The US National Security Agency (NSA) will release a free reverse engineering tool (reverse engineering tool) at the upcoming RSA Security Conference to be held in early March, at san francisco.
The name of the software is GHIDRA and from a technical point of view it is a disassembler. The application converts executable files into assembly code that can be analyzed by stakeholders.
The NSA developed GHIDRA at the beginning of the 2000 and in recent years has shared it with other US government agencies to look into the malware or suspicious software inside.
The existence of GHIDRA was never a state secret, but we learned about this in March of 2017 when WikiLeaks published the Vault7, μια συλλογή από κλεμμένα αρχεία της CIA. Η CIA ήταν ένας από τους οργανισμούς που είχαν access in the tool.
GHIDRA is written in Java, has a GUI and runs on Windows, Mac and Linux.
It can parse binaries for all major operating systems such as Windows, Mac, Linux, Android and iOS, while its modular architecture allows users to add packages if additional features are needed.
According to description του GHIDRA στο intro session του συνεδρίου RSA, το εργαλείο “περιλαμβάνει όλα τα χαρακτηριστικά που αναμένονται στα εμπορικά tools υψηλής τεχνολογίας, με νέες και διευρυμένες λειτουργίες που ανέπτυξε η NSA”.
Users who have already tested GHIDRA report that it is slower than IDA, but its open nature allows for improvements, and the NSA will of course benefit from free maintenance of the application by the open source community code.
In total, the NSA has "opened" 32 projects and has an official GitHub account as well.
GHIDRA will be presented at the RSA conference on March 5 and is expected to be released shortly on the page -- of the organization but also in their account at GitHub.
_____________________
- What is RAID? Guide for Beginners
- What is Software, Hardware and Motherboard RAID? Guide for Beginners