r2

View documentation for the original command

$ tldr radare2

r2 [options] [file]
The [file] argument specifies the binary, device, or remote target to open. If omitted, r2 typically starts in an empty project or a default environment, ready to receive commands.

-A
    Automatically analyze all referenced functions, code blocks, and data structures upon loading the file.

-d
    Start in debug mode, allowing attachment to a running process, opening a core dump, or launching a new process for debugging.

-w
    Open the specified file in write mode, enabling modifications to the binary directly.

-q
    Run in quiet mode, suppressing startup banners, introductory messages, and non-essential output.

-i file
    Execute radare2 commands from the specified script file immediately after loading the target.

-e k=v
    Set a configuration variable k to value v before the main prompt is displayed or analysis begins.

-c cmd
    Run a specific radare2 command cmd right after loading the file, before entering the interactive shell.

-p plugin
    Load an external plugin by its name, enhancing functionality or adding support for specific formats/architectures.

-l lib
    Load a shared library or a plugin file directly by its path.

-a arch
    Force analysis and disassembly for a specific CPU architecture, overriding auto-detection if necessary.

-v
    Display the version information of radare2 and exit.

-h
    Show the help message, listing common options and basic usage, and exit.

r2, also known as radare2, is a comprehensive open-source framework designed for reverse engineering and binary analysis. It provides a powerful suite of tools that facilitate deep inspection, disassembly, debugging, and exploitation of executable files.

Highly modular and extensible, radare2 supports a vast array of CPU architectures (e.g., x86, ARM, MIPS, PowerPC) and file formats (e.g., ELF, PE, Mach-O). It's widely used for tasks such as malware analysis, vulnerability research, exploit development, and software auditing. Its unique command-line interface enables powerful scripting and automation, making it a preferred tool among security professionals and researchers. Despite its command-line nature, r2 offers robust data visualization, graph analysis, and interactive debugging capabilities, proving to be a versatile solution for understanding complex binaries.

r2 has a steep learning curve due to its extensive command set and a design philosophy that prioritizes command-line interaction, which can be daunting for newcomers. While powerful, it can be resource-intensive for very large binaries, especially during deep analysis. Its active development cycle means that syntax and features may occasionally change between versions.

r2 provides a powerful and flexible interactive shell where users can execute commands to analyze, debug, and manipulate binaries. This shell features advanced capabilities such as autocompletion, command history, and a highly customizable prompt.

The framework is highly scriptable, supporting various programming languages (e.g., Python, Go, Node.js) through official bindings. This allows users to automate complex analysis tasks, integrate r2 into custom workflows, and extend its functionality programmatically.

radare2 boasts a robust plugin architecture, enabling developers to create custom tools, file format loaders, disassemblers, analyzers, and debuggers. This design ensures that the framework can be adapted to new architectures, file types, and analysis methodologies.

Beyond its command-line interface, r2 includes several visual modes, accessible via the `V` command. These modes offer a more interactive and graphical experience for tasks like viewing disassembly, hex dumps, call graphs, and debugging registers.

radare2 was initially conceived by Sergi 'pancake' Alvarez in 2006 as a simple command-line hexadecimal editor named 'radare'. Over the years, it gradually evolved into a sophisticated, multi-purpose reverse engineering framework, incorporating features like disassembly, debugging, and advanced analysis. Its development has been largely community-driven, emphasizing extensibility, cross-platform compatibility, and a Unix-like philosophy where every function is accessible via a simple command, promoting scripting and automation. It gained significant traction for being a powerful open-source alternative to commercial tools.

gdb(1): GNU Debugger, objdump(1): Display information from object files, readelf(1): Display information about ELF files, strings(1): Find printable strings in files, ida(1): IDA Pro disassembler and debugger (commercial)