Rizin – open-source Reverse Engineering framework forked from radare2
rizin.reSeems to be a fork of radare2 that is not based on a technical critique, but more emotional one. Stress and a CoC seem to be the main reasons. And they want "to focus more on stability" instead of features. Personally I never had stability problems with radars (although I had problems loading some more complex/large binaries). Smells to me like a fork for some reason or the other, but not technical. I will leave a comment that pancake made here because I couldn't agree more
> not going to feed the flame, we had some different views and personal conflicts. so i guess it's better to avoid fighting each other and be constructive building whatever they want
What seems to be the issue with radare2 that makes a fork necessary? I love cutter and r2? But I’m not in the community enough to know about any beef. Does anyone have a summary?
as a regular r2 user this makes me sad. I hope development stays in one place just like in the case of other coc forks like glimpse
Given Ghidra's [1] decompilation support, emulation (CPU via PCODE IR, not whole-system) support, headless analysis scripting API, and the active open-source contribution/issue community - I find it hard to justify other static RE tooling.
Any thoughts on why I would choose Rizin over Ghidra?
Well, I would say that the tool to really beat here is IDA Pro, with radare2 largely feeling like a poor man's attempt at IDA from my limited trials of it. In the past decade, Binary Ninja and Ghidra came out to also compete in this space, and the cutter project came out to give a sorely-needed GUI for radare2. Of the new tools, the only one I've tried is Ghidra.
Personally, were cost not an issue, I would just stick with IDA. However, IDA Pro is obscenely expensive, with the cheapest version "only" $365/yr and a full version costing into the tens of thousands, and it's not clear to me that the cost is worth it. I've had a lot of paper-cuts with Ghidra, but it still feels far better to me than radare2.
OT: I thought I had an idea of what it is you do, but now it's clear I don't, and I'd love to hear more about why it is you've evaluated all the mainstream reversing tools. :)
Reverse engineering is mostly a side interest of mine, but I do have a bad habit of overestimating the complexity of the bugs I encounter and launch into reverse engineering software to figure out why it's not working properly.
I actually work on compilers, so training myself on reverse engineering isn't totally useless, especially since a lot of what I like is about the pattern recognition of more advanced compiler features. And if you're trying to retrofit high-level optimizations in a low-level backend, reverse engineering the high-level structures is exactly what you need.
Radare (and Im guessing by extension Rizin) is terminal based. This means you can integrate it with custom tooling a lot easier than with Ghidra, which can be useful if you are doing RE with the aim of translation to a different arch or doing automated analysis.
Ghidra is a more all in one solution when you are doing more in depth vulnerability analysis. We used to use it back at my previous job when it was still proprietary and provided to subcontractors only to run in SCIFs, and it generally is better if you are looking for vulnerabilities.
Can anyone recommend a good post about why it's so hard to name things?