Jeremy Blackthorne

Automated Reversing with Ghidra (2-hour workshop)

Ghidra is the now public, but formally Top Secret reverse engineering tool developed by the NSA. When it comes to the basics, like disassembly and decompiling, it definitely competes with commercial tools like IDA and Binary Ninja. But when it comes to automation, Ghidra has additional capabilities beyond other tools.

In this workshop, we start with Ghidra’s simple Python prompt, move on to custom scripts and modules, and finally show how Ghidra performs automated reversing against large programs and large datasets.

Jeremy Blackthorne is the lead instructor for the Boston Cybernetics Institute (BCI) where he develops training for the U.S. military. Before BCI, he was a researcher at Lincoln Laboratory focusing on CNO tactics. Jeremy has published research on various topics, including covert channels, environmental keying, and evading security products. From 2002 – 2006, he served in the U.S. Marine Corps as a rifleman and scout sniper. He is a proud alumnus of RPISEC.