Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, Mac OS, and Linux.
Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide variety of process instruction sets and executable formats and can be run in both user-interactive and automated modes. Users may also develop their own Ghidra plug-in components and/or scripts using Java or Python.
Top Features of Ghidra:
- includes a suite of software analysis tools for analyzing compiled code on a variety of platforms including Windows, Mac OS, and Linux
- capabilities include disassembly, assembly, decompilation, graphing and scripting, and hundreds of other features
- supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes.
- users may develop their own Ghidra plug-in components and/or scripts using the exposed API
NSA make Ghidra available to the public as an open source release in time for its first public demonstration at the 2019 RSA Conference this March. For more NSA releases, check out CODE.NSA.GOV for open source, and NSA’s Technology Transfer Program for other technology.
