Skip to main content

GHIDRA




Well, well, isn't this one for the books: the NSA have released GHIDRA, their reverse engineering tool. Yes, you read that correctly, the NSA have released something. Not The Shadow Brokers or any other APT, it hasn't been leaked or nabbed and let into the wild, this is a deliberate sharing of technology by the Puzzle Palace. Not what you'd expect, is it?

Announced at this years RSA conference (already controversial this year as Adi Shamir, the 'S' in RSA, was unable to obtain a visa to attend), this reverse engineering tool seems primed to shake things up a bit, as many RE tools cost a fair bit of money. It also seems to be free of backdoors, and although one bug has been found, it can be remedied was reasonable ease.

I've not really done much RE myself, but with a powerful, military-grade tool such as this, it might be a whole lot easier to get into. I'll let you know more when I've had a chance to play around with it.

If you are interested, GHIDRA (gee-dra) can be found here: https://ghidra-sre.org/ and at the NSA GitHub.
Labels:

Comments

Post a Comment

Popular posts from this blog

The Alphabet Soup: A Quick Guide to Post-Nominals

This week, I’ll walk you through the ever-growing list of post-nominal letters you can add to your name through qualifications and certifications. Being a student myself, I’ll start with exploring the academic route, then go through the more popular, and best recognised, vendor and standards organisations’ certifications, highlighting their worth for your CV and career development. It’s not a comprehensive list, by any stretch of the imagination, and is geared towards a more general CyberSec professional, rather than focusing on any one aspect of the industry. I’ll try and shy away from too much debate by running away very quickly to avoid the one about CEH vs. OSCP, and leave it to you instead. *Disclaimer* I am a university student, and haven’t actually done any of the following certifications, at least not to completion. I have explored each in a reasonable amount of depth to see their benefits and worth and consulted with holders of a few to gain their insider opinions. I a...
Post a Comment
Read more

The Ancient and Venerable Art of Google-fu

Other titles considered for this post: How Not To Piss Off Entire Forums and Facebook Groups; Avoiding the Banhammer; Stop Being Lazy and Look it Up Yourselves. Before you can embark on a career in, well, anything even vaguely IT related (or do practically anything), you must master one crucial skill: information searching. In the days of yore, and even rumoured to still exist despite budget cuts, there were in of cult of specialists in this area, who guarded their domains jealously: the librarians. These knowledge-fanatics could divine what you were looking for from the ridiculously poor and mumbled explanation you gave them, then translated that into a secretive code which led you to a shelf in a library, and then to the book you were after. Just like magic. These days, while librarians are still a vitally important part of cataloguing knowledge, we also have another, less mystical, tool at our fingertips: the Search Engine. Unfortunately, very few people have bothered to le...
Post a Comment
Read more

Jumping the Pond: Making the sideways move into CyberSec pt. 2

Following on from my last article, here’s some more information on changing industries for managers. Hopefully I didn’t put too many of you off switching careers in my previous article, where I explored what managerial life would look like in the InfoSec world. As a continuation, this post looks at which certifications are best to get you the necessary managerial competence in the field to start your new career. Some of these do include a certain amount of technical training in the course material, others just look at concepts instead. Should you choose one of those, I would recommend at least doing some research into the technical side of things. While exploring free, online learning resources might not cut it completely, they are better then nothing and will help give you a grounding for when you choose to complete a recognised technical qualification. Certifications This will be by no means a comprehensive list of certs, but it will be enough to get you started and point...
Post a Comment
Read more