Redneck
Bold as in showing an ability to take risks; confident and courageous
. . . . or as in having a strong or vivid appearance
Bald as in no hair

So you could say he was bold for wearing a ponytail with a big bald spot on his head.
 
  • Like
Reactions: Reehahs
R

Right side bob

I didn't read where they said this software was opensource. The use of this software doesn't make the software being evaluated opensource either. What I did read is the software will be available free to use for evaluating other software.
crtl+f By going open-source
Edit: The article mostly focuses on the fact that this software will be free to use not that its opensource.
 
Last edited by a moderator:
  • Like
Reactions: cliffordcooley