UNIX-like reverse engineering framework and command-line toolset
Go to file
pancake 38a4d372f7
Some checks are pending
build / linux-wasi (push) Waiting to run
build / linux-wasi-api (push) Waiting to run
build / linux-csnext (push) Waiting to run
build / tarball (push) Waiting to run
build / linux-static (push) Waiting to run
build / linux-acr-rpm-64 (push) Waiting to run
build / linux-acr-deb (amd64) (push) Waiting to run
build / linux-acr-deb (arm64, aarch64-linux-gnu) (push) Waiting to run
build / linux-acr-deb (i386, multilib) (push) Waiting to run
build / macos-acr (arm64, 13) (push) Waiting to run
build / macos-acr (x86_64, 12) (push) Waiting to run
build / ios (cydia32) (push) Waiting to run
build / ios (true, cydia) (push) Waiting to run
build / android-acr (16, arm) (push) Waiting to run
build / android-acr (aarch64) (push) Waiting to run
build / android-meson (x86_64) (push) Waiting to run
build / w32-meson (push) Waiting to run
build / w64-static-2022 (push) Waiting to run
build / w64-static (push) Waiting to run
build / w64-meson (push) Waiting to run
build / check_abi_compatibility (push) Blocked by required conditions
build / check_release (push) Blocked by required conditions
build / release (push) Blocked by required conditions
CI / linux-acr-oldlibsbug (push) Waiting to run
CI / linux-nocs (push) Waiting to run
CI / linux-acr-gperf (push) Waiting to run
CI / linux-sys-capstone (push) Waiting to run
CI / linux-acr-resymlink (push) Waiting to run
CI / linux-test (push) Waiting to run
CI / linux-static-meson (push) Waiting to run
CI / macos-test (push) Waiting to run
CI / linux-rpath (push) Waiting to run
CI / macos-rpath (push) Waiting to run
CI / linux-meson-spaces (push) Waiting to run
CI / linux-tinyasan-fuzz (push) Waiting to run
CI / linux-asan-fuzz (push) Waiting to run
CI / w64-make (push) Waiting to run
CI / w32-mingw (push) Waiting to run
CI / w64-mingw (push) Waiting to run
Code scanning - action / CodeQL-Build (push) Waiting to run
Coverity Scan / latest (push) Waiting to run
tcc / ubuntu-tcc-newabi (push) Waiting to run
tcc / ubuntu-tcc-test (push) Waiting to run
tcc / ubuntu-tcc-nodbg (push) Waiting to run
tcc / r2pm-tcc (push) Waiting to run
tcc / ubuntu-tcc-syslibs (push) Waiting to run
Add aflmu command to list function calls once ##analysis
2024-10-28 04:31:28 +01:00
.github Make meson-w32 ci run on prs 2024-10-23 01:04:12 +02:00
binr Fix few UB covs, more asserts 2024-10-17 12:57:41 +02:00
dist New prj core plugin as PoC ##projects 2024-10-21 15:32:31 +02:00
doc Install scripts ##build 2024-10-21 20:45:30 +02:00
libr Add aflmu command to list function calls once ##analysis 2024-10-28 04:31:28 +01:00
man Add /V value range support in rafind2 ##search 2024-10-06 12:23:55 +02:00
mk Simplify the WASM PARTIALLD flags ##build 2024-09-23 13:22:34 +02:00
pkgcfg Autodetect libc version and support manual specification ##debug 2024-02-14 14:38:40 +01:00
scripts Fix core and fs license names, improve licenses.r2.js 2024-10-17 15:37:39 +02:00
shlr Fix qjs symbols visibility ##build 2024-10-25 18:21:11 +02:00
sys Exclude functions taking no arguments 2024-10-24 18:01:34 +02:00
test Add asm.cmt.wrap to ignore asm.cmt.right on long comments ##disasm 2024-10-28 03:57:23 +01:00
.clang-format Some clang-format improvements ##indent 2021-01-25 00:34:58 +01:00
.gitignore Ignore WASM build artifacts 2024-09-23 13:22:34 +02:00
autogen.sh After release version bump 2024-04-01 14:07:14 +02:00
COMMUNITY.md Improve wording of COMMUNITY.md 2022-05-30 19:35:37 +02:00
config-user.mk.acr Build fs.squashfs with the make build system too ##fs 2024-06-06 10:30:13 +02:00
configure After release version bump 2024-10-14 00:47:44 +02:00
configure-plugins Remove unnecessary cp in configure-plugins and more precise touch flag ##build 2024-10-11 11:14:00 +02:00
configure.acr After release version bump 2024-10-14 00:47:44 +02:00
configure.bat Update to the latest quickjs-ng, so we dont need to ship custom patches ##r2js 2024-10-22 22:07:33 +02:00
configure.hook Create dist/ to hold all the distribution build files ##build (#18131) 2020-12-31 18:57:05 +01:00
CONTRIBUTING.md Update merging style in CONTRIBUTING.md (#21467) 2023-03-12 18:40:28 +01:00
COPYING Referenced https:// instead of http:// everywhere as per requirement 2023-03-22 06:58:25 +01:00
COPYING.LESSER Referenced https:// instead of http:// everywhere as per requirement 2023-03-22 06:58:25 +01:00
DEVELOPERS.md Replace other r_return_* uses and update DEVELOPERS.md ##refactor 2024-08-05 13:31:58 +02:00
env.sh env.sh: Don't add trailing colons to paths 2024-05-23 11:58:49 +02:00
global.mk Improve output for make -s and fix magic install with symlinks issue (#18781) 2021-05-30 23:46:58 +02:00
INSTALL.md Add a line for fixing directory permissions in INSTALL.md 2023-03-21 12:37:08 +01:00
make.bat Simplify meson logic and use ole's PR to fix Windows ##build 2022-01-31 23:54:00 +01:00
Makefile Install scripts ##build 2024-10-21 20:45:30 +02:00
meson_options.txt Initial squashfs support (meson only + introduces subprojects) 2024-06-05 09:14:49 +02:00
meson.build Install scripts ##build 2024-10-21 20:45:30 +02:00
preconfigure Support capstone from r2pm via sys/install.sh 2023-08-01 18:04:20 +02:00
preconfigure.bat Fix preconfigure.bat setuptools installation ##build 2024-09-21 23:31:03 +02:00
README.md Release 5.9.6 - codename "corteza" 2024-10-13 12:33:37 +02:00
SECURITY.md Rewrite user-facing documentation (#19543) 2022-01-01 06:11:46 -06:00
USAGE.md Few more cleanups for rahash2 and add the strhash crypto plugin 2024-03-21 11:16:16 +01:00
vsfix.bat Update sdb to remove double include paths ##build 2022-11-19 01:05:18 +01:00

