GHIDRA – NSA’s reverse engineering tool is getting ready for a free public release this March at the RSA Conference 2019 to be held in San Francisco.
The National Security Agency (NSA) did not officially announce this – however – a senior NSA advisor, Robert Joyce’s session description on the official RSA conference website revealed about it before any official statement or announcement.
Here’s what it mentioned:
In case the text in the image isn’t properly visible, let me quote the description here:
NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019. An interactive GUI capability enables reverse engineers to leverage an integrated set of features that run on a variety of platforms including Windows, Mac OS, and Linux and supports a variety of processor instruction sets. The GHISDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed. and will be released for free public use at RSA.
What is GHIDRA?
GHIDRA is a software reverse engineering framework developed by NSA that is in use by the agency for more than a decade.
Basically, a software reverse engineering tool helps to dig up the source code of a proprietary program which further gives you the ability to detect virus threats or potential bugs. You should read how reverse engineering works to know more.
The tool is is written in Java and quite a few people compared it to high-end commercial reverse engineering tools available like IDA.
A Reddit thread involves more detailed discussion where you will find some ex-employees giving good amount of details before the availability of the tool.
GHIDRA was a secret tool, how do we know about it?
Is it going to be open source?
We do think that the reverse engineering tool to be released could be made open source. Even though there is no official confirmation mentioning “open source” – but a lot of people do believe that NSA is definitely targeting the open source community to help improve their tool while also reducing their effort to maintain this tool.
This way the tool can remain free and the open source community can help improve GHIDRA as well.
You can also check out the existing Vault 7 document at WikiLeaks to come up with your prediction.
Is NSA doing a good job here?
The reverse engineering tool is going to be available for Windows, Linux, and Mac OS for free.
Of course, we care about the Linux platform here – which could be a very good option for people who do not want to or cannot afford a thousand dollar license for a reverse engineering tool with the best-in-class features.
If GHIDRA becomes open source and is available for free, it would definitely help a lot of researchers and students and on the other side – the competitors will be forced to adjust their pricing.
What are your thoughts about it? Is it a good thing? What do you think about the tool going open source? Let us know what you think in the comments below.