NSA announced the release of an internal tool for reverse engineering
The US National Security Agency plans to release for free use its internal tool for re-engineering. This event was announced by NSA senior adviser and speaker Robert Joyce.
Developed by NSA specialists, the reverse engineering environment codenamed GHIDRA will be presented to the public for the first time at RSAC 2019. This tool supports instruction sets of various processors, and its capabilities allow reverse engineers to use an integrated set of functions that work on various platforms, including Windows, Mac OS and linux. The GHIDRA platform includes all the features expected from high-performance commercial tools, with new and enhanced functionality, and will be released for free public use.User hash_define of the Reddit social network claims that the NSA has been sharing its tool with various US government agencies for years. For example, it has long been used by the CIA: a guide for new iOS developers has been published on wikileaks , in which there is an item on GHYDRA. The environment includes additional components. Hash_define reports that there is a module that provides the ability to apply machine learning. But he doubts that it will publish.
Twitter user evm_sec writesThat the tool is very similar to IDA, however, is much slower than it. And the main advantage is the architecture-independent decompiler C, which uses an intermediate representation of PCode code.
From Wikipedia:It is still not reported whether the NSA plans to submit source code, which would be a joy to the OpenSource community. For your information, the NSA has its own repository on Github and 32 projects have already been published there.
P-code (P-code) - the concept of a hardware-independent executable code in programming, often defined as “Assembler for a hypothetical processor”. Sometimes this term is used as a synonym for the term bytecode for various virtual machines (for example, Java virtual machine, CIL bytecode in .NET platform, etc.).