ENNAENNA

FLARE FLOSS vs Radare2

FLARE FLOSS

๐Ÿงฌ Reverse Engineering ยท Python

Radare2

๐Ÿ”ฌ Digital Forensics ยท C

GitHub Stats

4.0k
Stars
23.5k
526
Forks
3.2k
119
Issues
809
4d ago
Updated
today
Apache-2.0
License
-
Python
Language
C

About FLARE FLOSS

FLARE FLOSS (FireEye Labs Obfuscated String Solver) automatically extracts obfuscated strings from malware binaries. While the standard 'strings' utility only finds plaintext, FLOSS uses advanced static analysis techniques to identify string decoding routines, emulates them, and recovers the decoded strings. It handles XOR encoding, stack strings (built character-by-character), tight strings (short encoded sequences), and custom decryption routines. FLOSS integrates with FLARE's analysis toolkit and produces output compatible with YARA rule generation. It dramatically reduces manual reverse engineering time for string-heavy malware analysis.

About Radare2

Radare2 is a portable reverse engineering framework that integrates disassembly, debugging, analysis, patching, and scripting capabilities in a single command-line interface. Known for its extensibility and modularity, it supports a wide range of binary formats and architectures. Written in C, Radare2 is a preferred tool among security researchers and reverse engineers for its powerful analysis features and cross-platform compatibility.

Platform Support

๐Ÿงlinux๐ŸŽmacos๐ŸชŸwindows
๐Ÿงlinux๐ŸŽmacos๐ŸชŸwindows

Tags

FLARE FLOSS only

string-extractionmalware-analysisdeobfuscationmandiantstatic-analysis

Radare2 only

reverse-engineeringdisassemblerdebuggerscripting
View FLARE FLOSS DetailsView Radare2 Details