Ghidra Software Reverse Engineering Framework
A comprehensive platform for analyzing compiled code across multiple architectures with powerful disassembly, decompilation, and scripting capabilities
Overview
Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. This framework includes a suite of full-featured, high-end software analysis tools that enable users to analyze compiled code on a variety of platforms including Windows, macOS, and Linux.40+ Architectures
Support for x86, ARM, MIPS, PowerPC, SPARC, RISC-V, and many more processor architectures
Advanced Decompiler
Industry-leading decompiler that reconstructs high-level C code from binary executables
Collaborative Analysis
Multi-user project server for team-based reverse engineering efforts
Key Features
Disassembly & Decompilation
Convert machine code to assembly and high-level C pseudocode with interactive analysis
Program Analysis
Automated analyzers identify functions, strings, data types, and cross-references
Interactive Debugging
Debug live processes with support for GDB, LLDB, WinDbg, and other backends
BSim Function Matching
Find similar functions across binaries using behavioral similarity analysis
Scripting & Automation
Automate analysis with Java and Python scripts, or use PyGhidra for standalone scripting
Extensible Architecture
Develop custom plugins, analyzers, and loaders to extend Ghidra’s capabilities
Quick Links
Installation Guide
Get Ghidra installed and running on your system
Quickstart Tutorial
Learn the basics of analyzing your first binary
API Reference
Explore the complete Ghidra API documentation
Contributing
Learn how to contribute to the Ghidra project
Supported Platforms
Ghidra runs on Windows 10+, Linux, and macOS 10.13+ with Java 21 64-bit runtime. The framework supports analyzing binaries compiled for over 40 different processor architectures, making it one of the most versatile reverse engineering platforms available.Ghidra is open source software released under the Apache License 2.0. It was publicly released by the NSA in March 2019.