Table of contents
Ghidra
Software Reverse Engineering (SRE) Framework.
As Ghidra is an open source project, you can find more
open source alternatives and stats
on LibHunt.
Free and Open Source
Ghidra is free to use and its source code is publicly available, allowing users to modify and enhance the tool to suit their needs.
Multi-platform Support
Ghidra is available for Windows, macOS, and Linux, making it accessible to a wide range of users regardless of their operating system.
Powerful Disassembly
It comes with a powerful disassembly engine that supports multiple architectures, enabling in-depth analysis of binary code.
User-Friendly Interface
The tool features a graphical user interface (GUI) that simplifies navigation and enhances user experience, especially for those who may not be comfortable with command-line tools.
Collaboration Features
Ghidra allows multiple users to collaborate on the same project in real-time, facilitating team efforts in reverse engineering tasks.
Scripting Support
It supports scripting in both Python and Java, allowing users to automate repetitive tasks and extend the functionality of the tool.
Extensive Documentation
Ghidra has comprehensive documentation and an active community, providing users with resources and support to get started and troubleshoot issues.
Promote Ghidra. You can add any of these badges on your website.
Ghidra is widely considered to be a good tool for reverse engineering due to its robust feature set, open-source nature, and active community support. It competes well with other industry-leading tools, offering many similar capabilities without the associated costs.
We have collected here some useful links to help you find out if Ghidra is good.
Check the traffic stats of Ghidra on SimilarWeb. The key metrics to look for are: monthly visits, average visit duration, pages per visit, and traffic by country. Moreoever, check the traffic sources. For example "Direct" traffic is a good sign.
Check the "Domain Rating" of Ghidra on Ahrefs. The domain rating is a measure of the strength of a website's backlink profile on a scale from 0 to 100. It shows the strength of Ghidra's backlink profile compared to the other websites. In most cases a domain rating of 60+ is considered good and 70+ is considered very good.
Check the "Domain Authority" of Ghidra on MOZ. A website's domain authority (DA) is a search engine ranking score that predicts how well a website will rank on search engine result pages (SERPs). It is based on a 100-point logarithmic scale, with higher scores corresponding to a greater likelihood of ranking. This is another useful metric to check if a website is good.
The latest comments about Ghidra on Reddit. This can help you find out how popualr the product is and what people think about it.
All ~7,500 candidates get decompiled headless by Ghidra. This is the main computational bottleneck of the pipelineโit takes roughly 1 to 3 minutes to extract the dispatch logic per driver depending on complexity. Fortunately, doing this concurrently across a thread pool brings the time down significantly. Scanning the massive 7.5k candidate pack finishes overnight on my machine. - Source: dev.to / 2 months ago
Install Ghidra: You can download the latest version from the official Ghidra website: https://ghidra-sre.org/. Follow the installation instructions provided on the site. - Source: dev.to / about 1 year ago
Ghidra (https://ghidra-sre.org/) can fine-tune executables way more easily than your models. - Source: Hacker News / over 1 year ago
I've only played a with this, but it was impressive. https://ghidra-sre.org/. - Source: Hacker News / over 1 year ago
I've got no experience with reverse-engineering executables, but I got a bunch of code-like stuff showing up when I fed ULTIMA.EXE to Ghidra and told it to analyze it with all the flags set. Source: about 3 years ago
The whole game is written in C++ (game logic intertwined with graphics). Ghidra can help you deconstruct the game binaries, but you need to put in a GREAT great effort to even get a starting point. Cheat Engine has been successful for some purposes, including an AI enabling utility for multiplayer (use with great care!). Source: about 3 years ago
What I think youโre talking about is reverse engineering. Itโs basically taking a program and analysing the compiled code to attempt to find out how it works. Itโs a fairly expansive topic, and fairly tricky to do but look at anything to do with Ghidra to get started. Source: about 3 years ago
Oh also just as an aside Ghidra is a really cool free tool developed by the NSA which can reverse engineer software by looking at its executable and recreating the C code from the instructions and static data within. It's another way to get familiarized with the relationship between C code and the instructions it compiles to. Source: about 3 years ago
There exist decompilers and other tools for helping make sense of assembly and that can automate some of the conversion back to higher level languages. In my brief involvement with Slippi I used Ghidra - a tool developed by the NSA, to do some of that kind of work, which I found a little amusing. Source: about 3 years ago
It's likely a binary file that's improperly being interpreted as Unicode by the text editor. If it's an executable file, you can use Ghidra to disassemble and analyze it. There may also be some interesting ASCII strings that would reveal its purpose. My guess is that it's a Windows version of Unix "tee" program which will write stdin to a file and stdout simultaneously. Source: about 3 years ago
On the other hand, this slick "Ghidra" webpage looks suspicious. It's probably written in Typescript on Electron! Source: about 3 years ago
It shouldnโt be dying early. A GT that isnโt charge-limited should be plugged in to charge until it turns off. If one has done that and is still experiencing power-related Captain Morgan events, FM has provided us a single option: pack the GT into an 18-wheeler for however long it takes to reach FM via Americaโs Interstate Highway System. Fortunately, the same government that built that highway system also built... Source: about 3 years ago
