0xeb

0xeb / libghidra

Public

SDK for automating Ghidra from Python, Rust, and C++. Decompile, rename, annotate, inspect symbols/types/xrefs, and manage project lifecycle programmatically - treat Ghidra like infrastructure, not just a GUI.

11
1
100% credibility
Found Apr 21, 2026 at 11 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
C++
AI Summary

libghidra offers typed interfaces in C++, Python, and Rust to query Ghidra program data like functions, types, memory, and decompiler output either via a live HTTP server or offline.

How It Works

1
📚 Discover libghidra

You hear about a helpful tool that lets everyday coders easily peek inside compiled programs using Ghidra's smarts.

2
🔧 Set up the helper

Download Ghidra if needed, add its simple extension, and open your binary file like any program.

3
🚀 Start sharing or go solo

Choose to share Ghidra's brain over the web or use the standalone version that works anywhere.

4
Connect your code
🌐
Live sharing

Click start in Ghidra and connect to get real-time answers.

🖥️
Standalone

Load your file directly for quick offline peeks.

5
🔍 Ask and explore

Query for functions, decompile code to readable C, or check memory – see everything clearly.

🎉 Unlock your binary

You now understand the program's secrets effortlessly, ready for your next project.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 11 to 11 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is libghidra?

libghidra is a C++ GitHub SDK for automating Ghidra, the NSA's open reverse engineering tool, from Python, Rust, or C++. It exposes typed APIs to decompile functions, inspect symbols, types, xrefs, rename entities, annotate code, and manage project lifecycles programmatically. Ditch the GUI—treat Ghidra like infrastructure for scripting analysis.

Why is it gaining traction?

Dual backends shine: HTTP server for live Ghidra sessions with full writes, or offline local mode embedding the decompiler—no Java or network needed for batch jobs. Python CLI (libghidra decompile, functions) speeds prototyping, while Rust/C++ bindings suit production tools. Like GitHub SDKs in JS, Rust, or even Copilot extensions, but for binary reversing.

Who should use this?

Reverse engineers batch-decompiling malware in CI pipelines. Tool devs building Rust/C++ analyzers that inspect/annotate binaries headlessly. Analysts automating Ghidra workflows beyond the GUI, like xref graphing or type propagation.

Verdict

Promising alpha (0.0.1) for Ghidra automation, but 11 stars and 1.0% credibility signal early days—API evolving, docs solid but tests light. Try for scripting if you can handle breaks; skip for stable prod.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.