IGhidra ingenye yamaphrojekthi wesoftware amaningi avulekile ngaphakathi kwefayela le- Inhlangano yezokuphepha kaZwelonke (I-NSA) we-United States of America (USA). Kumele kuqashelwe ukuthi, ngoJuni 2017 lI-NSA inikeze uhlu lwamathuluzi eliwenzile manje atholakala esidlangalaleni nge-Open Source njengengxenye yoHlelo Lwayo Lokudlulisa Ubuchwepheshe (i-TTP).
IGhidra uhlaka lobunjiniyela oluphindayo ithuthukiswe yiNSA Research Division yeNSA Cybersecurity Mission. Isiza ekuhlaziyweni kwekhodi enonya ne-malware, njengama-virus, futhi inika amandla ochwepheshe ukuthi baqonde kangcono ukuba sengozini kwamanethiwekhi abo nasezinhlelweni zawo.
Izici ze IGhidra
Phakathi kwezici ezisemqoka zeGhidra, siyathola
- Ithuluzi eliza nohlu lwamathuluzi wokuhlaziya wesoftware wokuhlaziya ikhodi ehlanganisiwe kuzingxenyekazi ezahlukahlukene, kufaka phakathi iWindows, iMacOS, neLinux.
- Uhlaka amandla alo afaka phakathi ukuqaqa, ukuhlanganisa, ukubola, ukufaka igrafu nokubhala, namakhulu ezinye izici
- Ithuluzi elisekela amasethingi wokufundisa we-processor namafomethi asebenzayo futhi angaqhutshwa ngemodi yokusebenzisana nezenzakalelayo.
- Amandla abasebenzisi wokuthuthukisa izinto zabo ze-Ghidra kanye / noma imibhalo besebenzisa i-API eveziwe.
Lolu hlelo lufaka phakathi ubuchwepheshe obuningi obunelungelo lobunikazi ezindaweni eziningi zobuchwepheshe, okungaqokonyiswa kukho okulandelayo.
I-Apache Buthelela
Inikezela ngokugcinwa kwedatha okuqinile futhi okunesabekayo. Ingeza isilawuli sokufinyelela esuselwa kuseli kanye nendlela yokuhlela eseceleni eseceleni engaguqula ukhiye / inani lamapheyinti ezindaweni ezihlukile kunqubo yokuphathwa kwedatha.
I-CASA (Ukuqwashisa Isimo Sokulawulwa Kwesitifiketi)
Idalula izitifiketi ezingavumelekile eziphathimandla zesitifiketi ezithembekile ezinhlelweni zeWindows. I-CASA iyatholakala njengohlelo lokusebenza lwe-Splunk.
I-Java PATHFINDER MANGO (JPF-MANGO)
Ithuluzi lokuhlaziya ikhodi le-Static elisuselwa kuzindlela ezisemthethweni. Kuyingxenye yephrojekthi ye-NASA's Ames Java PathFinder, ukuqinisekisa ama-binaries aphathekayo we-Java (bytecode).
I-NIFI APACHE
Shintsha ukuhamba kwedatha phakathi kwezinhlelo. I-NiFi isebenzisa imiqondo yokuhlelwa kokugeleza futhi ixazulule izinkinga zokugeleza kwedatha ezivamile ezibhekene namabhizinisi.
Ezinye ze Amandla nezinhloso ezisezingeni eliphakeme ze-Apache NiFi zifaka:
- i-interface yomsebenzisi esekwe kuwebhu enikezela ngesipiliyoni esingenamthungo phakathi kokuklanywa, ukulawula, impendulo nokulandelwa
- Isoftware elungiseka kahle kakhulu: ngokwesibonelo, okubalulekile okunamandla kungasetshenziswa noma ukugeleza kuguqulwe ngesikhathi sokusebenza
- Umthombo wedatha: ithuluzi linikeza ithuba lokulandela ukugeleza kwedatha ukusuka ekuqaleni kuye ekugcineni
- Idizayinelwe ukunwetshwa: ngaleli thuluzi ungadala amaprosesa akho nokuningi
- Ezokuphepha: thumela i-SSL, i-SSH, i-HTTPS, okuqukethwe okubethelwe, njalonjalo. Ibuye ibe nokugunyazwa kwabaqashi abaningi kanye nokugunyazwa kwangaphakathi / ukuphathwa kwenqubomgomo.
UKUVULWA
Qinisekisa ubuqotho bohlelo ngokusungula isilinganiso esiyisisekelo se-Module Platform Module (TPM) nohlelo lokuqapha ushintsho kuleso silinganiso Ekuqaleni, ngokuya ngesoftware yeNSA Host Integrity ekuqaleni (HIS).
Izici eziyinhloko zifaka:
- Ukusekelwa kwezinhlelo ezinkulu zokubamba ze-Linux
- Izikimu zokubika ezisuselwa ku-PCR nemithetho yenqubomgomo.
- I-API yombuzo esekwe kabusha
- Ukuqaliswa kwesikhombimsebenzisi se-portal / graphical reference interface.
- Ukuqhathaniswa kwedatha ye-PCR yomlando;
- Ukuphathwa kwabagunyaziwe
- ukulawulwa kokufinyelela okuguqukayo kuseva yobufakazi
- I-Tomcat 2-way SSL / TLS isekela ama-API wombuzo
- Imibiko ye-SAML.
Ungaba kanjani neGhidra kuLinux?
IGhidra inewebhusayithi esemthethweni lapho ungathola khona usizo itholakalela onjiniyela abafuna ukuyisebenzisa, uzokwazi kabanzi ngokuthi ungayifaka kanjani, uyisebenzise, njll.
I-NSA nayo yaya enkingeni yokunikeza i-FAQ ezothuthukiswa ngokususelwa kwimibuzo engabuzwa ngabathuthukisi emphakathini.
Isixhumanisi lapho ungabheka khona lokhu bese ulanda lolu hlaka Ingabe lokhu.