The NSA Just Released Their Reverse-Engineering Platform to the World
(And they pinky swear there aren’t any backdoors.)
Join the DZone community and get the full member experience.Join For Free
Photo credit Flickr/Christoph Scholz
The National Security Agency’s newest contribution to the open source community is here. Unveiled at this year’s RSA security conference in San Francisco, Ghidra is the platform the agency has been developing internally for years to help them reverse engineer questionable pieces of code.
As this piece from Wired explains, “Reverse engineering is a crucial process for malware analysts and threat intelligence researchers, because it allows them to work backward from software they discover in the wild – like malware being used to carry out attacks – to understand how it works, what its capabilities are, and who wrote it or where it came from.”
Reverse engineering also allows devs to check their own code for vulnerabilities, and it’s with this in mind that the NSA has chosen to go public with the tool. While there are already other reverse-engineering platforms out there, like IDA, they are by no means cheap – basic IDA Pro will run you about 2,000 bucks – making them inaccessible for many. But not anymore.
Although IDA has been the gold standard among folks working in cybersecurity for some time, Ghidra now gives it a run for its money. According to Darren Martyn, an independent security researcher, “The decompiler is f@#$ing amazing.” Marcus Hutchins, author of the Malware Tech blog, calls it “a total game changer for those looking to break into the industry.” He also explained on Twitter that “the same capabilities with IDA Pro would cost you [around] $13,000 (and it supports less architectures).”
Indeed, Ghidra runs on Windows, MacOS, and Linux and is designed with customizability in mind. It also allows multiple devs to collaborate on the same reversing project, and even boasts an undo mechanism that makes it much easier to try out theories.
When asked about any potential harm that could come from making the platform open source, former NSA hacker Dave Aitel said, “Malware authors already know how to make it annoying to reserve their code. There’s really no downside.”
To download your copy, head on over to the NSA GitHub page.
Opinions expressed by DZone contributors are their own.