Ghidra vs RetDec
GitHub Stats
About Ghidra
Ghidra is a software reverse engineering (SRE) framework created and maintained by the National Security Agency Research Directorate. It includes a full-featured suite of high-end software analysis tools for analyzing compiled code across a variety of platforms. Capabilities include disassembly, assembly, decompilation, graphing, and scripting, along with hundreds of other features. Ghidra supports a wide range of processor instruction sets and executable formats, and users can extend it through plugins and scripts written in Java or Python.
About RetDec
RetDec is a retargetable machine-code decompiler based on LLVM, developed by Avast. It converts executable files (PE, ELF, COFF, Mach-O, Intel HEX, and raw binaries) back to high-level C code from x86, ARM, MIPS, PIC32, and PowerPC architectures. RetDec performs compiler and packer detection, static library signature matching, instruction idiom translation, type recovery, and control flow structuring to produce readable decompiled output. Unlike architecture-specific decompilers, RetDec's LLVM-based intermediate representation allows it to support multiple architectures with a single analysis pipeline. It includes both a command-line decompiler and an IDA Pro plugin, and can output C code with recovered variable names, types, and function signatures. RetDec is particularly useful for analyzing firmware, embedded systems, and malware targeting non-x86 architectures.
Platform Support
Tags
Shared
Ghidra only
RetDec only