The United States National Security Agency (NSA) plans to make a reverse engineering tool that it has developed available for free public use in the coming months.
Dubbed GHIDRA, the tool will be demonstrated at RSA Conference 2019 that will take place in early March in San Francisco. The platform is said to include high-end capabilities and support for Windows, macOS, Linux, and other operating systems.
GHIDRA provides users with the ability to disassemble executable files into code that they can then analyze. Such disassemblers are used, for example, in the analysis of malware and suspicious files.
The platform has been previously mentioned on WikiLeaks, as part of the “Vault 7” leak, which provided information on a broad range of hacking tools used by the U.S. Central Intelligence Agency (CIA). Containing files dated between 2013 and 2016, the leak was made public in March 2017.
The WikiLeaks website reveals that the tool consists of a number of packages that need to be installed on the same folder to ensure support for different platforms. Support for plugins is also said to be included, to expand the available functionality.
According to the RSA Conference website, the tool includes support for various processor architectures and provides users with all of the features one would expect to find in a high-end commercial tool, alongside new and expanded functionality “NSA uniquely developed.”
Some people who claim to be familiar with the tool say that the NSA has been sharing GHIDRA with various governments for years and that the tool is largely similar to the IDA multi-processor disassembler and debugger.
One Reddit user provides a detailed explanation of how the tool works and also says that, although the platform could prove a great option for many, it still lacks refinement, and that “many little things just go wrong occasionally.”
The GHIDRA reverse engineering platform is only one of the numerous tools developed within the agency that the NSA is making available to the public. The agency has already released numerous such applications as open source software.
Related: Canada’s CSE Spy Agency Releases Malware Analysis Tool