radare, the reverse engineering framework

History

The radare project [http://radare.org/] started in February of 2006 aiming to provide a free and simple command line interface for a hexadecimal editor supporting 64 bit offsets to make searches and recovering data from hard-disks.

Since then, the project has grown with the aim changed to provide a complete framework for analyzing binaries with some basic *NIX concepts in mind like ‘everything is a file‘, ‘small programs that interact together using stdin/out‘ or ‘keep it simple‘.

It‘s mostly a single-person project, but some contributions (in source, patches, ideas or species) have been made and are really appreciated.

The project is composed of a hexadecimal editor as the central point of the project with assembler/disassembler, code analysis, scripting features, analysis and graphs of code and data, easy unix integration, ...

Overview

Nowadays the project is composed of a set of small utilities that can be used together or independently from the command line:

radare2

The core of the hexadecimal editor and debugger. Allows to open any kind of file from different IO access like disk, network, kernel plugins, remote devices, debugged processes, ... and handle any of them as if they were a simple plain file.

Implements an advanced command line interface for moving around the file, analyzing data, disassembling, binary patching, data comparision, searching, replacing, scripting with Ruby, Python, Lua and Perl, ...

rabin2

Extracts information from executable binaries like ELF, PE, Java CLASS, MACH-O. It‘s used from the core to get exported symbols, imports, file information, xrefs, library dependencies, sections, ...

rasm2

Commandline assembler and disassembler for multiple architectures (intel[32,64], mips, arm, powerpc, java, msil, ...)

$ rasm2 -a java ‘nop‘

00

?

$ rasm2 -a x86 -d ‘90‘

nop

?

$ rasm2 -a x86 -b 32 ‘mov eax, 33‘

b821000000

?

$ echo ‘push eax;nop;nop‘ | rasm2 -f -

5090

rahash2

Implementation of a block-based rahash for small text strings or large disks, supporting multiple algorithms like md4, md5, crc16, crc32, sha1, sha256, sha384, sha512, par, xor, xorpair, mod255, hamdist or entropy.

It can be used to check the integrity of or track changes between big files, memory dumps or disks.

radiff2

Binary diffing utility implementing multiple algorithms. Supports byte-level or delta diffing for binary files and code-analysis diffing to find changes in basic code blocks from radare code analysis or IDA ones using the idc2rdb rsc script.

rafind2

rafind2 is a program to find byte patterns in files

ragg2

Ragg2 is a frontend for r_egg. It‘s used to compile programs into tiny binaries for x86-32/64 and ARM.

rarun2

Rarun2 is used as a launcher for running programs with different environment, arguments, permissions, directories and overridden default file descriptors. It can be useful for :

  • Crackme
  • Fuzzing
  • Test suite

SRC=http://maijin.github.io/radare2book/

时间: 2024-10-06 14:30:03

radare, the reverse engineering framework的相关文章

当用hibernate reverse engineering而无法选择java src folder时的解决方法

当用hibernate reverse engineering而无法选择java src folder时的解决办法 要么是该工程已经支持了hibernate特性,而.project文件中没有添加该特性的说明,要么就是该工程没有添加hibernate特性. 我用的是MyEclipse5.5.1的开发工具,没有采用MyEclipse的Hibernate工具去自动生成实体类,而是手工自己编写hibernater的配置文件.只可惜当采用Hibernate Reverse Engineering去生成实体

myeclipse hibernate reverse engineering选择不到指定的工程

我 用的是MyEclipse8.5的开发工具,没有采用MyEclipse的Hibernate工具去自动生成实体类,而是手工自己编写 hibernater的配置文件.只可惜当采用Hibernate Reverse Engineering去生成实体类的时候发生了错误. 选择JAVA src Folder后的Browse按钮后弹出一个灰色的对话框.如下图所示: 于 是我做了一个DEMO然后采用myeclipse工具自动去添加hibernate包,经过仔细的对比发现在.project这个文件有问题,在最

MyEclipse Hibernate Reverse Engineering 找不到项目错误

解决办法:在项目下找到.project文件,在最后的natures标签加入下面红色的一行代码. <natures>        <nature>com.genuitec.eclipse.hibernate.hibernatenature</nature>         <nature>org.eclipse.jdt.core.javanature</nature> </natures>

Python:渗透测试开源项目

Python:渗透测试开源项目[源码值得精读] sql注入工具:sqlmap DNS安全监测:DNSRecon 暴力破解测试工具:patator XSS漏洞利用工具:XSSer Web服务器压力测试工具:HULK SSL安全扫描器:SSLyze 网络 Scapy: send, sniff and dissect and forge network packets. Usable interactively or as a library pypcap, Pcapy and pylibpcap:

Python:渗透测试开源项目【源码值得精读】

sql注入工具:sqlmap DNS安全监测:DNSRecon 暴力破解测试工具:patator XSS漏洞利用工具:XSSer Web服务器压力测试工具:HULK SSL安全扫描器:SSLyze 网络 Scapy: send, sniff and dissect and forge network packets. Usable interactively or as a library pypcap, Pcapy and pylibpcap: several different Python

Entity Framework版本历史概览

EF版本 .net framework和IDE版本 主要功能 EF(or EF3.5) Visual Studio 2008 SP1 (.NET 3.5 SP1) 基本的O/R映射支持,使用DB First开发模式 EF 4 Visual Studio 2010 (.NET 4.0) 支持POCO实体 延迟加载 提高单元测试能力 自定义的代码生成机制 支持Model First开发模式 EF 4.1 NuGet 提供简化的DbContext接口 支持Code First开发模式 EF 4.1.1

Entity Framework Code First ---EF Power Tool MySql

关于如何使用EF Power Tool的介绍请看 http://www.cnblogs.com/LingzhiSun/archive/2011/05/24/EFPowerTool_1.html, 这里不再啰嗦. MySql里有个默认的范例数据库 world, 里面有三个表, 下载Entity Framework Power Tools 安装包, 现在已经是Beta3版本,http://visualstudiogallery.msdn.microsoft.com/72a60b14-1581-4b9

【Entity Framework系列】Overview - 版本历史概览

EF版本 .net framework和IDE版本 主要功能 EF(or EF3.5) Visual Studio 2008 SP1 (.NET 3.5 SP1) 基本的O/R映射支持,使用DB First开发模式 EF 4 Visual Studio 2010 (.NET 4.0) 支持POCO实体 延迟加载 提高单元测试能力 自定义的代码生成机制 支持Model First开发模式 EF 4.1 NuGet 提供简化的DbContext接口 支持Code First开发模式 EF 4.1.1

基于Entity Framework的自定义分页,增删改的通用实现

简介 之前写个一个基于Dapper的分页实现,现在再来写一个基于Entity Framework的分页实现,以及增删改的通用实现. 代码 还是先上代码:https://github.com/jinweijie/EF.GenericRepository 如何运行示例 还是像先前一样: 1. 先Clone下代码,在Database里面解压缩Database.7z 2. Attach到Sql Server LocalDB上.如果你用的不是Sql Server的LocalDB,你需要更改App.Conf