NSA To Release A Free Reverse Engineering Tool ‘GHIDRA’

Afree reverse engineering framework called GHIDRA developed by the U.S. National Security Agency will be released at the RSAConference in March.

GHIDRA software is essentially a disassembler, that breaks down executable files into assembly code that can then be examined by humans.

Developed in the early the 2000s, GHIDRA has been used by several other US government agencies where cyber teams need to analyze malware strains or suspicious software.

According to ZDNet, the existence of this reverse engineering tool isn’t exactly a secret and the concept isn’t new either. GHIDRA came into the spotlight in March 2017 when WikiLeaks revealed it in the Vault7 (a collection of internal documentation files supposedly stolen from CIA’s network)

The Vault7 documents describe GHIDRA as a tool that is coded in Java and has a graphical user interface (GUI). It works on Windows, Mac, and Linux.

GHIDRA also has the capability to analyze binaries for all major OS such as Windows, Mac, Linux, Android, and iOS. The software’s modular architecture lets users add packages when they need extra features.

Other existing reverse engineering options like IDA are expensive and generally inaccessible so even though GHIDRA is said to be slower and buggier, it still makes up for a great tool for those who’d like to see what makes a code tick.

Meanwhile, on NSA’s part, this gesture isn’t entirely altruistic as there are benefits of open-sourcing GHIDRA such as free maintenance from the open source community. This might allow GHIDRA to improve and catch up to other tools like IDA.

The software will be demoed at the RSA conference in March and is expected to be released on the NSA’s Code page and GitHub account soon.

Leave a Reply

Your email address will not be published. Required fields are marked *