|NSA Will Release Free Reverse Engineering Tool|
|Written by Kay Ewbank|
|Thursday, 10 January 2019|
The National Security Agency will give a session at the RSA security conference in March in San Francisco at which it will release a free version of GHIDRA, its reverse engineering tool.
The announcement of the session on the RSA website says:
"NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS and LINUX and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA."
The session will be given by Rob Joyce, Senior Advisor for Cybersecurity Strategy to the Director of the National Security Agency (NSA). GHIDRA was developed in the early 2000s at the NSA, and has been available for use by other government departments who need to examine the internals of potentially dangerous software or known malware.
The existence of GHIDRA became known to the wider software community in 2017 when WikiLeaks published Vault7, the large collection of documents allegedly acquired from the internal network of the CIA. According to the page about GHIDRA on Vault7, GHIDRA is written in Java. As the RSA intro confirms, Vault7 says GHIDRA has a graphical interface and works on Linux, Windows and Mac.
GHIDRA is actually a disassembler, so can take an executable file and analyze it to show as output what the assembly language was that created the executable. It can be used to analyze executables for all the major operating systems, including Windows, Mac, Linux, Android, and iOS. People who've used to software say its modular architecture means developers can add packages with extra features. Discussions on sites such as Twitter and Reddit say GHIDRA is in some ways similar to the reverse engineering tool IDA, but that it's slower and has some bugs. One theory on why it's being open sourced is that the NSA will benefit from improvements and bug fixes by the developers of the open source community. However, the NSA has made a wide variety of its software open source already in recent years; you can see the full list on the NSA Code Page. The most recent move to openness by the NSA has been the opening of an official GitHub account.
or email your comment to: firstname.lastname@example.org
|Last Updated ( Thursday, 10 January 2019 )|