The US National Security Agency will release to the internally developed reverse engineering tool at the upcoming RSA security conference that will be held at the start of March, in San Francisco.
The framework name is GHIDRA, the GHIDRA was first publicly revealed by WikiLeaks CIA vault7 leak. NASA adviser Robert Joyce conform to GHIRDA tool for free his RSA conference Season description.
According to these documents, GHIDRA is coded in Java, has a graphical user interface (GUI), and works on Windows, Mac, and Linux, also support a variety of processor instruction sets.
GHIDRA toolkit also used to analyze binary files used programs, for all major operating system, such as Windows, Mac, Linux, Android, and iOS, and modular architecture allows users to add packages in case they need extra features.
Most users say that GHIDRA is slower and buggier than IDA, but by open-sourcing it, the NSA will benefit from free maintenance from the open source community, allowing GHIDRA to quickly catch up and maybe surpass IDA.
According to GHIDRA conference, the tool “includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed.”
According to the vault7 document.GHIDRA was initially developed by The United States’ National Security Agency in the early 2000s. the developer Reditte name Hase_Define to claim it’s been sharing it with other US government agencies that have cyber teams who need to look at the inner workings of malware strains or suspicious software.
Ghidra is a GOTS reverse engineering tool developed @NSA. Its purty cool.
The Ghidra packages are available on DEVLAN @ \\fs-01.devlan.net\share\NSA\Ghidra
The latest version of Ghidra is 7.0.2
Ghidra requires Java. The current version requires Java 1.7