Ghidra Software Reverse Engineering Framework
Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, macOS, and Linux. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide variety of processor instruction sets and executable formats and can be run in both user-interactive and automated modes. Users may also develop their own Ghidra extension components and/or scripts using Java or Python. In support of NSA's Cybersecurity mission, Ghidra was built to solve scaling and teaming problems on complex SRE efforts, and to provide a customizable and extensible SRE research platform. NSA has applied Ghidra SRE capabilities to a variety of problems that involve analyzing malicious code and generating deep insights for SRE analysts who seek a better understanding of potential vulnerabilities in networks and systems.
FEATURES
SIMILAR TOOLS
OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.
A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.
A detailed analysis of malicious packages and how they work
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
Andromeda makes reverse engineering of Android applications faster and easier.
Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.