Ghidra is an Open Source multi-platform software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate.

This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code. Capabilities include disassembly, assembly, decompilation, graphing, scripting, and hundreds of other features. Ghidra supports various process instruction sets and executable formats and can run in user-interactive and automated modes. Users may also develop their own Ghidra plugin components and scripts using Java or Python.

In support of the NSA's Cybersecurity mission, Ghidra was built to solve scaling and teaming problems on complex SRE efforts and provide a customizable and extensible SRE research platform. NSA has applied Ghidra SRE capabilities to various problems that involve analyzing malicious code and generating deep insights for SRE analysts who seek a better understanding of potential vulnerabilities in networks and systems.

This repository is a placeholder for the fully Open Source release. Be assured efforts are underway to make the software available here. In the meantime, enjoy using Ghidra on your SRE efforts, developing your scripts and plugins, and perusing over a million lines of Java and Sleigh's code released within the initial public release.

They also provide guides for Installation, and a Keyboard shortcut cheatsheet.

Ghidra Features:

Includes a suite of software analysis tools for analyzing compiled code on a variety of platforms

Capabilities include disassembly, assembly, decompilation, graphing and scripting, and hundreds of other features

Supports a wide variety of processor instruction sets and executable formats. It can be run in both user-interactive and automated modes.

Users may develop custom Ghidra plugin components and scripts using the exposed API