NSA Will Release Free Reverse Engineering Tool
Written by Kay Ewbank   
Thursday, 10 January 2019

The National Security Agency will give a session at the RSA security conference in March in San Francisco at which it will release a free version of GHIDRA, its reverse engineering tool.

The announcement of the session on the RSA website says:

"NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS and LINUX and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA."

nsalogo

The session will be given by Rob Joyce, Senior Advisor for Cybersecurity Strategy to the Director of the National Security Agency (NSA). GHIDRA was developed in the early 2000s at the NSA, and has been available for use by other government departments who need to examine the internals of potentially dangerous software or known malware.

The existence of GHIDRA became known to the wider software community in 2017 when WikiLeaks published Vault7, the large collection of documents allegedly acquired from the internal network of the CIA. According to the page about GHIDRA on Vault7, GHIDRA is written in Java. As the RSA intro confirms, Vault7 says GHIDRA has a graphical interface and works on Linux, Windows and Mac.

GHIDRA is actually a disassembler, so can take an executable file and analyze it to show as output what the assembly language was that created the executable. It can be used to analyze executables for all the major operating systems, including Windows, Mac, Linux, Android, and iOS. People who've used to software say its modular architecture means developers can add packages with extra features. Discussions on sites such as Twitter and Reddit say GHIDRA is in some ways similar to the reverse engineering tool IDA, but that it's slower and has some bugs. One theory on why it's being open sourced is that the NSA will benefit from improvements and bug fixes by the developers of the open source community.  However, the NSA has made a wide variety of its software open source already in recent years; you can see the full list on the NSA Code Page. The most recent move to openness by the NSA has been the opening of an official GitHub account. 

 

nsalogo

More Information

RSA Announcement Of GHIDRA Session

NSA Code Page

NSA GitHub Account

GHIDRA On Wikileaks

Related Articles

LOGJAM - Can The NSA Break 1024-bit DHM Keys?

What Does The NSA Think Of Cryptographers?

NSA Codebreaker Challenge 3.0

 

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, Facebook or Linkedin.

Banner


Apple Demands That We Include Sign In With Apple
12/06/2019

Apple seems to not know the old saying about "when you are in a hole stop digging". Or is it more like lighting another fire when the house isn't quite an inferno?



CERN Goes Open Source
18/06/2019

The European Organisation for Nuclear Research, CERN, is stopping using Microsoft products in favor of open-source. The decision has been taken following big increases in license fees by Microsof [ ... ]


More News

appC

 



 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Thursday, 10 January 2019 )