The NSA have released version 10.0 of their popular open source reverse engineering tool, Ghidra. Ghidra 10 brings a ton of new features including a new debugger (see below). A lot of folks on the scene have used it as an open source alternative to the expensive IDA Pro, in order to reverse engineer, in particular, PS4 binaries and firmware.

Ghidra 10.0 – What’s new

• New Debugger
• support for user-defined extensions to the compiler specification
• A new prototype script RecoverClassesFromRTTIScript which recovers class information using RTTI structures has been added
• Managing and applying PDB files has a much improved GUI
• Analysis options configurations can be saved by name and quickly changed using a new feature in the Analysis configuration menu
• A general graph of data type relationships from the Data Type manager has been added
• The build infrastructure has been upgraded to support both Gradle 6 and 7. Gradle 5 is no longer supported.
• New exporters that write programs imported with the PE and ELF loaders back to their original file layout have been added
• Many bug fixes

Check the official changelog for full details

Using Ghidra on PS4

In order to use Ghidra with PS4 binaries, you’ll need plugins to help make the task easier. Developer astrelsky has got you covered. His plugin (with credit to SocraticBliss, jogolden, Z80, aerosoul, balika011, Znullptr, Pablo (kozarovv), ChendoChap, xyz, CelesteBlue, kiwidog, motoharu, noname120, flatz, Team Reswitched, zecoxao) is compatible with Ghidra 9.2 (so that’s the version you might want to install for now), and compatibility with 10.0 needs to be confirmed.

Download Ghidra PS4 plugin by Astrelsky.

Download Ghidra 10.0

You can download Ghidra here.

To install an official pre-built multi-platform Ghidra release:

• Install JDK 11 64-bit
• Download a Ghidra release file from ghidra-sre.org
• Extract the Ghidra release file
• Launch Ghidra: ./ghidraRun (or ghidraRun.bat for Windows)

For additional information and troubleshooting tips about installing and running a Ghidra release, please refer to docs/InstallationGuide.html which can be found in your extracted Ghidra release directory.