NSA makes reverse-engineering tool GHIDRA open source

The U.S. National Security Agency (NSA) plans to create a framework for the reverse engineering of popular operating systems in the spring open source. It’s the GHIDRA framework, reports Silicon Angle.

The framework works by breaking down software into assembly code so that people can analyze it. The idea is that developers and others can use the tool to analyze malware and other suspicious software. GHIDRA is made in Java, contains a graphical user interface and runs on Linux, Mac and Windows.

Although the tool has never been a real secret, the NSA has always been secretive about its existence. In March 2017, WikiLeaks published files that had allegedly been stolen, showing that the intelligence service was using the tool. That’s when the NSA came out with it, too. The documents show that GHIDRA was built at the beginning of 2000 by the NSA and shared with various other government services.

The tool also makes it possible to analyse the binaries of all major operating systems, including mobile platforms such as Android and iOS. Thanks to its modular architecture, the tool can be used to add new features to these platforms via new packages.

Open Source

Last Friday it was announced on the 2019 RSA Security Conference sessions page that GHIDRA was being made open source. The software will be introduced in a presentation by NSA consultant Robert Joyce on March 5. The NSA may hope that the open source community can help resolve some of the errors in GHIDRA and make it a reliable solution.

The NSA has a long history of making open source software developed in-house. The intelligence service even has a GitHub page with about 32 projects. These include Apache NiFi, software used to automate the transmission of large amounts of data between web applications.