Video: First Look at Ghidra (NSA Reverse Engineering Tool)

Today during RSA Conference, the National Security Agency release their much hyped Ghidra reverse engineering toolkit. Described as “A software reverse engineering (SRE) suite of tools”, Ghidra sounded like some kind of disassembler framework.Prior to release, my expectation was something more than Binary Ninja, but lacking debugger integration. I figured the toolkit would be ideal for those interested in reversing, but who lack the funding for an IDA licence.

Obviously, there are going to be many conspiracies surrounding the released. I’ve already seen many unsubstantiated claims Ghidra is an NSA backdoor. My thoughts are that this tool is simply an investment in the future generation. By providing the tools & knowledge required to further people’s interest, you improve overall talent. More talent will lead to higher quality job applicants, potentially reducing the NSA’s skill shortage down the line; GCHQ has been using similar techniques for a while now.

Download Link: https://ghidra-sre.org/ghidra_9.0_PUBLIC_20190228.zip

  • side-by-side disassembly and decompiler
  • disassembly window
  • functions grouped by address
  • Symbols Tree (imports are grouped by DLL)
  • parsing of PE header
  • Option for collaborative reverse engineering
  • Useful file information on open