screenshot

Radare2: Libre Reversing Framework for Unix Geeks

Latest packaged version Tests Status build tcc CII Best Practices Build Status Discord

See the Releases page for downloads. The current git master branch is 5.9.7, next will be 5.9.8.

  • Since 5.6.0, patch releases are abi stable
  • Even patch numbers used for releases, odd ones for git.
  • .9 patch versions reflect the abi breaking seasson

Description

r2 is a complete rewrite of radare. It provides a set of libraries, tools and plugins to ease reverse engineering tasks. Distributed mostly under LGPLv3, each plugin can have different licenses (see r2 -L, rasm2 -L, ...).

The radare project started as a simple command-line hexadecimal editor focused on forensics. Today, r2 is a featureful low-level command-line tool with support for scripting with the embedded Javascript interpreter or via r2pipe.

r2 can edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb/windbg servers. r2's wide architecture support allows you to analyze, emulate, debug, modify, and disassemble any binary.

screenshot

Installation

The recommended way to install radare2 is via Git using acr/make or meson:

git clone https://github.com/radareorg/radare2
radare2/sys/install.sh

On Windows you may want to use the precompiled builds or the .bat files to compile if you have msvc:

preconfigure.bat       REM setup python, meson, ninja
configure.bat          REM run meson b + vs project
make.bat               REM run ninja -C b
prefix\bin\radare2.exe
  • r2 can be installed from git or via pip using r2env.
  • Run sys/install.sh for the default acr+make+symlink installation
  • meson/ninja (muon/samu also works) and make builds are supported.
  • Windows builds require meson and msvc or mingw as compilers
  • To uninstall the current build of r2 run make uninstall
  • To uninstall ALL the system installations of r2 do: sudo make purge

Using the r2pm tool you can browse and install many plugins and tools that use radare2.

