Radare2: Libre Reversing Framework for Unix Geeks

Current git master branch is 5.9.9, next release will be 6.0.0.

• See abi stability documentation.

Description

r2 is a complete rewrite of radare. It provides a set of libraries, tools and plugins to ease reverse engineering tasks. Distributed under LGPLv3, despite each plugin can have different licenses (see r2 -Lj for details)

The radare project started as a simple command-line hexadecimal editor focused on forensics. Today, r2 is a full-featured low-level command-line tool with support for scripting with the embedded Javascript interpreter or via r2pipe.

r2 can edit files on local hard drives, view kernel memory, and debug programs locally or via a remote gdb/windbg servers. r2's wide architecture support allows you to analyze, emulate, debug, modify, and disassemble any binary.

Installation

Download the last released binaries.

The recommended way to install radare2 is from Git repository source:

git clone https://github.com/radareorg/radare2
radare2/sys/install.sh

• Run sys/install.sh for the default acr+make+symlink installation
• meson/ninja (muon/samu also works) and make builds are supported.

Source Build

• r2 can be installed from git or via pip using r2env.
• Windows builds require meson and msvc or mingw as compilers
• To uninstall the current build of r2 run make uninstall
• To uninstall ALL the system installations of r2 do: sudo make purge

On Windows use the .bat scripts and msvc:

preconfigure.bat       REM setup python, meson, ninja
configure.bat          REM run meson b + vs project
make.bat               REM run ninja -C b
prefix\bin\radare2.exe

Popular Plugins:

Using the r2pm tool you can browse and install many plugins and tools that use radare2.

• esilsolve: The symbolic execution plugin, based on esil and z3
• iaito: The official Qt graphical interface
• keystone Assembler instructions using the Keystone library
• decai Decompiler based on AI
• r2ai Run a Language Model in localhost with Llama inside r2!
• r2dec: A decompiler based on r2 written in JS, accessed with the pdd command
• r2diaphora: Diaphora's binary diffing engine on top of radare2
• r2frida: The frida io plugin. Start r2 with r2 frida://0 to use it
• r2ghidra: The standalone native ghidra decompiler accessible with pdg
• r4ghidra: Feel the radare joy inside your Ghidra
• r2papi High level api on top of r2pipe
• r2pipe Script radare2 from any programming language
• r2poke Integration with GNU/Poke for extended binary parsing capabilities
• goresym: Import GoReSym symbol as flags
• r2yara Run Yara from r2 or use r2 primitives from Yara
• radius2: A fast symbolic execution engine based on boolector and esil
• r2sarif import/extend/export SARIF documents

Usage

These are the first steps to use r2, read the book or find tutorials for more details

$ r2 /bin/ls   # open file in read-only
> aaa          # analyse the program (r2 -A)
> afl          # list all functions (try aflt, aflm)
> px 32        # print 32 byte hexdump current block
> s sym.main   # seek to main (using flag name)
> f~foo        # filter flags matching 'foo' (internal |grep)
> iS;is        # list sections and symbols (rabin2 -Ss)
> pdf; agf     # disassembly and ascii-art function graph
> oo+;w hello  # reopen in read-write and write a string
> ?*~...       # interactive filter in all command help
> q            # quit

Many plugins are included in r2 by default. But you can extend its capabilities by using the r2pm package manager.

r2pm -s <word>  # search packages matching a word
r2pm -Uci <pkg> # update database and clean install a package
r2pm -u <pkg>   # uninstall the given package
r2pm -l <pkg>   # list installed packages

Resources

• Official Book: Read about r2 usage
• COMMUNITY.md: Community engagement and loose guidelines
• CONTRIBUTING.md: Information about reporting issues and contributing. See also Contributing
• DEVELOPERS.md: Development guidelines for r2
• SECURITY.md: Instructions for reporting vulnerabilities
• USAGE.md: Some example commands
• INSTALL.md: Installation instructions using make or meson

Documentation

Learn more about r2 watching youtube talks from r2con. There are also many blogposts, slidedecks and the official radare2 book, but it's always a good idea to join any of the official chats and drop your questions or feedback there.

Community

• Website: https://www.radare.org/
• Discord: Server
• Mastodon: @radareorg
• Telegram: Main and Side channels
• irc.libera.chat: #radare, #radare_side
• Matrix: #radare:matrix.org

Supported Platforms

Operating Systems

Windows (since XP for x86/x64/arm64), Linux, Darwin, GNU/Hurd, Apple's {Mac,i,iPad,watch}OS, Android, Wasmer, [Dragonfly, Net, Free, Open] BSD, Z/OS, QNX, SerenityOS, Solaris, AIX, Haiku, Vinix, FirefoxOS.

Architectures

i386, x86-64, Alpha, ARM, AVR, BPF, MIPS, PowerPC, SPARC, RISC-V, SH, m68k, S390, XCore, CR16, HPPA, ARC, Blackfin, Z80, H8/300, V810, PDP11, m680x, V850, CRIS, XAP (CSR), PIC, LM32, 8051, 6502, i4004, i8080, Propeller, EVM, OR1K Tricore, CHIP-8, LH5801, T8200, GameBoy, SNES, SPC700, MSP430, Xtensa, xcore, NIOS II, Java, Dalvik, Pickle, WebAssembly, MSIL, EBC, TMS320 (c54x, c55x, c55+, c64x), Hexagon, Brainfuck, Malbolge, whitespace, DCPU16, LANAI, lm32, MCORE, mcs96, RSP, SuperH-4, VAX, KVX, Am29000, LOONGARCH, JDH8, s390x, STM8.

File Formats

ELF, Mach-O, Fatmach-O, PE, PE+, MZ, COFF, XCOFF, OMF, TE, XBE, SEP64, BIOS/UEFI, Dyldcache, DEX, ART, Java class, Android boot image, Plan9 executables, Amiga HUNK, ZIMG, MBN/SBL bootloader, ELF coredump, MDMP (Windows minidump), PDP11, XTAC, CGC, WASM (WebAssembly binary), Commodore VICE emulator, QNX, WAD, OFF, TIC-80, GB/GBA, NDS and N3DS, and mount several filesystems like NTFS, FAT, HFS+, EXT,...

Packaging Status

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
•