The Ghidra Book, 2nd Edition: The Definitive Guide
Dance with the Dragon
“
A must-read for any reverse engineer.
”
—Max “Libra” Kersten
Developed through more than a decade of research within the NSA, Ghidra was created to address some of the most challenging reverse engineering problems faced by the US government. With its open source release, this formerly restricted tool suite is now freely available to cybersecurity practitioners, researchers, and students worldwide. The Ghidra Book provides a clear, practical guide to understanding and using this powerful platform.
In addition to introducing core reverse engineering techniques for software and malware analysis, the book explains Ghidra’s key components, features, and support for extensibility and collaborative analysis. Beginning with the fundamentals and progressing to more advanced workflows, you’ll learn how to use Ghidra effectively and adapt it to new challenges.
You’ll learn how to:
Navigate and interpret a disassembly
Use Ghidra’s built-in decompiler to expedite analysis
Analyze unfamiliar and obfuscated binaries
Extend Ghidra to recognize new data types
Build custom analyzers, loaders, and processor support modules
Script Ghidra tasks to automate analysis tasks
Set up a collaborative reverse engineering environment
This fully revised second edition reflects the modern Ghidra platform as it is used in practice, with updated tooling, improved workflows, and hands-on real-world examples. Designed for beginners and experienced users alike, The Ghidra Book prepares you to tackle real reverse engineering problems with confidence.
New to this edition:
Behavioral analysis with BSim
Full Python 3 support via PyGhidra
Enhanced debugging and graphing tools
Modern container-based deployment
About the Author
Dr. Kara Nance
is a private security consultant and has been a professor of computer science for many years. She regularly speaks at conferences around the world and enjoys building Ghidra extensions as well as providing Ghidra training.
Chris Eagle
has been reverse engineering software for 45 years. He is the author of The IDA Pro Book (No Starch Press) and is a highly sought-after provider of reverse engineering training.