angr vs Rizin
GitHub Stats
About angr
angr is a platform-agnostic binary analysis framework developed at UC Santa Barbara's Seclab. It combines both static and dynamic symbolic (concolic) analysis, providing a powerful Python API for analyzing compiled binaries without source code. angr can automatically explore execution paths through a binary, solve for inputs that reach specific code locations, recover control flow graphs, perform taint analysis, and identify vulnerabilities like buffer overflows and format string bugs. Its architecture is modular - SimOS provides OS abstraction, SimEngine handles execution, and the exploration strategies (DFS, BFS, coverage-optimized) guide analysis through the program state space. angr is widely used in academic research and CTF competitions, and forms the backbone of several automated vulnerability discovery tools.
About Rizin
Rizin is a free and open-source reverse engineering framework, forked from radare2 with a focus on usability, stability, and a cleaner API. It provides a complete binary analysis toolkit including disassembly, debugging, emulation, binary patching, and scripting across dozens of architectures and file formats. Rizin addresses many of radare2's historical pain points - inconsistent command naming, unstable APIs, and steep learning curve - while maintaining the powerful capabilities that made radare2 popular. The Cutter GUI, originally an r2 frontend, is now the official Rizin GUI, providing a modern graphical interface for reverse engineering workflows. Rizin supports x86, ARM, MIPS, RISC-V, PowerPC, and many other architectures, with plugins for additional formats and analysis capabilities.
Platform Support
Tags
angr only
Rizin only