I used this again just the other day with the cantor.dust plugin. My rev.eng skills are dull and were never great to begin with, but for anything below a real APT with obfuscation, runtime decoding and unpacking, Ghidra is an equalizer. Between this and Chef from gchq, someone with devops skills can probably skill up to an entry level threat analyst level in a few weeks or months. The tooling available today is really good.

If people are worried about running systems backdoored by NSA, they probably shouldn't use things like electricity either. It's a threat actor you can't really do anything about.