In January 2019, the National Security Agency (NSA) announced the release at the RSA Conference of the free reverse engineering framework GHIDRA.
GHIDRA is a multi-platform reverse engineering framework that runs on major OSs (Windows, macOS, and Linux).
The framework was first mentioned in the CIA Vault 7 dump that was leaked in 2017. WikiLeaks obtained thousands of files allegedly originating from a CIA high-security network that details CIA hacking techniques, tools, and capabilities. Digging in the huge trove of files, it is possible to find also information about the GHIDRA, a Java-based engineering tool.
Early March, the NSA has released the suite Ghidra that could be used to find vulnerabilities and security holes in applications.
You can download the GHIDRA source code and its component from the following links:
The platform was presented at the RSA Conference in San Francisco on Tuesday by Rob Joyce, former head of the NSA’s elite hacking team and now White House cybersecurity coordinator,
Joyce has presented the code-analysis suite, he remarked the absence of backdoors.
“There is no backdoor in Ghidra,” he announced. “This is the last community you want to release something out to with a backdoor installed, to people who hunt for this stuff to tear apart.”
After the release of GHIDRA some security experts and malware researchers have demonstrated how to use it in practical analysis. My colleagues at Cybaze-Yoroi ZLAB malware demonstrated how to use the NSA Ghidra suite in a real case study, the analysis of the AZORult malware.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.