After Ghidra's Open Source Release Was Announced, the NSA reverse engineering software framework, now its source code has just been released on GitHub.
Ghidra is a reverse engineering framework for software developed by the NSA Research Directorate for the NSA Cyber Security Mission. Facilitates the analysis of malicious code and malware, such as viruses and enables cybersecurity professionals to better understand potential vulnerabilities in their networks and systems.
Ghidra comes to GitHub
With the provision of Ghidra to GitHub the NSA says on its GitHub page that "To start developing extensions and scripts, we need to test the GhidraDev plugin for Eclipse" which is part of the distribution package.
Ghidra's GitHub page contains sources for the main framework, features, and extensions.
The company's GitHub repository features 32+ open source projects, including Apache Accumulo which is an ordered and distributed key / value store that provides robust and scalable data storage and retrieval.
It adds cell-based access control and a server-side scheduling mechanism to modify key / value pairs at different times in the data management process.
Another tool that we can find is Apache Nifi, your famous tool to automate the flow of data between systems. The latter implements the concepts of flow scheduling and solves common data flow problems encountered by businesses.
In support of CEN's Cybersecurity mission, Ghidra has been designed to address the problems of size and association in the implementation of complex research and development efforts.as well as to provide a customizable and extensible search platform.
Security Affairs reported that the software was first mentioned in the Wikileaks Vault 7 posts.
This is a series of documents that WikiLeaks began publishing on March 7, 2017 and details the activities of the CIA in the area of electronic surveillance and cyberwarfare.
About Ghidra
The NSA has applied the functions of Ghidra SRE to a variety of problems related to analyzing malicious code and generating in-depth information for ERM analysts seeking to better understand potential vulnerabilities in networks and systems.
Perhaps we could say that the government agency has become a friend of open source since 2017 after creating its GitHub account.
In fact, in June 2017, the government company provided a list of tools that it had developed in-house and that are now accessible to the public through open source software (OSS) as part of its technology transfer program (TTP).
The NSA website says that:
The technology transfer program offers the tools developed by the NSA to industry, universities and other research organizations to benefit the economy and the Agency mission.
The program has a broad portfolio of proprietary technologies in various technology areas.
Among the key features of Ghidra we find, for example, a tool that comes with a suite of software analysis tools to analyze compiled code on various platforms, including Windows, macOS, and Linux.
As well as a framework whose capabilities include disassembly, assembly, decompilation, graphing and scripting and hundreds of other features.
Another is a tool that supports a wide variety of processor instruction sets and executable formats and can be run in interactive and automated mode. The ability for users to develop their own Ghidra components and / or scripts using the exposed API.
For those interested in accessing the code of this tool, they can visit the following link where they can obtain the code of the tool (in this link) as well as the instructions for the implementation of it's on your system.