Ghidra by NSA - Hacker News

Posted by handfuloflight 2 days ago

Ghidra by NSA(github.com)

313 points | 176 commentspage 4

jevinskie 11 hours ago|

Is it just me or is the merge style used for the repo very difficult to follow? Am I holding it wrong?

iamleppert 9 hours ago||

Are these tools useable by OpenClaw yet?

maximalthinker 11 hours ago||

[dead]

jeevacation 13 hours ago||

[flagged]

reactordev 13 hours ago|

No. Cheat engine scans memory as a program is running, for values of interest to pin (or modify). Allowing you to change behavior.

Ghidra takes a program and unravels the machine code back into assembly and thus, something resembling C code. Allowing you to change behavior.

Cheat Engine doesn’t modify the binary. Ghidra can.

kaibee 12 hours ago||

> Cheat Engine doesn’t modify the binary. Ghidra can.

To clarify for other people who may not be familiar, (though I'm far from an expert on it myself) you can inject/modify asm of a running binary with CE. I'm not sure if there's a way to bake the changes to the exe permanently.

jeevacation 13 hours ago||

[flagged]

13hunteo 13 hours ago|

You have a disgusting username

flipped 12 hours ago|||

You're just giving the troll an audience by reacting to it.

jeevacation 11 hours ago|||

[dead]

ambitious_whale 11 hours ago||

What does it do I don't understand a think can someone explain me

alexfromapex 8 hours ago||

Strange to see the NSA using Java, maybe this is really old?

zamadatix 8 hours ago||

Some of the comment matches in the code search suggest at least portions of the codebase goes back to the very late 90s.

Edit: Wikipedia has a table with 1.0 being 2003 https://en.wikipedia.org/wiki/Ghidra

bri3d 8 hours ago|||

Yes, it’s from the late 90s/early 00s, but why is it strange to see Java?

belfthrow 2 hours ago||

I suppose they should be using rust yeah?

flipped 12 hours ago|

Is this backdoored just like SELinux?

dizzy9 11 hours ago||

This was discussed when Ghidra was first open sourced. To the best of my knowledge, nobody's found an NSA backdoor in Ghidra.

sabas123 12 hours ago|||

Without providing any proof that either this or SELinux is backdoored.

jandrese 9 hours ago|||

Seems like it would be of limited value to backdoor a program like Ghidra. Might be useful in identifying security researchers, except that it's also the kind of program that will often be running on disconnected systems with little valuable data beyond whatever is being disassembled.

LPisGood 11 hours ago||

Well it’s open source, so you can check in principle. I would imagine there’s some fame and notoriety in discovering that.