The National Security Agency (NSA) Cybersecurity Collaboration Center released the fourth video in its Cybersecurity Speaker Series today, focusing on Ghidra, NSA’s open source reverse engineering tool. The Speaker Series highlights subject matter experts at NSA sharing insights, lessons, and contributions of their work in cybersecurity.
“Ghidra — Beyond the Code,” is a discussion between NSA senior researcher Brian Knighton, a member of Ghidra’ s development team, and Cybersecurity Technical Fellow Dr. Josiah Dykstra about the decision to publicly release Ghidra in March 2019.
Knighton, who was a part of the team that brought Ghidra to the open-source community, cited several reasons that drove the decision to release Ghidra publicly.
“We put [Ghidra] out for several reasons. One, was cybersecurity is a vital skill that folks need to have. It’s important to NSA and important to our nation to ensure that folks are trained up on cybersecurity and can help analyze all of the different systems that are running software… and we also sort of wanted to level the playing field,” said Knighton. “Here’s an open source tool that anyone in high school or college can download and have access to this cutting edge cybersecurity tool.”
With the release of Ghidra, NSA set out to build a community of dedicated and educated users. By making the software free, students can develop the technical proficiency to work on advanced cybersecurity problems.
Ghidra was publicly released at the 2019 RSA conference. Three years later, work on the software continues to evolve for the Ghidra team — Knighton discusses how the unique architecture of this software allows for updates to the program.
“Because you can take Ghidra and extend it to support new devices as they come out, it is certainly an important place to build on research to help secure new devices as they emerge,” said Knighton.
Ghidra was developed and is still used as a framework for building and researching future technologies. Recently, the Ghidra team partnered with Morgan State University and used Ghidra to identify and mitigate the risks of connecting modern vehicles to Bluetooth, Wi-Fi, and cellular technology.
“From its onset, we built Ghidra, which has been in development now for 20 years, as a platform to do research on. It was built as a platform to grow as the cybersecurity space changed.” said Knighton. As technology has become more connected, Ghidra has grown to address new cybersecurity risks as new devices are created.
Download the latest version of Ghidra at ghidra-sre.org.