A free, open source alternative: https://ghidra-sre.org. Source: over 3 years ago
In case you decide to reverse engineer the .exe you might want to check out Ghidra. It runs on both Windows and Linux and is similar to IDA. Source: over 3 years ago
When you introduce a bug, is it a dumb random bug, or an intelligent AI bug? In other words, would the bug work for me or the user? When I say work for me, what I mean is, considering decompiler tools like https://ghidra-sre.org/ can shine light where once there wasn't, would the bug generates lots of unnecessary work for me, or could I use the bug as a stealth form of copy protection, where those with illegal... - Source: Hacker News / over 3 years ago
Have not delved into this area too deeply but in the past I determined the path that I would go down if I chose to go down a path would be Ghidra. Source: over 3 years ago
Here's a tool: https://ghidra-sre.org. It was originally developed by the US NSA. I knew some of the people that worked on it. Source: over 3 years ago
By using IL2CppDumper along with the game's global-metadata.dat file, we can generate headers and structs that we can use with Ghidra, a tool for disassembling code. Once we load Engage and these headers and structs into Ghidra, we can look for a particular function called App.BattleMath$$_IsProbabilityHit. This function is provided a displayed hit (or, as Intelligent Systems calls it, ratio) and is responsible... Source: over 3 years ago
First oval, this is binary (machine code that's compiled so your computer can run it), if you want to find out what's inside, you would need to revwrse engineer it. Some great tools for that: 1. Strings - you can install it from windows package manager like chocolatey 2. Ghidra - great reverse engineering and decompiling tool from nsa here. Source: over 3 years ago
Or take any C or C++ software, and run it through Ghidra. Not quite as impressive as with C#, because those are actually compiled languages, but still pretty readable. Source: over 3 years ago
Follow the link to NSA's Privacy Policy on https://ghidra-sre.org/ and you get a "404 Not Found." Guess it serves as a final proof nobody reads privacy policies that it hasn't been spotted for months: http://web.archive.org/web/20220000000000*/https://www.nsa.gov/terms-of-use. - Source: Hacker News / over 3 years ago
Ghidra, an open-source software reverse engineering (SRE) suite developed by the U.S. National Security Agency (NSA), has garnered significant attention and mixed reactions in the software development and cybersecurity communities. Its emergence as a free alternative to established, often expensive tools like IDA Pro has been a notable discussion point among users and reviewers.
Overall, the public perception of Ghidra highlights several key attributes and comparisons with its peers:
Affordability and Accessibility: Being open-source and free, Ghidra has democratized access to high-quality reverse engineering tools. This has positioned it as an attractive option for independent security researchers, students, and smaller companies that might find the costs of alternatives like IDA prohibitive. The tool's accessibility is mentioned frequently in forums and technical discussions, emphasizing its value as an entry point into reverse engineering for beginners.
Feature Set: Ghidra's feature set is often praised. It includes a graphical user interface (GUI) built on Java's Swing framework, a decompiler written in C++, and the ability to create plugins in Python. The tool also supports both Windows and Linux platforms, adding to its versatility. Users have noted that while its functionality is not yet entirely on par with Hex-Rays' decompilers, Ghidra's breadth of capabilities, especially for a free tool, is commendable.
Community and Contribution: As an open-source project, Ghidra benefits from contributions from a broad community of users and developers who extend its capabilities through plugins and enhancements. This collaborative environment is highlighted positively in discussions, reinforcing its status as a viable, evolving tool.
Compare and Contrast with Competitors: When compared to competitors, Ghidra is often noted for being user-friendly, albeit with some detractors citing a steeper learning curve than anticipated, especially when contrasting with tools like Binary Ninja or x64dbg. However, its comprehensive suite of features can match or surpass other alternatives when fully optimized and utilized.
NSA Connection and Trust: The origin of Ghidra from the NSA naturally raises concerns about trust and data privacy, yet this doesn't seem to significantly overshadow its reputation. Discussions indicate a mix of light-hearted skepticism and acceptance of its efficacy and safety, given that it is open-source, allowing users to inspect its codebase thoroughly.
Limitations and Areas of Improvement: Critics often point out some areas where Ghidra falls short of established tools. Examples include occasional suboptimal decompilation results and less intuitive user experiences for complex tasks. However, such feedback is typically tempered by acknowledgment of Ghidra's continuous improvements and updates.
In summary, Ghidra is generally well-regarded in the software reverse engineering community for its robust feature set, accessibility, and the opportunity it presents for collaborative enhancement. While there are areas where it hasn't reached the technical heights of its premium counterparts, the tool is still recognized as a significant and valuable contender in the developer tools ecosystem, exemplifying the benefits and challenges of open-source project development.
Do you know an article comparing Ghidra to other products?
Suggest a link to a post with product alternatives.
Is Ghidra good? This is an informative page that will help you find out. Moreover, you can review and discuss Ghidra here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
Handy and popular utility for analyzing compiled code.
best one in the inductry