Angr

Features

Symbolic Execution Engines - Uses a symbolic execution engine to explore program paths and determine conditions required to reach specific states.
Binary Analysis Frameworks - Provides a comprehensive environment for disassembling, decompiling, and analyzing compiled software binaries.
Static Analysis Tools - Provides a framework for examining compiled binaries without execution to determine program structure and behavior.
Decompilers - Translates compiled binary machine code back into higher-level representations for reverse engineering.
Reverse Engineering Tools - Analyzes the internal logic and structure of compiled applications to understand behavior without source code.
Cross-Architecture Binary Analysis - Enables analysis of binaries across different CPU architectures by lifting code to an intermediate representation.
Intermediate Representation Lifting - Translates machine code from various architectures into a common intermediate representation to enable unified analysis.
Static Binary Analysis - Performs static analysis on compiled binaries to determine intended behavior and internal structure without execution.
Processor Emulators - Simulates target processors and memory environments to execute guest code without host hardware dependency.
Binary Lifting - Translates machine code from various architectures into a common intermediate representation for unified analysis.
Constraint Satisfaction Solvers - Integrates constraint satisfaction solvers to determine the reachability of specific program execution paths.
Control Flow Analysis Tools - Provides utilities to reconstruct logical execution paths and branching structures from binary code.
Control-Flow Graph Generation - Automates the generation of control-flow graphs by mapping jumps and branches between basic blocks in binaries.
Value Set Analysis - Estimates the possible range of values for registers and memory locations at various program points.
Binary Instrumentation - Injects custom hooks into binaries to monitor internal states and modify behavior during analysis.
Code Sandboxing Environments - Executes guest code within secure isolated environments to prevent unauthorized manipulation of the host system during analysis.
Vulnerability Research - Identifies security flaws in binaries by tracing data dependencies and exploring execution paths.
Taint Analysis Engines - Implements taint analysis engines to track the propagation of symbolic inputs through program data flows.
Data Dependency Analysis - Identifies data dependencies to determine how specific inputs influence program outputs and internal behaviors.
Binary Analysis - Framework for binary analysis and symbolic execution.
Binary Analysis Frameworks - Platform-agnostic binary analysis framework.
Development Libraries - Python-based suite for binary analysis and symbolic execution.
Binary Analysis - Framework for binary analysis and symbolic execution.
Reverse Engineering - Platform-agnostic binary analysis framework.
Reverse Engineering Tools - Framework for binary analysis, symbolic execution, and vulnerability research.
Security and Vulnerability Scanning - Binary analysis framework supporting symbolic execution.

Open-source alternatives to Angr

Similar open-source projects, ranked by how many features they share with Angr.

avast/retdec
avast/retdec
8,556View on GitHub
RetDec is a reverse engineering framework and static binary analysis tool. Its primary purpose is to function as an LLVM-based machine code decompiler that translates binary machine code from multiple architectures into high-level C source code. The system employs a multi-stage lifting pipeline to recover program logic, using an intermediate representation to apply optimizations before emitting source code. It distinguishes itself through the ability to identify compilers and packers, perform executable unpacking, and reconstruct class hierarchies and original program structures. The framewo
C++
View on GitHub8,556
avast-tl/retdec
avast-tl/retdec
8,556View on GitHub
Retdec is an LLVM-based machine code decompiler and static binary analysis tool designed for binary reverse engineering. It translates binary executable code into high-level representations to facilitate the reconstruction of program logic from compiled machine code. The system utilizes a retargetable frontend architecture and a multi-stage lifting pipeline to convert raw bytes into a common intermediate language. It differentiates custom program logic from known library code through signature-based identification and provides utilities for binary symbol demangling to restore human-readable n
C++
View on GitHub8,556
radare/radare2
radare/radare2
24,129View on GitHub
radare2 is a reverse engineering framework and binary analysis toolset. It functions as a multi-architecture disassembler, low-level binary debugger, and hexadecimal editor for inspecting executable structures and interpreting machine code when original source files are unavailable. The framework provides capabilities for decompiling machine instructions, performing symbolic analysis, and diffing binary files to identify structural changes across versions. It also includes a digital forensic analyzer and disk analyzer for browsing filesystem formats in userland. The toolset supports binary p
C
View on GitHub24,129
pwndbg/pwndbg
pwndbg/pwndbg
10,051View on GitHub
pwndbg is a GDB plugin and binary analysis framework designed for reverse engineering, exploit development, and low-level program analysis. It extends the core functionality of the debugger to provide advanced memory inspection and automation tools. The project distinguishes itself with specialized capabilities for heap analysis across glibc, jemalloc, and musl, as well as a comprehensive kernel debugging toolkit for inspecting Linux kernel tasks and slab allocators. It includes an integrated ROP gadget searcher for constructing exploit chains and an LLM-powered debugging assistant that provi
Pythonbinary-ninjacapture-the-flagctf
View on GitHub10,051

See all 30 alternatives to Angr

angrangr

Features

Open-source alternatives to Angr

avast/retdec

avast-tl/retdec

radare/radare2

pwndbg/pwndbg

Star history

Open-source alternatives to Angr

avast/retdec

avast-tl/retdec

radare/radare2

pwndbg/pwndbg