NSA to Release a Free Reverse Engineering Tool in March


GHIDRA is built in Java and features a graphical user interface and runs on Linux, Mac and Windows operating systems.

 The U.S. National Security Agency is planning to open-source an internally developed software reverse engineering framework for popular operating systems.

The agency plans to unveil the software, called GHIDRA, at the RSA Conference that will be held in San Francisco on March 5.

“NSA has developed a software reverse engineering framework known as GHIDRA, which will be demonstrated for the first time at RSAC 2019,” states the RSAConference session description.

It added that the tool “includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed.”

GHIDRA dissects binaries for Android, iOS, macOS and Windows, turning them into assembly code that can help analyze malware. Developers can use this tool to analyze malware and other suspect software. It is built in Java and features a graphical user interface and runs on Linux, Mac and Windows operating systems.

The existence of the tool came into light in March 2017 when WikiLeaks published allegedly stolen files that revealed the agency was using the tool, SiliconANGLE reported.

Those documents show that GHIDRA was first built by the NSA in the early 2000s, and that it has been shared with several other government agencies.

The reason behind releasing GHIDRA as free tool

Commenting on NSA’s decision to open-source GHIDRA , analyst Holger Mueller of Constellation Research Inc. told SiliconANGLE that the agency may be hoping that the open-source community can help iron out some of GHIDRA’s bugs and make it a much more reliable competitor.

“The NSA wants to leverage the key benefits of open source, which is more eyes and hands on a set of code,” Mueller said.

This is not the first time the NSA is open-sourcing its internally developed software. The agency has till now open-sourced 32 projects as part of its Technology Transfer Program (TTP). It has even opened an official GitHub account.

After demonstrating at the RSA conference on March 5, GHIDRA is expected to be released on the agency’s Code page and GitHub account.



Please enter your comment!
Please enter your name here