GHIDRA: The Double-Edged Tool
Just in time for the new Godzilla film, the NSA released its formerly classified reverse-engineering tool called GHIDRA. The source-code for GHIDRA version 9.0.2 is now available in Github. The NSA uses GHIDRA to look for vulnerabilities in software when source-code for the software is not available. GHIDRA would be a boon to budding and talented security researchers and software engineers, but can also prove to become a tool for those in the dark side.
Thanks to its Java source code, this GUI-based reverse engineering tool can run on various platforms including Windows, MacOS and Linux as well as a variety of hardware. Anyone well-versed in assembly can use GHIDRA can analyze the generated source code of various apps regardless of hardware platform.
“GHIDRA processor modules: X86 16/32/64, ARM/AARCH64, PowerPC 32/64, VLE, MIPS 16/32/64, micro, 68xxx, Java / DEX bytecode, PA-RISC, PIC 12/16/17/18/24, Sparc 32/64, CR16C, Z80, 6502, 8051, MSP430, AVR8, AVR32, other variants as well,”
–Robert Joyce, Senior NSA Adviser via Twitter
Some may not trust GHIDRA it due to its dubious origin despite being available for free; fearing the tool could have a backdoor that could give the NSA an instant list of aspiring or professional hackers to keep tabs on. But the NSA Senior Adviser Robert Joyce assures that it has no back door. Besides, the source code is free for anyone to peruse. It’s either GHIDRA or expensive reverse engineering tools like IDA-Pro.
The good guys in the information security community however welcomes the software with open arms as any aspiring security specialist now have a free tool to work with to tear various malware apart and see what makes them tick. The bad guys on the other hand could do the same thing to commercial software to crack their security open. It may be unfortunate but the true intention still overwhelms the negative possibilities. Rather be on the side of good, right?
GHIDRA is available for download in Github through the following links.