Source: Help Net Security Author: Help Net Security URL: https://www.helpnetsecurity.com/2025/02/07/ghidra-11-3-released-new-features-performance-improvements-bug-fixes/
-
ONE SENTENCE SUMMARY: Ghidra 11.3 introduces new debugging, emulation, and integration features, enhancing reverse engineering capabilities across multiple platforms with improved performance.
-
MAIN POINTS:
-
Ghidra 11.3 is fully backward compatible but not forward compatible with older versions.
-
Visual Studio Code integration replaces Eclipse with improved script editing and Ghidra extension development tools.
-
PyGhidra enables direct access to the Ghidra API via CPython 3 and integrates CPython into the GUI.
-
A new JIT-accelerated p-code emulator enhances dynamic analysis performance but remains in early development.
-
Debugging infrastructure is streamlined, adding macOS and Windows kernel debugging capabilities.
-
Function Graph improvements include a new Flow Chart layout, customizable satellite view, and better navigation shortcuts.
-
Source file mapping enhancements integrate source file and line information into analysis workflows.
-
Processor support improves x86 AVX-512, TI_MSP430, and ARM VFPv2 instruction handling.
-
String translation expands with LibreTranslate support, enhancing privacy and text search capabilities.
-
Full-text search across decompiled functions now dynamically incorporates the latest decompilation results.
-
TAKEAWAYS:
-
Ghidra 11.3 strengthens integration with Visual Studio Code, modernizing script editing and extension development.
-
The new JIT-accelerated p-code emulator significantly improves performance for dynamic analysis.
-
Debugging enhancements extend kernel debugging support for macOS and Windows virtual machines.
-
Function Graph and source mapping improvements enhance navigation and code visualization.
-
Expanded processor support and text search features improve reverse engineering accuracy and efficiency.