Radare2 : UNIX-like Reverse Engineering Framework And Command-Line Toolset

Radare2 is a rewrite from scratch of radare. It provides a set of libraries, tools and plugins to ease reverse engineering tasks.

The radare project started as a simple command-line hexadecimal editor focused on forensics, over time more features were added to support a scriptable command-line low level tool to edit from local hard drives, kernel memory, programs, remote gdb servers and be able to analyze, emulate, debug, modify and disassemble any binary.

• Install r2 from Git (Clone the repo and run sys/install.sh) or use pip install r2env
• Read the Official radare2 book
• COMMUNITY.md engagement
• CONTRIBUTING.md general rules
• DEVELOPERS.md to improve r2 for your needs
• SECURITY.md on vulnerability report instructions
• USAGE.md for an introductory session
• INSTALL.md instructions

git clone https://github.com/radareorg/radare2
radare2/sys/install.sh

Plugins

Most of the plugins you need may be available in the stock r2 installation, but you can find more in the r2pm package manager.

r2pm update # initialize and update the package database
r2pm install [pkg] # installs the package

Some of the most installed packages are:

• r2ghidra the native ghidra decompiler plugin: pdg command
• esilsolve symbolic execution r2 plugin based on esil and z3
• r2dec decompiler based on r2 written in js pdd
• r2frida the frida io plugin r2 frida://0
• iaito – official graphical interface (Qt)

Operating Systems

Windows (since XP), Linux, Darwin, GNU/Hurd, Apple’s {Mac,i,iPad,watch}OS, Android [Dragonfly, Net, Free, Open] BSD, Z/OS, QNX, Solaris, Haiku, FirefoxOS.

Architectures

i386, x86-64, ARM, MIPS, PowerPC, SPARC, RISC-V, SH, m68k, m680x, AVR, XAP, S390, XCore, CR16, HPPA, ARC, Blackfin, Z80, H8/300, V810, V850, CRIS, XAP, PIC, LM32, 8051, 6502, i4004, i8080, Propeller, Tricore, CHIP-8, LH5801, T8200, GameBoy, SNES, SPC700, MSP430, Xtensa, NIOS II, Java, Dalvik, WebAssembly, MSIL, EBC, TMS320 (c54x, c55x, c55+, c66), Hexagon, Brainfuck, Malbolge, whitespace, DCPU16, LANAI, MCORE, mcs96, RSP, SuperH-4, VAX, AMD Am29000.

File Formats

ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, OMF, TE, XBE, BIOS/UEFI, Dyldcache, DEX, ART, CGC, Java class, Android boot image, Plan9 executable, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), WASM (WebAssembly binary), Commodore VICE emulator, QNX, WAD, OFF, Game Boy (Advance), Nintendo DS ROMs and Nintendo 3DS FIRMs, various filesystems.