The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

GHIDRA reverse engineering tool from NSA

Download PC Repair Tool to quickly find & fix Windows errors automatically

GHIDRA is a software reverse engineering (SRE) framework that helps analyze malicious code and malware like viruses. It has been created and maintained by the National Security Agency Research Directorate. Now if that sounds a bit scary, this tool isn’t getting installed on your devices. It has been developed to fight against malware and viruses so that they can be stopped. It also makes it possible to find potential vulnerabilities in networks and systems. This post offers an overview of GHIDRA reverse engineering tool from NSA.

GHIDRA reverse engineering tool

GHIDRA reverse engineering tool from NSA

The framework includes a software analysis tool which allows users or techies to analyze compiled software. Complied software in simple words means EXE files or final code which can run software on your computer. This tool reverses engineers to reach source code or at least part of which can make sense. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, and more.

Its open source which means the community can contribute both to source code or can build plugins to extend. You can use Java or Python to develop it. That said, it isn’t just a desktop tool. GHIDRA is built to scale and solve teaming problems on a sophisticated level. According to NSA

Ghidra SRE capabilities to a variety of problems. It can involve analyzing malicious code and generating deep insights for SRE analysts. It will help them in a better understanding of potential vulnerabilities in networks and systems.

Ghidra starts from Binary Code to Annotated assembly to ends up to final source code. In simple words, this software can convert all those 1’s and 0’s into human understandable language. The framework also offers a user interface instead of boring command line. It makes things easier for many.

Key features of GHIDRA

  1. Includes a suite of software analysis tools. It analyzes compiled code on a variety of platforms including Windows, macOS, and Linux.
  2. Supports a wide variety of processor instruction sets and executable formats.
  3. It can run in both user-interactive and automatic modes.
  4. Users may develop their plugins or scripts using open API.

Features of GHIDRA reverse engineering tool

Looking at this, it makes me wonder why NSA went ahead and open sourced it. Imagine this tool in the hands of hackers. They can read your source code, find the hack and write malware for it. Then you can go ahead and see the crack for the same using the same tool. It’s an infinite loop if two parties get at it.

Hopefully, we will get to see more talents in improving this software, and it is useful in better ways.

Read the GHIDRA presentation notes for details. It is available for download at Github. You may want to also read this thread on Reddit.

Fun Fact: WikiLeaks first revealed the existence of Ghidra in 2017. However, the software has made official into the public domain now.

111 Shares

[email protected]

Ashish holds a Bachelor's in Computer Engineering and is a veteran Windows and Xbox user. He has work experience as a Database and Microsoft.NET Developer. He has been a Microsoft MVP (2008-2010) and excels in writing tutorials to improve the day-to-day experience with your devices.

Share via
Facebook
Twitter
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap