Security Experts:

Connect with us

Hi, what are you looking for?


Incident Response

NSA to Release Reverse Engineering Tool for Free Public Use

The United States National Security Agency (NSA) plans to make a reverse engineering tool that it has developed available for free public use in the coming months. 

The United States National Security Agency (NSA) plans to make a reverse engineering tool that it has developed available for free public use in the coming months. 

Dubbed GHIDRA, the tool will be demonstrated at RSA Conference 2019 that will take place in early March in San Francisco. The platform is said to include high-end capabilities and support for Windows, macOS, Linux, and other operating systems. 

GHIDRA provides users with the ability to disassemble executable files into code that they can then analyze. Such disassemblers are used, for example, in the analysis of malware and suspicious files. 

The platform has been previously mentioned on WikiLeaks, as part of the “Vault 7” leak, which provided information on a broad range of hacking tools used by the U.S. Central Intelligence Agency (CIA). Containing files dated between 2013 and 2016, the leak was made public in March 2017.

The WikiLeaks website reveals that the tool consists of a number of packages that need to be installed on the same folder to ensure support for different platforms. Support for plugins is also said to be included, to expand the available functionality. 

According to the RSA Conference website, the tool includes support for various processor architectures and provides users with all of the features one would expect to find in a high-end commercial tool, alongside new and expanded functionality “NSA uniquely developed.” 

Some people who claim to be familiar with the tool say that the NSA has been sharing GHIDRA with various governments for years and that the tool is largely similar to the IDA multi-processor disassembler and debugger. 

One Reddit user provides a detailed explanation of how the tool works and also says that, although the platform could prove a great option for many, it still lacks refinement, and that “many little things just go wrong occasionally.”

The GHIDRA reverse engineering platform is only one of the numerous tools developed within the agency that the NSA is making available to the public. The agency has already released numerous such applications as open source software. 

Related: Canada’s CSE Spy Agency Releases Malware Analysis Tool

Related: “Vault 7” Leak Shows CIA Learned From NSA Mistakes

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.