![ghidra vs ida pro ghidra vs ida pro](https://www.pvsm.ru/images/2019/12/19/GHIDRA-vs-IDA-Pro-3.png)
Most of the times I don't rely on one tool for reversing since may be one of the tools mis-interpret something important in the code which will at least get you confused and waste your time to figure out the mistake.įor example, in the case where a string was missing for example since I created the file for testing, I knew that the string existed, however if I didn't it would have taken so much time to figure it out using only one tool but when opening the file in IDA everything looks normal and the strings are correctly interpreted. I have seen similar failures with IDA and Radare 2 so it's not a Ghidra specific problem but what I am saying is you shouldn't always trust the tools and always assume that they might make a mistake.
![ghidra vs ida pro ghidra vs ida pro](https://i.ytimg.com/vi/5xdaLy9gtIY/hqdefault.jpg)
I am not saying that Ghidra is bad as a matter of fact I think Ghidra will be my choice for any future RE projects. Also, in the function itself, when you double click the address it says that the address is invalid and not in the program memory.
#GHIDRA VS IDA PRO UPDATE#
Update : after writing this article I found a cool feature that is very useful, Ghidra actually detects files embedded in the file you're analyzing, this means that if there's an image or icon in the resources section, you will find it displayed right into the assembly listing window. If you want to know information about a function just click on its name and all the windows including the disassembly, code window, call tree and function graph will be updated to that function.Ī good thing is that you can have all these windows open at the same time without any tabs you can still use tabs if you wish. One more thing you can do is that you can enable the Function call tree window which will show both incoming and outgoing calls to and from this function. The most interesting feature is the de-compiler, it works in a way similar to a godbolt. There are so many things that are good about ghidra, the tool is completely free and have some features that doesn't even exist in commercial products. So, the NSA decided to release their reverse engineering tool named Ghidra, I did have some time to play with it, and to be honest I was really impressed it's an awesome tool, however there are some problems that I encountered when using the tool.