The radare project aims to provide a complete unix-like toolchain for working with binary files. It currently provides a set of tools to work with x86, arm and java with some ones powerpc.
The core is a raw hexadecimal editor for commandline with scripting features and perl/python extensions that gets extended with IO plugins that hooks the open/ read/write/close/system calls.
The debugger and disassembler has a code analysis module for x86, mips, arm and java. This way it's possible to draw graphs using Cairo on a GTK window or store the flow execution of a program on a log file and use the information to diff't against another trace or binary.
The toolchain provides assemblers and disasemblers for x86, arm, mips (Loongson2F), sparc, CSR, m68k, powerpc, msil and java.
The disassembler has been enhaced to handle inline comments, code block detections and flag references (data pointers or so).
The debugger is mainly developed on linux and {Net|Free|Open}BSD on 32 and 64 bits on Intel x86 but it has support for linux-ARM, linux-MIPS, and Windows support is in mind too. Latest work on the debugger makes aims to make it work on MacOSX and Solaris/OpenSolaris for sparc, powerpc and intel.
But there are IO plugins for debugging windows and DOS applications via wine and dosemu. Initial gxemul support gives us the possibility to also debug ARM, MIPS, SPARC, .. binaries.
There are some internal commands to handle memory maps, mount a syscall proxy, inject code, patch data, dump user data sections, step-back, syscall tracing, hardware DRx register manipulation, conditional watchpoints with expressions, signalling manipulation, syscall injection and very early threading support..
Data structures can be parsed with hand-written C programs called as extensions from radare. So the hexadecimal editor comes with a set of views for different bases and print formats like URL-encoding, binary, octal, shellcode, C string-like, which is really useful for developing shellcodes.
Python, LUA and perl scripting facilities with an API to manage the core, the debugger, code analysis, tracing facilities, handle metadata, etc..
There's a minimal GUI frontend written in C that interacts directly with an VTE running radare. But I plan to write a new native frontend written in Vala.
Current development plugins are:
* ewf: EnCase (R) forensic disk images and more * malloc: anonymous memory buffers * mmap: mapping files on memory * shm: shared memory access * socket: socket stream access * winedbg: WineDebugger interface ( winedbg://./program.exe ) * haret: Remotely read WindowsCE memory ( haret://host:port ) * ptrace: Debugs or attach to a process ( dbg://file or pid://PID ) * sysproxy: Connects to a remote syscallproxy server * remote: TCP IO ( listen://:port or connect://host:port ) * gdb: Debugs or attach to a process using gdb (gdb://file, gdb://PID, gdb://host:port) * w32: posix to native w32 api io * posix: plain posix file access
The tools provided around the core are:
* radare: command line hexadecimal editor with IO plugin extensions * rabin: get info from ELF/MZ/PE/MACHO/CLASS files * rasc: shellcode generator and tester (outputs in raw, hexpairs or C) * rasm: in line assembler/disassembler for multiple archs * radiff: binary diffing utilities for raw files, binaries, data blocks, etc * xrefs: find crossed references on raw images for ppc, arm and x86 * hasher: calculate different algorithms over data blocks of a file or stream * rsc: command line helpers written in shellscript or perl * javasm: minimalistic java assembler/disassembler/classdumper * xc: cmdline multiple radix numeric conversor
