After years of rumblings in the community about NSA’s Ghidra reverse engineering tool, NSA Senior Rob Joyce finally released the tool publicly at RSA in March 2019.
In this interactive workshop, two experienced reverse engineers will explain everything you need to know to get to work using Ghidra in your offensive research. We’ll start with an overview of Ghidra, then cover the tool’s scripting interfaces for automation. We’ll close with discussion of the tool’s internals, strengths and weaknesses, and highlight community contributions. Knowing our audience, we’ll cut to the interesting parts immediately - no explanations of what the stack is or how to recognize a for loop.
Since this workshop is interactive, attendees are strongly recommended to install Ghidra beforehand and ensure that it runs on their systems. Exercise binaries and scripts will be shared closer to the time of the workshop.