Last week, the RSAC2019 security conference was held in the United States, attracting many world-renowned security vendors, and even the National Security Agency (NSA) came to help. At this security conference, the NSA opened up the reverse engineering toolkit Ghidra and the HIRS (Host Integrity at Runtime Startup) software to prevent supply chain attacks.
It is reported that Ghidra is a product developed by NSA for solving various difficult tasks for many years. It is a software reverse engineering platform that supports customization and expansion. It includes various software analysis tools which can analyze program code that are compiled on different platforms. That helps people figure out how malicious software works, who wrote it and where it came from.
According to the RSA Conference session description, “the GHIDRA platform includes all the features expected in high-end commercial tools, with new and expanded functionality NSA uniquely developed.”
The agency said, “It will make the software reverse engineering process more efficient. It will help to level the playing field for cybersecurity professionals, especially those that are just starting out,”
One of the most important functions in Ghidra is the processor modeling language called “Sleigh”, which specifies how machine language instructions are disassembled and transformed into P-code. Other functions include undo/redo, multi-user Collaboration and scripting scripts, etc.
The agency added, “Releasing Ghidra also benefits NSA because we will be able to hire folks who know the tool. When they’re coming through our doors, they’ll be able to be impactful faster.”
“The more software security people we have the more security reviews can be performed, the better risk is understood, and the faster software can be fixed.”
NSA has a strong cyberattack arsenal. This Ghidra is great for newcomers who are new to the network security industry. It is also expected to be used to strengthen school or enterprise network security education.
Published by Emerson L. Sullivan & last updated on March 11, 2019 3:03 am