explaingit

radareorg/radare2

Analysis updated 2026-06-21

23,612CAudience · researcherComplexity · 4/5Setup · moderate

TLDR

A free open-source reverse engineering toolkit for analyzing compiled programs at the binary level, disassemble machine code, debug running processes, and inspect memory across dozens of CPU architectures without source code.

Mindmap

mindmap
  root((repo))
    What it does
      Disassembly
      Debugging
      Binary patching
    Supported targets
      x86 and ARM
      MIPS and RISC-V
      Dozens more
    Use cases
      Security research
      Malware analysis
      CTF competitions
    Interfaces
      Command line
      Scripting via r2pipe
      Optional GUI iaito
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Disassemble an unknown binary to understand what a program does without access to its source code.

USE CASE 2

Analyze malware or suspicious software to identify what functions it calls and what data it reads or writes.

USE CASE 3

Compete in CTF security challenges using the debugger and analysis tools to find hidden flags in binary executables.

USE CASE 4

Inspect and patch bytes in any executable file or raw memory dump to study a program's internal behavior.

What is it built with?

C

How does it compare?

radareorg/radare2lvgl/lvglxiaojieonly/ehviewer_cn_sxj
Stars23,61223,47323,863
LanguageCCC
Setup difficultymoderatehardmoderate
Complexity4/54/53/5
Audienceresearcherdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 1h+

The command-line interface has a steep learning curve, the optional iaito GUI reduces friction but requires a separate install.

In plain English

Radare2 is a free, open-source reverse engineering framework and collection of command-line tools. Reverse engineering, in this context, means taking a compiled program, which is in binary machine code that humans cannot directly read, and analyzing it to understand what it does. This is used in security research, malware analysis, vulnerability discovery, and software forensics. Radare2 provides a disassembler (which converts machine code back into human-readable assembly language), a debugger (for stepping through a running program), a hex editor (for viewing and modifying raw binary data), and many analysis tools. You can open any executable file, or even raw memory from a running process, and inspect its structure, find functions, trace execution, search for patterns, and modify bytes in place. It supports an enormous range of CPU architectures (x86, ARM, MIPS, RISC-V, and dozens more) and runs on nearly every operating system including Linux, macOS, Windows, Android, and several BSDs. A plugin system extends its capabilities with decompilers, AI-assisted analysis, and integration with other tools. Scripting is supported from multiple programming languages via the r2pipe interface. You would use Radare2 when you need to analyze software at the binary level without source code access, for security auditing, CTF competitions, malware investigation, or understanding how a piece of software actually works internally. It is primarily a command-line tool written in C, with an optional graphical interface called iaito.

Copy-paste prompts

Prompt 1
I have a suspicious binary I want to analyze with Radare2. Walk me through the basic commands to open it, list all functions, and disassemble the main function.
Prompt 2
I'm doing a CTF challenge with a Linux ELF binary. How do I use Radare2 to set breakpoints, step through execution, and inspect register values?
Prompt 3
I want to search for a specific byte pattern inside a binary using Radare2. Show me the search command syntax and how to interpret the output.
Prompt 4
Explain what a disassembler does and why Radare2 supports so many CPU architectures, what's the difference between analyzing ARM firmware vs an x86 desktop app?

Frequently asked questions

What is radare2?

A free open-source reverse engineering toolkit for analyzing compiled programs at the binary level, disassemble machine code, debug running processes, and inspect memory across dozens of CPU architectures without source code.

What language is radare2 written in?

Mainly C. The stack also includes C.

How hard is radare2 to set up?

Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.

Who is radare2 for?

Mainly researcher.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Scan in gitsafehub Deploy in gitdeployhub radareorg on gitmyhub

Verify against the repo before relying on details.