angr vs Capstone
GitHub Stats
About angr
angr is a platform-agnostic binary analysis framework developed at UC Santa Barbara's Seclab. It combines both static and dynamic symbolic (concolic) analysis, providing a powerful Python API for analyzing compiled binaries without source code. angr can automatically explore execution paths through a binary, solve for inputs that reach specific code locations, recover control flow graphs, perform taint analysis, and identify vulnerabilities like buffer overflows and format string bugs. Its architecture is modular - SimOS provides OS abstraction, SimEngine handles execution, and the exploration strategies (DFS, BFS, coverage-optimized) guide analysis through the program state space. angr is widely used in academic research and CTF competitions, and forms the backbone of several automated vulnerability discovery tools.
About Capstone
Capstone is a lightweight, multi-platform, multi-architecture disassembly framework. It provides a clean, simple API to disassemble binary code into human-readable assembly for x86 (16/32/64-bit), ARM, ARM64, MIPS, PowerPC, SPARC, SystemZ, XCore, M68K, TMS320C64x, M680x, and EVM architectures. Capstone is the disassembly engine embedded in many major security tools including Ghidra, radare2/rizin, Cutter, Binary Ninja, and dozens of others. Its design emphasizes thread safety, zero external dependencies, and rich detail extraction - each disassembled instruction includes operand details, register access information, and instruction groups. Bindings are available for Python, Java, Go, Ruby, Rust, OCaml, and many other languages, making it the standard building block for custom disassembly and binary analysis tools.
Platform Support
Tags
angr only
Capstone only