r2

Open binary for analysis

$ r2 [binary]

$ r2 -w [binary]

$ r2 -A [binary]

$ r2 -d [binary]

$ r2 [gdb://host:port]

r2 [options] [file]

r2 (radare2) is an open-source reverse engineering framework for analyzing, disassembling, debugging, and patching binary files. It supports a wide range of architectures and file formats, providing an interactive command-line shell with hundreds of commands for navigating code, examining data structures, and performing forensic analysis.
The framework includes a built-in disassembler, hex editor, debugger, and scripting engine. The -A flag triggers automatic analysis to identify functions, strings, and cross-references on load, while -d enables live debugging of running processes. Remote analysis is supported through protocols like GDB, allowing connection to embedded targets and virtual machines. Its plugin system and scripting via Python, JavaScript, and r2pipe make it extensible for custom analysis workflows.

FILE

Binary file.

Run analysis.

Write mode.

Debug mode.

Architecture.

Bits (32/64).

Run command.

Steep learning curve. Powerful but complex.

radare2 was created as a reverse engineering framework.

gdb(1), objdump(1), ida(1)