Ghidra, the NSA's homegrown decompiler tool, is now open source
While the National Security Agency (NSA) sometimes makes headlines for negative reasons, like spying on the citizens of its own country, other times the agency helps out the cybersecurity community as a whole. Case in point: the NSA announced at the RSA security conference on Tuesday that it would make its Ghidra reverse-engineering tool open source.
Ghidra was developed in-house at the NSA as a decompiler tool. As a quick summary, a decompiler allows users to reverse engineer computer programs to see the exact code the machine is seeing and executing in a human-readable format. Decompilers are extremely useful in the cybersecurity world, as they allow analysts to tear malware apart and figure out exactly how attacks are executed.
As Wired points out, there are several other decompilers that are widely available, but Ghidra has been in development for years with the full backing of a massive government agency. Open-sourcing Ghidra also allows the software to be distributed free of charge; other decompilers can be prohibitively expensive for students and new analysts learning the basics of cybersecurity and reverse engineering.
Ghidra is designed to work across platforms (Windows, MacOS, and Linux) and emphasizes collaboration on a project. The software also contains some niceties like an undo function.
Despite the NSA’s track record of cyberespionage, the agency reassured skeptics that Ghidra had “no backdoor” or any other method the NSA could use to track Ghidra users. If there really is one, it’ll no doubt be uncovered by intrepid hackers anyway.
If you’re interested, you can download Ghidra here.