 | |
 Disassembly of a file in Ghidra | |
| Original author(s) | NSA |
|---|---|
| Initial release | March 5, 2019 |
| Stable release | 11.0[1]
/ December 22, 2023 |
| Repository | github |
| Written in | Java, C++ |
| License | Apache License 2.0 / Public domain[2] |
| Website | ghidra-sre |
Ghidra (pronounced gee-druh;[3] /ˈɡiːdrə/[4]) is a free and open source reverse engineering tool developed by the National Security Agency (NSA) of the United States. The binaries were released at RSA Conference in March 2019; the sources were published one month later on GitHub.[5] Ghidra is seen by many security researchers as a competitor to IDA Pro.[6] The software is written in Java using the Swing framework for the GUI. The decompiler component is written in C++, and is therefore usable in a stand-alone form.[7]
Scripts to perform automated analysis with Ghidra can be written in Java or Python (via Jython),[8][9] though this feature is extensible and support for other programming languages is available via community plugins.[10] Plugins adding new features to Ghidra itself can be developed using a Java-based extension framework.[11]
History
Ghidra's existence was originally revealed to the public via Vault 7 in March 2017, but the software itself remained unavailable until its declassification and official release two years later.[5]
In June 2019, Coreboot began to use Ghidra for its reverse engineering efforts on firmware-specific problems following the open source release of the Ghidra software suite.[12]
Ghidra can be used, officially,[13][14] as a debugger since Ghidra 10.0. Ghidra's debugger supports debugging user-mode Windows programs via WinDbg, and Linux programs via GDB.[15]
Supported architectures
The following architectures or binary formats are supported:[16] [17]
See also
References
- ↑ "Releases · NationalSecurityAgency/ghidra". GitHub. Archived from the original on 2023-07-30. Retrieved 2023-12-22.
- ↑ "ghidra/NOTICE". GitHub.com. Archived from the original on 27 October 2022. Retrieved 13 April 2019.
- ↑ "Frequently asked questions". GitHub.com. Archived from the original on 5 March 2019. Retrieved 7 March 2019.
- ↑ "Come Get Your Free NSA Reverse Engineering Tool!". YouTube.com. Archived from the original on 2021-12-15. Retrieved 17 May 2019.
- 1 2 Newman, Lily Hay. "The NSA Makes Ghidra, a Powerful Cybersecurity Tool, Open Source". Wired. Archived from the original on 6 March 2019. Retrieved 6 March 2019.
- ↑ Cimpanu, Catalin. "NSA releases Ghidra, a free software reverse engineering toolkit". ZDNet. Archived from the original on 2019-03-06. Retrieved 2019-03-07.
- ↑ e. g. as Plugin Archived 2022-10-14 at the Wayback Machine for Radare2 oder Rizin.
- ↑ "Ghidra Scripting Class". GitHub. Archived from the original on 2023-02-20. Retrieved 2023-02-19.
- ↑ "Three Heads are Better Than One: Mastering NSA's Ghidra Reverse Engineering Tool" (PDF). GitHub. Archived (PDF) from the original on 2020-03-01. Retrieved 2019-09-30.
- ↑ "Ghidraal". GitHub. Archived from the original on 2023-02-20. Retrieved 2023-02-19.
- ↑ "Ghidra Advanced Development Class". GitHub. Archived from the original on 2023-02-20. Retrieved 2023-02-19.
- ↑ "Coreboot Project Is Leveraging NSA Software To Help With Firmware Reverse Engineering". Archived from the original on 2009-09-21. Retrieved 2019-06-05.
- ↑ "Compiled/built Ghidra 9.3 for Windows with Debugger feature by Galician R&D Center in Advanced Telecommunications employees". Archived from the original on 2022-11-25. Retrieved 2022-11-25.
- ↑ "Analizando el depurador de Ghidra". 11 March 2021. Archived from the original on 14 December 2022. Retrieved 14 December 2022.
- ↑ "What's new in Ghidra 10.0". Archived from the original on 2023-06-19. Retrieved 2021-06-24.
- ↑ "Rob Joyce on Twitter". Twitter.com. Archived from the original on 7 March 2019. Retrieved 6 March 2019.
- ↑ "List of Processors Supported by Ghidra". Github.com. Archived from the original on 12 October 2023. Retrieved 29 September 2023.
External links
