Ghidra by the US National Security Agency (NSA, National Security Agency) of the Research Council for the NSA network security task of developing software reverse engineering (SRE) framework, it helps to analyze malicious code and viruses and other malicious software, and allows network security professionals to better understand their networks and systems of potential vulnerabilities. Version 9.1 reads as follows:
- Data types, bit field adds support for Structure and Union Editor
- Eclipse integration, adding new GhidraSleighEditor Eclipse plug-in installation directory under the Extensions / Eclipse in
- GUI, added by means of table columns, click the only sort of, close the table sorting
- Importer: MachO, as DYLD added a new importer / loader, shared cache file
- Languages, to achieve the Intel MCS-96 processor module; increase TriCore processor specification; HCS12X new processor specification; new mcs-48 Processor Specification
- Memory, adding new API to retain the original importer and mapped into byte memory block
- Program API, an increase of (bit-field) support for joint structure and bit fields
- Sleigh, increase the development of two new expansion modules (SleighDevTools and GnuDisAssler) to support the processor module. Added support for pcode junit test, which uses the simulation test code C cross compiler to validate sligh pcode (i.e. instruction semantics). SleighDevTools extension provides pcode test C source code and related build scripts, as well as external disassembler support to help verify disassembled instruction syntax.
This release also brings a lot of improvements and fixes, as detailed in the release notes: