Community Ghidra Plugin is Here

Written by Intezer

    Share article
    FacebookTwitterLinkedInRedditCopy Link

    Top Blogs

    Ghidra is a free and open source reverse engineering tool developed by the NSA. The plugin reduces the burden on the analyst by accelerating the reverse engineering process and spotlighting the most relevant part of the disassembled code. 

    The plugin immediately filters out common functions, allowing the reverse engineer to focus on the file’s malicious and unique code. The plugin also detects similar functions or parts of a function which have been seen before in other malware.

    When analyzing a Windows executable file and running the plugin, for example, the reverse engineer can immediately recognize if a function has been seen before in trusted code such as C library, or, if the function has appeared in an executable file that belongs to Lazarus.

    Follow these two steps to get started:

    1. Make sure you have an Intezer Analyze community account. Register for free here
    2. Get the plugin from our GitHub repository

    Community Ghidra Plugin is Here

    A few weeks ago we released the Intezer Analyze community IDA Pro plugin, which is similar to the Ghidra plugin. Both plugins provide the same benefit of accelerating the reverse engineering process. To get started, choose your preferred reverse engineering software and run our plugin!


    Count on Intezer’s Autonomous SOC solution to handle the security operations grunt work.

    Generic filters
    Exact matches only
    Search in title
    Search in content
    Search in excerpt