Software:Ghidra

From HandWiki
Ghidra
The logo for the Ghidra framework
Disassembly of a file in Ghidra
Original author(s)NSA
Initial releaseMarch 5, 2019; 6 years ago (2019-03-05)
Stable release
11.4.1[1] / July 31, 2025; 4 months ago (2025-07-31)
Repositorygithub.com/NationalSecurityAgency/ghidra
Written inJava, C++
LicenseApache License 2.0 / Public domain[2]
Websiteghidra-sre.org

Ghidra (/ˈɡdrə/[3] GEE-druh[4]) is a free and open source reverse engineering tool developed by the National Security Agency (NSA) of the United States. The binaries were released at the RSA Conference in March 2019; the source code was published one month later on GitHub.[5] Ghidra is seen by many security researchers as a competitor to IDA Pro.[6] The software is written in Java using the Swing framework for the GUI. The decompiler component is written in C++, and is therefore usable in a stand-alone form.[7]

Scripts to perform automated analysis with Ghidra can be written in Java or Python (via Jython),[8][9] though this feature is extensible and support for other programming languages is available via community plugins.[10] Plugins adding new features to Ghidra itself can be developed using a Java-based extension framework.[11]

History

Ghidra's existence was originally revealed to the public via Vault 7 in March 2017,[12] but the software itself remained unavailable until its declassification and official release two years later.[5] Some comments in its source code indicate that it existed as early as 1999.[13]

High-level changelog[14][15]
Version Year Major features
1.0 2003 Proof of concept
2.0 2004 Database, docking windows
3.0 2006 SLEIGH, decompiler, version control
4.0 2007 Scripting, version tracking
5.0 2010 File system browser
6.0 2014 First unclassified version
9.0 2019 First public release
9.2 2020 Graph visualization, new PDB parser
10.0 2021 Debugger
11.0 2023 Rust and Go binaries support, BSim
11.1 2024 Swift and DWARF 5 support, Mach-O improvements

In June 2019, coreboot began to use Ghidra for its reverse engineering efforts on firmware-specific problems following the open source release of the Ghidra software suite.[16]

Ghidra can be used as a debugger since Ghidra 10.0. Ghidra's debugger supports debugging user-mode Windows programs via WinDbg, and Linux programs via GDB.[17]

Supported architectures

The following architectures or binary formats are supported:[18] [19]

See also

References

  1. "Releases · NationalSecurityAgency/ghidra" (in en). https://github.com/NationalSecurityAgency/ghidra/releases. 
  2. "ghidra/NOTICE". https://github.com/NationalSecurityAgency/ghidra/blob/79d8f164f8bb8b15cfb60c5d4faeb8e1c25d15ca/NOTICE. Retrieved 13 April 2019. 
  3. "Come Get Your Free NSA Reverse Engineering Tool!". May 16, 2019. https://www.youtube.com/watch?v=r3N13ig8H7s&t=4. Retrieved 17 May 2019. 
  4. "Frequently asked questions". https://github.com/NationalSecurityAgency/ghidra/wiki/Frequently-asked-questions#how-do-you-pronounce-ghidra. Retrieved 7 March 2019. 
  5. 5.0 5.1 Newman, Lily Hay. "The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source". Wired. https://www.wired.com/story/nsa-ghidra-open-source-tool/. Retrieved 6 March 2019. 
  6. Cimpanu, Catalin. "NSA releases Ghidra, a free software reverse engineering toolkit" (in en). https://www.zdnet.com/article/nsa-release-ghidra-a-free-software-reverse-engineering-toolkit/. 
  7. e. g. as Plugin for Radare2 oder Rizin.
  8. "Ghidra Scripting Class". https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/Intermediate/Scripting.html. 
  9. "Three Heads are Better Than One: Mastering NSA's Ghidra Reverse Engineering Tool". https://github.com/0xAlexei/INFILTRATE2019/blob/master/INFILTRATE%20Ghidra%20Slides.pdf. 
  10. "Ghidraal". https://github.com/jpleasu/ghidraal. 
  11. "Ghidra Advanced Development Class". https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/AdvancedDevelopment/GhidraAdvancedDevelopment.html. 
  12. "NSA to release a free reverse engineering tool" (in en). https://www.zdnet.com/article/nsa-to-release-a-free-reverse-engineering-tool/. 
  13. "Build software better, together" (in en). https://github.com/search?q=repo:NationalSecurityAgency/ghidra+1999+language:Java&type=code&l=Java. 
  14. "ghidra/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html at master · NationalSecurityAgency/ghidra" (in en). https://github.com/NationalSecurityAgency/ghidra/blob/master/Ghidra/Configurations/Public_Release/src/global/docs/ChangeHistory.html. 
  15. Ghidra - Journey from Classified NSA Tool to Open Source. Archived from the original on 2024-05-08. Retrieved 2024-05-08 – via www.youtube.com.
  16. "Coreboot Project Is Leveraging NSA Software To Help With Firmware Reverse Engineering". https://www.phoronix.com/scan.php?page=news_item&px=Ghidra-Coreboot-NSA-RE. 
  17. "What's new in Ghidra 10.0". https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_10.0_build/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html. 
  18. Joyce, Rob [@RGB_Lights]. "Ghidra processor modules: X86 16/32/64, ARM/AARCH64, PowerPC 32/64, VLE, MIPS 16/32/64, micro, 68xxx, Java / DEX bytecode, PA-RISC, PIC 12/16/17/18/24, Sparc 32/64, CR16C, Z80, 6502, 8051, MSP430, AVR8, AVR32, Others+ variants as well. Power users can expand by defining new ones". https://twitter.com/RGB_Lights/status/1103019876203978752.  Missing or empty |date= (help)
  19. "List of Processors Supported by Ghidra". https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Processors. Retrieved 29 September 2023. 
  • No URL found. Please specify a URL here or add one to Wikidata.
  • on GitHub



Retrieved from "https://handwiki.org/wiki/index.php?title=Software:Ghidra&oldid=3955767"