radare

A commandline framework for reverse engineering ala *nix-style

• Chapter 1: Introduction
  • 1.1 History
  • 1.2 Overview
  • 1.3 Getting radare
  • 1.4 Compilation and portability
  • 1.5 Windows compilation
  • 1.6 Commandline flags
  • 1.7 Basic usage
  • 1.8 Command format
  • 1.9 Expressions
  • 1.10 Rax
  • 1.11 Basic debugger session
• Chapter 2: Configuration
  • 2.1 Colors
  • 2.2 Common configuration variables
• Chapter 3: Basic commands
  • 3.1 Seeking
  • 3.2 Block size
  • 3.3 Sections
  • 3.4 Mapping files
  • 3.5 Print modes
  • 3.6 Zoom
  • 3.7 Flags
  • 3.8 Write
  • 3.9 Undo/redo
  • 3.10 Yank/Paste
  • 3.11 Comparing bytes
  • 3.12 Comparing code
• Chapter 4: Visual mode
  • 4.1 Visual cursor
  • 4.2 Visual insert
  • 4.3 Visual xrefs
• Chapter 5: Searching bytes
  • 5.1 Basic searchs
  • 5.2 Configurating the searchs
  • 5.3 Pattern search
  • 5.4 Pattern search with distance
  • 5.5 Automatization
  • 5.6 Backward search
  • 5.7 Multiple keywords
  • 5.8 Binary masks
  • 5.9 Search using rules file
  • 5.10 Search in assembly
  • 5.11 Searching AES keys
• Chapter 6: Disassembling
  • 6.1 Adding metadata
  • 6.2 DWARF integration
• Chapter 7: Remoting capabilities
• Chapter 8: Projects
• Chapter 9: Plugins
  • 9.1 IO backend
  • 9.2 IO plugins
  • 9.3 Hack plugins
• Chapter 10: Scripting
  • 10.1 Radare scripts
  • 10.2 Boolean expressions
  • 10.3 Macros
  • 10.4 Language bindings
  • 10.5 LUA
  • 10.6 Python
  • 10.7 Ruby
• Chapter 11: Rabin
  • 11.1 File identification
  • 11.2 Entrypoint
  • 11.3 Imports
  • 11.4 Symbols (exports)
  • 11.5 Libraries
  • 11.6 Strings
  • 11.7 Program sections
• Chapter 12: Networking
  • 12.1 IO Sockets
  • 12.2 Radare remote
  • 12.3 radapy
  • 12.4 IO thru Syscall proxying
• Chapter 13: Rsc toolset
  • 13.1 asm/dasm
  • 13.2 idc2rdb
  • 13.3 gokolu
• Chapter 14: Rasm
  • 14.1 Assemble
  • 14.2 Disassemble
• Chapter 15: Rasc
  • 15.1 Shellcodes
  • 15.2 Paddings
  • 15.3 Syscall proxying
• Chapter 16: Analysis
  • 16.1 Code analysis
  • 16.2 Opcode traces
  • 16.3 Opcode emulation
  • 16.4 Data analysis
  • 16.5 Graphing code
  • 16.6 Bus sniffers
• Chapter 17: Gradare
• Chapter 18: Rahash
  • 18.1 Rahash tool
• Chapter 19: Binary diffing
  • 19.1 Diffing at byte-level
  • 19.2 Delta diffing
  • 19.3 Diffing code graphs
  • 19.4 Binary patch
• Chapter 20: Debugger
  • 20.1 Registers
  • 20.2 Memory
  • 20.3 Run control
  • 20.4 Debugger environment
  • 20.5 Program arguments
  • 20.6 Breakpoints
  • 20.7 Filedescriptors
  • 20.8 Events
• Chapter 21: Random stuff
  • 21.1 Debugging brainfuck
  • 21.2 Analyze serial protocols
  • 21.3 Debugging with bochs and python
• Chapter 22: Appendix
  • 22.1 Cheat Sheet
  • 22.2 IOLIs crackme tutorial
  • 22.3 pcme0 crackme
  • 22.4 forum: Interpreting C structures with spcc
  • 22.5 forum: rsc monitor usage
  • 22.6 forum: Scripting with lua
  • 22.7 forum: Scripting with lua (2)
  • 22.8 forum: Introduction to radare
  • 22.9 forum: Decompiling code with boomerang from radare
• Chapter 23: EOF
  • 23.1 Greetings