Ghidra Software Reverse Engineering Framework

Ghidra is a software reverse engineering (SRE) framework that is developed and maintained by the National Security Agency Research Directorate.

This framework includes a comprehensive suite of full-featured, high-end software analysis tools that allow users to analyze compiled code across various platforms, including Windows, macOS, and Linux. Its capabilities encompass disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a broad range of processor instruction sets and executable formats, and it can be operated in both user-interactive and automated modes. Users also have the option to create their own Ghidra extension components or scripts using Java or Python. In alignment with NSA's Cybersecurity mission, Ghidra was designed to address scaling and collaboration challenges in complex Software Reverse Engineering (SRE) efforts, while providing a customizable and extensible SRE research platform. The NSA has utilized Ghidra's SRE capabilities to tackle a variety of issues related to analyzing malicious code and generating in-depth insights for SRE analysts who aim to gain a better understanding of potential vulnerabilities within networks and systems.