  • esilsolve: The symbolic execution plugin, based on esil and z3
  • iaito: The official Qt graphical interface
  • keystone Assembler instructions using the Keystone library
  • decai Decompiler based on AI
  • r2ai Run a Language Model in localhost with Llama inside r2!
  • r2dec: A decompiler based on r2 written in JS, accessed with the pdd command
  • r2diaphora: Diaphora's binary diffing engine on top of radare2
  • r2frida: The frida io plugin. Start r2 with r2 frida://0 to use it
  • r2ghidra: The standalone native ghidra decompiler accessible with pdg
  • r2papi High level api on top of r2pipe
  • r2pipe Script radare2 from any programming language
  • r2poke Integration with GNU/Poke for extended binary parsing capabilities
  • goresym: Import GoReSym symbol as flags
  • r2yara Run Yara from r2 or use r2 primitives from Yara
  • radius2: A fast symbolic execution engine based on boolector and esil
  • r2sarif import/extend/export SARIF documents

Usage

These are the first steps to use r2, read the book or find tutorials for more details

$ r2 /bin/ls   # open file in read-only
> aaa          # analyse the program (r2 -A)
> afl          # list all functions (try aflt, aflm)
> px 32        # print 32 byte hexdump current block
> s sym.main   # seek to main (using flag name)
> f~foo        # filter flags matching 'foo' (internal |grep)
> iS;is        # list sections and symbols (rabin2 -Ss)
> pdf; agf     # disassembly and ascii-art function graph
> oo+;w hello  # reopen in read-write and write a string
> ?*~...       # interactive filter in all command help
> q            # quit

Many plugins are included in r2 by default. But you can extend its capabilities by using the r2pm package manager.

r2pm -s <word>  # search packages matching a word
r2pm -Uci <pkg> # update database and clean install a package
r2pm -u <pkg>   # uninstall the given package
r2pm -l <pkg>   # list installed packages

Resources

Documentation

Learn more about r2 watching youtube talks from r2con. There are also many blogposts, slidedecks and the official radare2 book, but it's always a good idea to join any of the official chats and drop your questions or feedback there.

Community

Supported Platforms

Operating Systems

Windows (since XP), Linux, Darwin, GNU/Hurd, Apple's {Mac,i,iPad,watch}OS, Android, Wasmer, [Dragonfly, Net, Free, Open] BSD, Z/OS, QNX, SerenityOS, Solaris, AIX, Haiku, Vinix, FirefoxOS.

Architectures

i386, x86-64, Alpha, ARM, AVR, BPF, MIPS, PowerPC, SPARC, RISC-V, SH, m68k, S390, XCore, CR16, HPPA, ARC, Blackfin, Z80, H8/300, V810, PDP11, m680x, V850, CRIS, XAP (CSR), PIC, LM32, 8051, 6502, i4004, i8080, Propeller, EVM, OR1K Tricore, CHIP-8, LH5801, T8200, GameBoy, SNES, SPC700, MSP430, Xtensa, xcore, NIOS II, Java, Dalvik, Pickle, WebAssembly, MSIL, EBC, TMS320 (c54x, c55x, c55+, c64x), Hexagon, Brainfuck, Malbolge, whitespace, DCPU16, LANAI, lm32, MCORE, mcs96, RSP, SuperH-4, VAX, KVX, Am29000, LOONGARCH, JDH8, s390x, STM8.

File Formats

ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, XCOFF, OMF, TE, XBE, SEP64, BIOS/UEFI, Dyldcache, DEX, ART, Java class, Android boot image, Plan9 executables, Amiga HUNK, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), PDP11, XTAC, CGC, WASM (WebAssembly binary), Commodore VICE emulator, QNX, WAD, OFF, TIC-80, GB/GBA, NDS and N3DS, and mount several filesystems like NTFS, FAT, HFS+, EXT,...

Packaging Status

  • Snap package
  • Termux package
  • Alpine Linux Edge package Alpine Linux 3.19 package Alpine Linux 3.18 package
  • Arch package AUR package
  • EPEL 7 package EPEL 8 package EPEL 9 package
  • Fedora Dev Fedora 40 Fedora 39
  • FreeBSD port OpenBSD port pkgsrc current package
  • Homebrew package MacPorts package
  • Haiku Ports Void Linux
  • Ubuntu 24.04 package Ubuntu 23.04 package Ubuntu 20.04 package Ubuntu 18.04 package
  • Debian Unstable package Debian 12 package Kali Linux Rolling package