NSA to release a free reverse engineering tool
GHIDRA is written in Java and works on Windows, Mac, and Linux.
The US National Security Agency will release a free reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco.
The software’s name is GHIDRA and in technical terms, is a disassembler, a piece of software that breaks down executable files into assembly code that can then be analyzed by humans.
The NSA developed GHIDRA at the start of the 2000s, and for the past few years, it’s been sharing it with other US government agencies that have cyber teams who need to look at the inner workings of malware strains or suspicious software.
GHIDRA’s existence was never a state secret, but the rest of the world learned about it in March 2017 when WikiLeaks published Vault7, a collection of internal documentation files that were allegedly stolen from the CIA’s internal network. Those documents showed that the CIA was one of the agencies that had access to the tool.
According to these documents, GHIDRA is coded in Java, has a graphical user interface (GUI), and works on Windows, Mac, and Linux.
GHIDRA can also analyze binaries for all major operating systems, such as Windows, Mac, Linux, Android, and iOS, and a modular architecture allows users to add packages in case they need extra features.
According to GHIDRA’s description in the RSA conference session intro, the tool “includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed.”