- The United States National Security Agency will release a new reverse engineering tool at the upcoming RSA security conference.
- The conference is scheduled at the start of March in San Francisco.
- The GHIDRA tool allows users to break down executable files into assembly code.
The NSA has been working on a reverse engineering tool that will allow users to analyze any executable file in assembly code. Dubbed ‘GHIDRA,’ the tool was first built during the early 2000s, and it has been used by US government agencies over the years for analyzing malware and suspicious software.
GHIDRA will be showcased by the NSA during the RSA security conference in March at San Francisco. The tool was first revealed to the public by a WikiLeaks report. The CIA was one of the first government organizations to use the tool. The reverse engineering software has been coded in Java, and it works on Windows, Linux, and Mac.
The NSA revealed that GHIDRA is capable of analyzing software from all major platforms including Windows, Mac, Linux, Android, and iOS then break them down to assembly code. While the release of the tool will not benefit the average user without coding skills, the open-source community will be able to keep the tool up to date and offer free maintenance.
The IDA is the reverse engineering tool of choice used by government agencies currently, but there is a possibility that NSA making GHIDRA open-source can allow the free software to surpass the government alternative. In its current state, GHIDRA is not as effective as IDA due to bugs and slower performance, but that may change in the future.
This is not the first time the NSA has made its tools available to the public. A number of tools including the Apache NiFi have been released to the public as part of the organization’s Technology Transfer Program (TTP). You can expect the GHIDRA code to be dumped on the NSA’s GitHub account on March 5 after the RSA conference.