Technology 3 min read

Ghidra, NSA’s Software Reverse-Engineering Tool, Is Now Open Source

In a push towards opening up their security software, the NSA has made Ghidra, a reverse-engineering tool, open to the public.

This open source tool could be incredibly helpful for reverse engineering malware and other harmful threats. ¦ Image via NSA

This open source tool could be incredibly helpful for reverse engineering malware and other harmful threats. ¦ Image via NSA

America’s National Security Agency, in an attempt to help out the cybersecurity community, announced that Ghidra would become open source.

During the RSA security conference in San Francisco on Tuesday, the agency demonstrated how the reverse-engineering tool works and how it’ll not only contribute to the country’s cybersecurity community, but also the world at large.

How Ghidra Works

Malware analysts and threat intelligence researchers use reverse engineering to work backward on a software – examples include a malware being used to carry out attacks. The process reveals essential information such as the capabilities of the software, where it came from, and who wrote it.

The reverse engineering process not only allows developers to check their code for weaknesses, but it also confirms that it works as intended.

The NSA developed Ghidra in the early 2000s as a reverse-engineering tool for software on the most popular operating systems. These include macOS, Windows, and Linux, as well as mobile iOS and Android. Also, users can run the Java-based toolkit on any of the desktop platforms.

Since Ghidra is modular, security professionals can customize it to suit their purpose. Using Javascript or Python, users can extend the capabilities of a specific module. But, Ghidra’s modularity also allows the NSA to hold onto modules that the agency doesn’t want public.

As a reverse-engineering platform, Ghidra is quite impressive. It has a shared repository and version control, which comes in handy when collaborating with colleagues. There’s also a file system that allows users to view, extract, and import nested malware functions.

However, NSA security adviser Rob Joyce’s Ghidra feature is the undo-redo mechanism which allows users to explore different theories on how the code they are analyzing may act. And if the idea doesn’t pan out, the mechanism provides a convenient way to go back a few steps.

Read More: The Future of Biohacking: Implanting Malware into DNA

Joyce noted that:

“If you’ve done software reverse engineering, what you’ve found out is it’s both art and science; there’s not a hard path from the beginning to the end,”

The NSA security officer believes that releasing Ghidra to the open source community would lead to improvements in the toolkit, and the agency would eventually benefit from such an upgrade.

At the moment, users can download Ghidra from its official site.

Read More: Quantum Security: Quantum Key Distribution is the End of Malware

First AI Web Content Optimization Platform Just for Writers

Found this article interesting?

Let Sumbo Bello know how much you appreciate this article by clicking the heart icon and by sharing this article on social media.


Profile Image

Sumbo Bello

Sumbo Bello is a creative writer who enjoys creating data-driven content for news sites. In his spare time, he plays basketball and listens to Coldplay.

Comments (0)
Most Recent most recent
You
102
share Scroll to top

Link Copied Successfully

Sign in

Sign in to access your personalized homepage, follow authors and topics you love, and clap for stories that matter to you.

Sign in with Google Sign in with Facebook

By using our site you agree to our privacy policy.