angr vs RetDec
GitHub Stats
About angr
angr is a platform-agnostic binary analysis framework developed at UC Santa Barbara's Seclab. It combines both static and dynamic symbolic (concolic) analysis, providing a powerful Python API for analyzing compiled binaries without source code. angr can automatically explore execution paths through a binary, solve for inputs that reach specific code locations, recover control flow graphs, perform taint analysis, and identify vulnerabilities like buffer overflows and format string bugs. Its architecture is modular - SimOS provides OS abstraction, SimEngine handles execution, and the exploration strategies (DFS, BFS, coverage-optimized) guide analysis through the program state space. angr is widely used in academic research and CTF competitions, and forms the backbone of several automated vulnerability discovery tools.
About RetDec
RetDec is a retargetable machine-code decompiler based on LLVM, developed by Avast. It converts executable files (PE, ELF, COFF, Mach-O, Intel HEX, and raw binaries) back to high-level C code from x86, ARM, MIPS, PIC32, and PowerPC architectures. RetDec performs compiler and packer detection, static library signature matching, instruction idiom translation, type recovery, and control flow structuring to produce readable decompiled output. Unlike architecture-specific decompilers, RetDec's LLVM-based intermediate representation allows it to support multiple architectures with a single analysis pipeline. It includes both a command-line decompiler and an IDA Pro plugin, and can output C code with recovered variable names, types, and function signatures. RetDec is particularly useful for analyzing firmware, embedded systems, and malware targeting non-x86 architectures.
Platform Support
Tags
angr only
RetDec only