Intezer - Community Ghidra Plugin is Here

Community Ghidra Plugin is Here

Written by Intezer
Join our free communityGet started
Share Article
FacebookTwitterLinkedIn

Ghidra is a free and open source reverse engineering tool developed by the NSA. The plugin reduces the burden on the analyst by accelerating the reverse engineering process and spotlighting the most relevant part of the disassembled code. 

The plugin immediately filters out common functions, allowing the reverse engineer to focus on the file’s malicious and unique code. The plugin also detects similar functions or parts of a function which have been seen before in other malware.

When analyzing a Windows executable file and running the plugin, for example, the reverse engineer can immediately recognize if a function has been seen before in trusted code such as C library, or, if the function has appeared in an executable file that belongs to Lazarus.

Follow these two steps to get started:

  1. Make sure you have an Intezer Analyze community account. Register for free here
  2. Get the plugin from our GitHub repository

Community Ghidra Plugin is Here

A few weeks ago we released the Intezer Analyze community IDA Pro plugin, which is similar to the Ghidra plugin. Both plugins provide the same benefit of accelerating the reverse engineering process. To get started, choose your preferred reverse engineering software and run our plugin!

Intezer

Revealing the “genetic" origins of software, Intezer introduces a new way to detect and respond to cyber threats. Intezer offers enterprises advanced solutions to detect modern cyber attacks, while providing deep context for effective response.

© Intezer.com 2020 All rights reserved