Repository files navigation

Ghidra is a software reverse engineering (SRE) framework created and maintained by theNational Security Agency Research Directorate. This framework includes a suite offull-featured, high-end software analysis tools that enable users to analyze compiled code on avariety of platforms including Windows, macOS, and Linux. Capabilities include disassembly,assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidrasupports a wide variety of processor instruction sets and executable formats and can be run in bothuser-interactive and automated modes. Users may also develop their own Ghidra extension componentsand/or scripts using Java or Python.

In support of NSA's Cybersecurity mission, Ghidra was built to solve scaling and teaming problemson complex SRE efforts, and to provide a customizable and extensible SRE research platform. NSA hasapplied Ghidra SRE capabilities to a variety of problems that involve analyzing malicious code andgenerating deep insights for SRE analysts who seek a better understanding of potentialvulnerabilities in networks and systems.

If you are a U.S. citizen interested in projects like this, to develop Ghidra and othercybersecurity tools for NSA to help protect our nation and its allies, consider applying for acareer with us.

WARNING: There are known security vulnerabilities within certain versions of Ghidra. Beforeproceeding, please read through Ghidra'sSecurity Advisories for a better understandingof how you might be impacted.

To install an official pre-built multi-platform Ghidra release:

• InstallJDK 17 64-bit
• Download a Ghidrarelease file
  • NOTE: The official multi-platform release file is namedghidra_<version>_<release>_<date>.zip which can be found under the "Assets" drop-down.Downloading either of the files named "Source Code" is not correct for this step.
• Extract the Ghidra release file
• Launch Ghidra:./ghidraRun (orghidraRun.bat for Windows)

For additional information and troubleshooting tips about installing and running a Ghidra release,please refer todocs/InstallationGuide.html which can be found in your extracted Ghidra releasedirectory.

To create the latest development build for your platform from this source repository:

• JDK 17 64-bit
• Gradle 7.3+
• make, gcc, and g++ (Linux/macOS-only)
• Microsoft Visual Studio 2017+ orMicrosoft C++ Build Tools with thefollowing components installed (Windows-only):
  • MSVC
  • Windows SDK
  • C++ ATL

Download from GitHub

unzip ghidra-mastercd ghidra-master

NOTE: Instead of downloading the compressed source, you may instead want to clone the GitHubrepository:git clone https://github.com/NationalSecurityAgency/ghidra.git

gradle -I gradle/support/fetchDependencies.gradle init

gradle buildGhidra

The compressed development build will be located atbuild/dist/.

For more detailed information on building Ghidra, please read theDeveloper Guide.

For issues building, please check theKnown Issues section for possible solutions.

Ghidra installations support users writing custom scripts and extensions via theGhidraDev pluginfor Eclipse. The plugin and its corresponding instructions can be found within a Ghidra release atExtensions/Eclipse/GhidraDev/ or atthis link.

NOTE: TheGhidraDev plugin for Eclipse only supports developing against fully builtGhidra installations which can be downloaded from theReleases page.

To develop the Ghidra tool itself, it is highly recommended to use Eclipse, which the Ghidradevelopment process has been highly customized for.

• Follow the abovebuild instructions so the build completes without errors
• InstallEclipse IDE for Java Developers

gradle prepdev eclipse buildNatives

• File ->Import...
• General |Existing Projects into Workspace
• Select root directory to be your downloaded or cloned ghidra source repository
• CheckSearch for nested projects
• ClickFinish

When Eclipse finishes building the projects, Ghidra can be launched and debugged with the providedGhidra Eclipserun configuration.

For more detailed information on developing Ghidra, please read theDeveloper Guide.

If you would like to contribute bug fixes, improvements, and new features back to Ghidra, pleasetake a look at ourContributor Guide to see how you can participate in this opensource project.