The National Security Agency released the source code of Ghidra, its reverse engineering tool, on April 4, 2019.
This source code repository includes instructions to build on all supported platforms (macOS, Linux, and Windows). With this release, developers will be able to collaborate by creating patches and extending the tool to fit their cybersecurity needs.
The source code is available for download at ghidra-sre.org along with the full 9.2 release build.
Ghidra is a software reverse engineering (SRE) framework developed by NSA's Research Directorate for NSA's cybersecurity mission. It helps analyze malicious code and malware like viruses, and can give cybersecurity professionals a better understanding of potential vulnerabilities in their networks and systems
Key Features Of Ghidra:
includes a suite of software analysis tools for analyzing compiled code on a variety of platforms including Windows, Mac OS, and Linux
capabilities include disassembly, assembly, decompilation, graphing and scripting, and hundreds of other features
supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes.
users may develop their own Ghidra plug-in components and/or scripts using the exposed API
Can Anyone Use Ghidra?
Not exactly. You do need to have some proficiency with programming at the very least. You don’t need to be a software engineer, but if you’ve done a few college courses in programming you can get into Ghidra and teach yourself how to use it.
the official Ghidra website also has an installation guide, quick references, a wiki, and an issue tracker. The point of providing all that is so that everyone can learn, and together make the world safer from malicious hacker
What is Reverse Engineering and Why is it Used?
Generally, reverse-engineering (RE) refers to the process of taking something apart to figure out how it was made. You may have done this yourself with a small appliance at home, just trying to figure out how to fix it yourself. But we’re talking about RE a program. It’s just code, right? Why don’t we just look at the code behind it?
When you write a program in a language like or Java, there’s a step between writing it and being able to use it on a computer. The language you’re programming in is readable to you, but not necessarily readable by the computer. It must be translated into something that the computer can work with. This process is called compiling.
Once a program is compiled, it’s no longer readable by humans.
If you want to figure out how that program works, you need to take it apart to the level where you can see what’s in it. You need a toolkit for that, just like you need a toolkit of screwdrivers and wrenches to take about a small appliance or engine.
That’s where Ghidra comes into play. It’s a toolbox for taking software apart to see how it ticks. There are already other similar tools like IDA, Radare, and Binary Ninja.
Post a Comment