Software:Ghidra

From HandWiki
Short description: Free reverse engineering tool developed by the National Security Agency
Ghidra
The logo for the Ghidra framework
Ghidra-disassembly,March 2019.png
Disassembly of a file in Ghidra
Original author(s)NSA
Initial releaseMarch 5, 2019; 5 years ago (2019-03-05)
Stable release
11.0[1] / December 22, 2023; 6 months ago (2023-12-22)
Repositorygithub.com/NationalSecurityAgency/ghidra
Written inJava, C++
LicenseApache License 2.0 / Public domain[2]
Websiteghidra-sre.org

Ghidra (pronounced GEE-druh;[3] /ˈɡdrə/[4]) is a free and open source reverse engineering tool developed by the National Security Agency (NSA) of the United States. The binaries were released at RSA Conference in March 2019; the sources were published one month later on GitHub.[5] Ghidra is seen by many security researchers as a competitor to IDA Pro.[6] The software is written in Java using the Swing framework for the GUI. The decompiler component is written in C++, and is therefore usable in a stand-alone form.[7]

Scripts to perform automated analysis with Ghidra can be written in Java or Python (via Jython),[8][9] though this feature is extensible and support for other programming languages is available via community plugins.[10] Plugins adding new features to Ghidra itself can be developed using a Java-based extension framework.[11]

History

Ghidra's existence was originally revealed to the public via Vault 7 in March 2017,[citation needed] but the software itself remained unavailable until its declassification and official release two years later.[5]

In June 2019, Coreboot began to use Ghidra for its reverse engineering efforts on firmware-specific problems following the open source release of the Ghidra software suite.[12]

Ghidra can be used, officially,[13][14] as a debugger since Ghidra 10.0. Ghidra's debugger supports debugging user-mode Windows programs via WinDbg, and Linux programs via GDB.[15]

Supported architectures

The following architectures or binary formats are supported:[16] [17]


See also

References

  1. "Releases · NationalSecurityAgency/ghidra" (in en). https://github.com/NationalSecurityAgency/ghidra/releases. 
  2. "ghidra/NOTICE". https://github.com/NationalSecurityAgency/ghidra/blob/79d8f164f8bb8b15cfb60c5d4faeb8e1c25d15ca/NOTICE. Retrieved 13 April 2019. 
  3. "Frequently asked questions". https://github.com/NationalSecurityAgency/ghidra/wiki/Frequently-asked-questions#how-do-you-pronounce-ghidra. Retrieved 7 March 2019. 
  4. "Come Get Your Free NSA Reverse Engineering Tool!". https://www.youtube.com/watch?v=r3N13ig8H7s&t=4. Retrieved 17 May 2019. 
  5. 5.0 5.1 Newman, Lily Hay. "The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source". Wired. https://www.wired.com/story/nsa-ghidra-open-source-tool/. Retrieved 6 March 2019. 
  6. Cimpanu, Catalin. "NSA releases Ghidra, a free software reverse engineering toolkit" (in en). https://www.zdnet.com/article/nsa-release-ghidra-a-free-software-reverse-engineering-toolkit/. 
  7. e. g. as Plugin for Radare2 oder Rizin.
  8. "Ghidra Scripting Class". https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/Intermediate/Scripting.html. 
  9. "Three Heads are Better Than One: Mastering NSA's Ghidra Reverse Engineering Tool". https://github.com/0xAlexei/INFILTRATE2019/blob/master/INFILTRATE%20Ghidra%20Slides.pdf. 
  10. "Ghidraal". https://github.com/jpleasu/ghidraal. 
  11. "Ghidra Advanced Development Class". https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/AdvancedDevelopment/GhidraAdvancedDevelopment.html. 
  12. "Coreboot Project Is Leveraging NSA Software To Help With Firmware Reverse Engineering". https://www.phoronix.com/scan.php?page=news_item&px=Ghidra-Coreboot-NSA-RE. 
  13. "Compiled/built Ghidra 9.3 for Windows with Debugger feature by Galician R&D Center in Advanced Telecommunications employees.". https://www.linkedin.com/posts/davidalvarezperez_ghidra-software-reverse-engineering-for-beginners-activity-6746028492950945792-F8BG?utm_source=share&utm_medium=member_desktop. 
  14. "Analizando el depurador de Ghidra". 11 March 2021. https://www.gradiant.org/blog/analizando-el-depurador-de-ghidra/. 
  15. "What's new in Ghidra 10.0". https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_10.0_build/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html. 
  16. "Rob Joyce on Twitter". https://twitter.com/RGB_Lights/status/1103019876203978752. Retrieved 6 March 2019. 
  17. "List of Processors Supported by Ghidra". https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Processors. Retrieved 29 September 2023. 

External links

  • No URL found. Please specify a URL here or add one to Wikidata.
  • on GitHub