
Ghidra Capabilities – Get Your Free NSA Reverse Engineering Tool [pdf] - Errorcod3
https://www.rsaconference.com/writable/presentations/file_upload/png-t09-come-get-your-free-nsa-reverse-engineering-tool_.pdf
======
cyphar
Previous discussion:
[https://news.ycombinator.com/item?id=19315273](https://news.ycombinator.com/item?id=19315273)

------
the_librarian
Has anyone created a discord or IRC for this yet? I'm keen on learning a tool
like this, and would love to be able to discuss it with others. If anyone
wants, I will, but if that's a bad idea then let me know and I won't. Just
looking to learn from others more experienced than myself!

~~~
maxrmk
I would join in if something like this existed. I'm still a beginner though,
so I wouldn't be able to provide a lot of guidance on how to use anything.

~~~
the_librarian
Do you think I should put one up?

~~~
lfms_dotfile
Perhaps a freenode channel? ##ghidra seems to be available.

~~~
the_librarian
I set up the discord!

[https://discord.gg/RcSBc6](https://discord.gg/RcSBc6)

------
Jerry2
A slight offtopic question but related to this release: if you were the CEO of
Hex-Rays/Hopper/Binary Ninja etc, what would you do about the release of
Ghidra? It will clearly impact your business and it even might be better than
your current product.

So how do you respond to Ghidra? Is there a way to leverage it?

------
megous
Looks like that thanks to Sleigh, adding support for decompiling additional
IAs will be rather easy. I can barely believe how straightforward it looks,
just looking at the code in the Processors directory. Some IAs there don't
even need the Java code, to be supported.

------
nneonneo
I love how it integrates a built-in _binary diff tool_. Version Control
basically lets you watch a binary as it evolves over time. This can be used to
check if bugs have been patched, to inspect new code for bugs (which are often
less well-tested than existing code), and to try to work out what recent
patches have fixed (so you can target older versions with new exploits). IDA
doesn't ship with such a feature, and plugins which do implement it are kinda
clunky, so I'm excited to see what the version control feature will bring.

I am also curious as to what was _left out_ of the public release. It's clear
that not everything was included (even though there's a lot here).

------
julianh95
Reviews of it seem alright. Still have yet to see the source code added to the
repo :)

~~~
tptacek
Isn't the source code zipped up alongside the binaries?

~~~
mcpherrinm
For Java, not for native code. Fortunately we have Ghidra to look at itself?

~~~
beefhash
> Fortunately we have Ghidra to look at itself?

The all-time classic “Reflections on Trusting Trust”[1] seems relevant again
here.

[1]
[https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p7...](https://www.archive.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf)

~~~
saagarjha
You're welcome to use Hopper/IDA Pro/Radare/Binary Ninja…

