Ghidra vs IDA Pro - Which one is better?
Ghidra and IDA Pro, both are the reverse engineering framework. Ghidra is a Java-based interactive reverse engineering framework developed by US National Security Agency (NSA). IDA Pro is an expensive tool, owned by Hex-Rays SA. Both tools are useful tools for binary analysis. Three types of binaries are popularly used: ELF (Executable and Linkable Format), PE (Portable Executable), and Mach O(Mach Object). This blog lists a comparison between two tools and tries to find which one is better.
Comparison between two frameworks
|GUI/CLI||GUI based||GUI based|
|Cost||Free||Commercial, although limited functionality tool (IDA Free) available for free.|
|Stage of development||Advanced stage (mature)||Advanced stage (mature)|
|multiple binaries support||Support load of multiple binaries at once.||Support load of limited binaries.|
|support upload of binaries||Support big firmware images of size more than 1 GB without any issues||Available|
|Supported families||Support less number of families than IDA Pro||IDA Pro supported more than 65 families of processors that include x86/x84, ARM/ARM64, MIPS/MIPS 64, etc.|
|Support from Vendor||open community available||Technical support is available via email, forum|
|License||Open source hence can be used freely||License available based on requirements. A floating license is also available.|
|version tracking||version tracking between different versions of binaries available||Available|
|Undo feature||Available||Available in IDA Pro 7.3 (previously not available)|
Reverse engineering of malware/binaries is not an easy task. Currently, there is no single tool available that acts as a single bullet for identifying everything on the target. It is recommended to learn more tools including Ghidra and IDA Pro to take advantage of the strength of all tools available.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.