[ad_1]
From time to time, when they get bored of spying, the intelligence agencies from the United States, allow us to take a look at some of their toys. Software pieces like Ghidrawhich may interest experts in reverse engineering and computer security.
Written in programming language Javais distributed – not yet completely – under free Apache 2.0 license. And it does them for free, which makes it an interesting alternative to IDA Pro, a closed program and not exactly cheap.
Developed in secret for many years, it was shown to the public for the first time at the RSA conference being held in San Francisco.
Software capable of analyzing binary files (for example malware) reverting the compilation process to pseudo-C code, allowing analysts to understand its functionality.
of type cross platform (Linux, MacOS, Windows), is compatible with software aimed at all types of processors and multiple architectures (about a dozen). Also extensible in its functions based on pluginsboth of Python as Javawhich the user himself can create.
Possibility of making collaborative workassembler/disassembler, interactive or automatic mode, graphics and flowcharts, advanced keyboard shortcuts, ability to undo changes, are other features. More than a hundred different functions and a lot to explore in this tool.
As always, a minimum of caution when executing code from the NSA it is advisable. Although they swear and swear that it does not include any back door, in The Register They have already reported a bug, which in debugger mode allows Ghidra to connect with other systems on the same network and execute code.
And speaking of running, you need to have Java Runtime. To take a look at this tool in our Linuxwe just have to discharge the compressed file with the source code for free from the official website. Unzip it, place the terminal inside the resulting folder and write:
./ghidra_run
[ad_2]
Source link
