Top Qs
Timeline
Chat
Perspective
Ghidra
Free reverse engineering tool developed by the National Security Agency From Wikipedia, the free encyclopedia
Remove ads
Ghidra (pronounced GEE-druh;[3] /ˈɡiːdrə/[4]) is a free and open source reverse engineering tool developed by the National Security Agency (NSA) of the United States. The binaries were released at RSA Conference in March 2019; the sources were published one month later on GitHub.[5] Ghidra is seen by many security researchers as a competitor to IDA Pro.[6] The software is written in Java using the Swing framework for the GUI. The decompiler component is written in C++, and is therefore usable in a stand-alone form.[7]
Remove ads
Scripts to perform automated analysis with Ghidra can be written in Java or Python (via Jython),[8][9] though this feature is extensible and support for other programming languages is available via community plugins.[10] Plugins adding new features to Ghidra itself can be developed using a Java-based extension framework.[11]
Remove ads
History
Ghidra's existence was originally revealed to the public via Vault 7 in March 2017,[12] but the software itself remained unavailable until its declassification and official release two years later.[5] Some comments in its source code indicate that it existed as early as 1999.[13]
In June 2019, coreboot began to use Ghidra for its reverse engineering efforts on firmware-specific problems following the open source release of the Ghidra software suite.[16]
Ghidra can be used, officially,[17][18] as a debugger since Ghidra 10.0. Ghidra's debugger supports debugging user-mode Windows programs via WinDbg, and Linux programs via GDB.[19]
Remove ads
Supported architectures
The following architectures or binary formats are supported:[20] [21]
See also
References
External links
Wikiwand - on
Seamless Wikipedia browsing. On steroids.
Remove ads