NSA Will Release Free Reverse Engineering Tool
Written by Kay Ewbank   
Thursday, 10 January 2019

The National Security Agency will give a session at the RSA security conference in March in San Francisco at which it will release a free version of GHIDRA, its reverse engineering tool.

The announcement of the session on the RSA website says:

"NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS and LINUX and supports a variety of processor instruction sets. The GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed, and will be released for free public use at RSA."

nsalogo

The session will be given by Rob Joyce, Senior Advisor for Cybersecurity Strategy to the Director of the National Security Agency (NSA). GHIDRA was developed in the early 2000s at the NSA, and has been available for use by other government departments who need to examine the internals of potentially dangerous software or known malware.

The existence of GHIDRA became known to the wider software community in 2017 when WikiLeaks published Vault7, the large collection of documents allegedly acquired from the internal network of the CIA. According to the page about GHIDRA on Vault7, GHIDRA is written in Java. As the RSA intro confirms, Vault7 says GHIDRA has a graphical interface and works on Linux, Windows and Mac.

GHIDRA is actually a disassembler, so can take an executable file and analyze it to show as output what the assembly language was that created the executable. It can be used to analyze executables for all the major operating systems, including Windows, Mac, Linux, Android, and iOS. People who've used to software say its modular architecture means developers can add packages with extra features. Discussions on sites such as Twitter and Reddit say GHIDRA is in some ways similar to the reverse engineering tool IDA, but that it's slower and has some bugs. One theory on why it's being open sourced is that the NSA will benefit from improvements and bug fixes by the developers of the open source community.  However, the NSA has made a wide variety of its software open source already in recent years; you can see the full list on the NSA Code Page. The most recent move to openness by the NSA has been the opening of an official GitHub account. 

 

nsalogo

More Information

RSA Announcement Of GHIDRA Session

NSA Code Page

NSA GitHub Account

GHIDRA On Wikileaks

Related Articles

LOGJAM - Can The NSA Break 1024-bit DHM Keys?

What Does The NSA Think Of Cryptographers?

NSA Codebreaker Challenge 3.0

 

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on, Twitter, FacebookGoogle+ or Linkedin.

Banner


Google Places API Upgraded And Monetized
07/02/2019

Google is upgrading the Places API for Android and iOS, and at the same time is deprecating the free Places SDK in Google Play Services, with a full shutdown date of the end of July 2019.



Guido van Rossum Core Developer Grant Launched
01/02/2019

The EuroPython Society has launched a new grant program and has named it in recognition of Guido van Rossum's almost 20 years of leading the Python Core Developer team.


More News

Python

 



 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Thursday, 10 January 2019 )