NSA Releases Java-Based Reverse Engineering Tool
- By John K. Waters
The National Security Agency (NSA) has open sourced its Ghidra software reverse engineering (SRE) framework. The agency announced the availability of Ghidra 9.0.2 at the annual RSA Security Conference, which wrapped up on Monday, and NSA senior advisor Robert Joyce demo'd it during a conference session.
Written in Java, Ghidra (pronounced GEE-druh) was developed by the NSA's Research Directorate for the agency's cybersecurity mission, and it has been used to support that mission for more than a decade. It was created to "solve scaling and teaming problems on complex SRE efforts," the agency explained, "and to provide a customizable and extensible SRE research platform. NSA has applied Ghidra SRE capabilities to a variety of problems that involve analyzing malicious code and generating deep insights for SRE analysts who seek a better understanding of potential vulnerabilities in networks and systems."
The framework comes with a suite of high-end tools for analyzing compiled code on a variety of platforms, including Windows, Mac OS, and Linux. Its list of capabilities includes disassembly, assembly, decompilation, graphing, and scripting, among hundreds of other features. It also supports a variety of processor instruction sets and executable formats, and it can be run in both user-interactive and automated modes. An Eclipse plugin (GhidraDev) comes with the distribution package.
"With this release, developers will be able to collaborate by creating patches, and extending the tool to fit their cybersecurity needs," the NSA said in a statement. The agency expects developers to create their own Ghidra plug-in components and/or scripts using Java or Python.
The full release of Ghidra 9.0.2, which is licensed under Apache 2.0, can be downloaded from the project homepage. The page includes links to documentation, and introduction video, an installation guide, and a link to a potential developer community. The complete source code, along with build instructions, are available now on GitHub.
John K. Waters is the editor in chief of a number of Converge360.com sites, with a focus on high-end development, AI and future tech. He's been writing about cutting-edge technologies and culture of Silicon Valley for more than two decades, and he's written more than a dozen books. He also co-scripted the documentary film Silicon Valley: A 100 Year Renaissance, which aired on PBS. He can be reached at [email protected].