Software:Ghidra
 | |
 Disassembly of a file in Ghidra | |
| Original author(s) | NSA |
|---|---|
| Initial release | March 5, 2019 |
| Stable release | 11.0[1]
/ December 22, 2023 |
| Repository | github |
| Written in | Java, C++ |
| License | Apache License 2.0 / Public domain[2] |
| Website | ghidra-sre |
Ghidra (pronounced GEE-druh;[3] /ˈɡiːdrə/[4]) is a free and open source reverse engineering tool developed by the National Security Agency (NSA) of the United States. The binaries were released at RSA Conference in March 2019; the sources were published one month later on GitHub.[5] Ghidra is seen by many security researchers as a competitor to IDA Pro.[6] The software is written in Java using the Swing framework for the GUI. The decompiler component is written in C++, and is therefore usable in a stand-alone form.[7]
Scripts to perform automated analysis with Ghidra can be written in Java or Python (via Jython),[8][9] though this feature is extensible and support for other programming languages is available via community plugins.[10] Plugins adding new features to Ghidra itself can be developed using a Java-based extension framework.[11]
History
Ghidra's existence was originally revealed to the public via Vault 7 in March 2017,[citation needed] but the software itself remained unavailable until its declassification and official release two years later.[5]
In June 2019, Coreboot began to use Ghidra for its reverse engineering efforts on firmware-specific problems following the open source release of the Ghidra software suite.[12]
Ghidra can be used, officially,[13][14] as a debugger since Ghidra 10.0. Ghidra's debugger supports debugging user-mode Windows programs via WinDbg, and Linux programs via GDB.[15]
Supported architectures
The following architectures or binary formats are supported:[16] [17]
- x86 16, 32 and 64 bit
- ARM and AARCH64
- PowerPC 32/64 and VLE
- MIPS 16/32/64
- MicroMIPS
- 68xxx
- Java and DEX bytecode
- PA-RISC
- RISC-V
- eBPF
- BPF
- Tricore
- PIC 12/16/17/18/24
- SPARC 32/64
- CR16C
- Z80
- 6502
- 8048, 8051
- MSP430
- AVR8, AVR32
- SuperH
- V850
- LoongArch
- Xtensa
See also
- IDA Pro
- JEB decompiler
- radare2
- Binary Ninja
References
- ↑ "Releases · NationalSecurityAgency/ghidra" (in en). https://github.com/NationalSecurityAgency/ghidra/releases.
- ↑ "ghidra/NOTICE". https://github.com/NationalSecurityAgency/ghidra/blob/79d8f164f8bb8b15cfb60c5d4faeb8e1c25d15ca/NOTICE. Retrieved 13 April 2019.
- ↑ "Frequently asked questions". https://github.com/NationalSecurityAgency/ghidra/wiki/Frequently-asked-questions#how-do-you-pronounce-ghidra. Retrieved 7 March 2019.
- ↑ "Come Get Your Free NSA Reverse Engineering Tool!". https://www.youtube.com/watch?v=r3N13ig8H7s&t=4. Retrieved 17 May 2019.
- ↑ 5.0 5.1 Newman, Lily Hay. "The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source". Wired. https://www.wired.com/story/nsa-ghidra-open-source-tool/. Retrieved 6 March 2019.
- ↑ Cimpanu, Catalin. "NSA releases Ghidra, a free software reverse engineering toolkit" (in en). https://www.zdnet.com/article/nsa-release-ghidra-a-free-software-reverse-engineering-toolkit/.
- ↑ e. g. as Plugin for Radare2 oder Rizin.
- ↑ "Ghidra Scripting Class". https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/Intermediate/Scripting.html.
- ↑ "Three Heads are Better Than One: Mastering NSA's Ghidra Reverse Engineering Tool". https://github.com/0xAlexei/INFILTRATE2019/blob/master/INFILTRATE%20Ghidra%20Slides.pdf.
- ↑ "Ghidraal". https://github.com/jpleasu/ghidraal.
- ↑ "Ghidra Advanced Development Class". https://github.com/NationalSecurityAgency/ghidra/blob/master/GhidraDocs/GhidraClass/AdvancedDevelopment/GhidraAdvancedDevelopment.html.
- ↑ "Coreboot Project Is Leveraging NSA Software To Help With Firmware Reverse Engineering". https://www.phoronix.com/scan.php?page=news_item&px=Ghidra-Coreboot-NSA-RE.
- ↑ "Compiled/built Ghidra 9.3 for Windows with Debugger feature by Galician R&D Center in Advanced Telecommunications employees.". https://www.linkedin.com/posts/davidalvarezperez_ghidra-software-reverse-engineering-for-beginners-activity-6746028492950945792-F8BG?utm_source=share&utm_medium=member_desktop.
- ↑ "Analizando el depurador de Ghidra". 11 March 2021. https://www.gradiant.org/blog/analizando-el-depurador-de-ghidra/.
- ↑ "What's new in Ghidra 10.0". https://htmlpreview.github.io/?https://github.com/NationalSecurityAgency/ghidra/blob/Ghidra_10.0_build/Ghidra/Configurations/Public_Release/src/global/docs/WhatsNew.html.
- ↑ "Rob Joyce on Twitter". https://twitter.com/RGB_Lights/status/1103019876203978752. Retrieved 6 March 2019.
- ↑ "List of Processors Supported by Ghidra". https://github.com/NationalSecurityAgency/ghidra/tree/master/Ghidra/Processors. Retrieved 29 September 2023.
External links
- No URL found. Please specify a URL here or add one to Wikidata.
- on GitHub
 |  |
