The US National Security Agency (NSA) announces it has made its GHIDRA Software Reverse Engineering (SRE) framework available as open source. Key features of Ghidra are:
The framework can be downloaded from https://ghidra-sre.org/. The page has a button labeled "SHA-256" but it seems to require Javascript for it to be displayed. A simple "view source" (you don't think I'm gonna let the NSA have execution permission on my computer!) of the page revealed:
3b65d29024b9decdbb1148b12fe87bcb7f3a6a56ff38475f5dc9dd1cfc7fd6b2 ghidra_9.0_PUBLIC_20190228.zip
Alternatively, it also seems to be available on GitHub.
What I really want to know is how are you supposed to pronounce its name?
(Score: 5, Informative) by Anonymous Coward on Wednesday March 06 2019, @08:53AM (3 children)
Comparing the current equivalents that are not junk:
Ghidra (pronounced with a hard G, an evil-sounding breathy H, and an I drawn out like EEEE) is free, including the decompilers. It is sadly written in Java. It supports undo/redo and collaboration. There is a built-in assembler for modifying binaries. This is from the NSA. Many CPUs are supported; it looks like a couple dozen. This is the only Open Source interactive disassembler that isn't junk.
IDA Pro is about $1800 plain, or $15000 with all 5 decompilers. It's about half that if you skip 64-bit architectures. There is NO undo/redo and NO collaboration, but you can hack around it with manual snapshots and import/export. This is from a Belgian company run by a Russian. Numerous CPUs are supported; it looks like more than 50.
IDA freeware is free. It only does x86 and ARM, only does PE and ELF, and doesn't have decompilers. As above: There is NO undo/redo and NO collaboration, but you can hack around it with manual snapshots and import/export. This is from a Belgian company run by a Russian.
Binary Ninja is $149. It has most of a decompiler. You don't get compilable C source code; instead you get a sort of pseudocode that is helpful for understanding things. (full decompiler to C is coming soon) This is from a US company. You get undo/redo. You can get collaboration if you pay extra for the enterprise version. There is a built-in C compiler that can produce code that meets various strange constraints, including obfuscation. The UI is eye-pleasing. Roughly a half dozen CPUs are supported, and another half dozen are available as community contributions.
Hopper Disassembler is $99. You get undo/redo. The UI is somewhat eye-pleasing. I think it supports ARM, x86, and PowerPC.
BTW, I'm serious about that pronunciation. I met the project manager in a location that shall not be disclosed. Do it right: hard G, evil breathy H, drawn-out I sounding like EEE
(Score: 2) by pkrasimirov on Wednesday March 06 2019, @10:08AM (1 child)
The project manager does not necessarily decide how it is pronounced. Example: gif.
(Score: 0) by Anonymous Coward on Wednesday March 06 2019, @10:43AM
I am only going to pronounce it as an Italian would do and.... oh it's exactly the same.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @01:18AM
All of them have various levels of goodness about them. For the 'old' platforms most of them fail at it fairly hard. I am hoping this one has some win3.x and 95 vxd love. There are a few bits and bobs that I would love to port to something modern. Finding a de-compiler for the NE format is fairly miss and not hit...