NSA’s Reverse Engineering Tool Released


The National Security Agency (NSA) has published the complete source code on GitHub.

The National Security Agency (NSA) has released the source code of its software reverse engineering tool, GHIDRA, on GitHub.

GHIDRA is NSA’s classified, Java-based reverse engineering framework, which the agency uses to disassemble binaries of software to understand its functionality. It’s a critical tool to reverse engineer malicious software such as malware. GHIDRA also features a GUI and can run on Linux, macOS, and Windows.

“With this release, developers will be able to collaborate by creating patches, and extending the tool to fit their cybersecurity needs,” said the blog post.

According to NSA, the source code repository includes instructions to build on all supported platforms. GHIDRA source code includes a suite of software analysis tools. Some of its core capabilities include disassembly, assembly, decompilation, graphing, and scripting. It supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes.

Security analysts can use the source code to develop their own GHIDRA plug-in components and/or scripts using the exposed APIs.

The source code is available for download at ghidra-sre.org along with the 9.0.2 patch.


Related content

comments powered by Disqus