Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

NSA to Release Reverse Engineering Tool for Free Public Use

The United States National Security Agency (NSA) plans to make a reverse engineering tool that it has developed available for free public use in the coming months. 

The United States National Security Agency (NSA) plans to make a reverse engineering tool that it has developed available for free public use in the coming months. 

Dubbed GHIDRA, the tool will be demonstrated at RSA Conference 2019 that will take place in early March in San Francisco. The platform is said to include high-end capabilities and support for Windows, macOS, Linux, and other operating systems. 

GHIDRA provides users with the ability to disassemble executable files into code that they can then analyze. Such disassemblers are used, for example, in the analysis of malware and suspicious files. 

The platform has been previously mentioned on WikiLeaks, as part of the “Vault 7” leak, which provided information on a broad range of hacking tools used by the U.S. Central Intelligence Agency (CIA). Containing files dated between 2013 and 2016, the leak was made public in March 2017.

The WikiLeaks website reveals that the tool consists of a number of packages that need to be installed on the same folder to ensure support for different platforms. Support for plugins is also said to be included, to expand the available functionality. 

According to the RSA Conference website, the tool includes support for various processor architectures and provides users with all of the features one would expect to find in a high-end commercial tool, alongside new and expanded functionality “NSA uniquely developed.” 

Some people who claim to be familiar with the tool say that the NSA has been sharing GHIDRA with various governments for years and that the tool is largely similar to the IDA multi-processor disassembler and debugger. 

One Reddit user provides a detailed explanation of how the tool works and also says that, although the platform could prove a great option for many, it still lacks refinement, and that “many little things just go wrong occasionally.”

Advertisement. Scroll to continue reading.

The GHIDRA reverse engineering platform is only one of the numerous tools developed within the agency that the NSA is making available to the public. The agency has already released numerous such applications as open source software. 

Related: Canada’s CSE Spy Agency Releases Malware Analysis Tool

Related: “Vault 7” Leak Shows CIA Learned From NSA Mistakes

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...