The National Security Agency of the Government of the United States has released all the source code of one of its most powerful tools. His name is Ghidra, a reverse engineering framework for software.
Ghidra was developed by the NSA’s research directorate for its cybersecurity missions. It is used to analyze malicious code such as viruses and other types of malware, in order to help experts better understand the potential vulnerabilities in their networks and systems.
Contrary to what you might think of a tool coming from the NSA, Ghidra is not made to hack things or to spy, but it is still quite interesting and powerful.
It has functions of disassembly and assembly, decompilation and scripting. Ghidra is used to take software that has already been compiled and “decompile” it. That is, it is capable of translating all the code that transmits software to a computer into a structure that a human can understand.
Being a reverse engineering tool, basically it allows extracting all the components of a software to better understand its operation and how it was created.
This is extremely useful in the field of cybersecurity because it allows researchers to reverse engineer the malware to understand how it works, who wrote it, and where it comes from. It is also used to identify vulnerabilities in the systems themselves.
The 1.2 million lines of Ghidra code were released, and you can also download the tool with graphical interface for Windows, Linux and macOS.
Interestingly, Rob Joyce, one of the NSA’s cybersecurity advisors, promises that “it does not include backdoors” …
… although it seems to leave open and listening the port 18001.