Getting Started Guide

How to Install and Use Radare2

This guide covers installing Radare2 and using it for binary analysis, disassembly, and reverse engineering from the command line.

Prerequisites

-Linux, macOS, or Windows
-A binary to analyze

Official Documentation

Install Radare2

Install r2 from package manager or build from source for the latest version.

macOS

brew install radare2

Debian/Ubuntu

sudo apt install radare2

Verify

r2 -v

Open and Analyze a Binary

Open a binary in r2 and run analysis to identify functions, strings, and cross-references.

Open binary

r2 ./binary

Run full analysis

aaa

List functions

afl

List strings

iz

Note: The 'aaa' command runs all analysis passes. It takes a moment but gives you the most complete picture. 'afl' lists all identified functions with their sizes.

Navigate and Disassemble

Move through the binary and view disassembly.

Seek to main

s main

Print disassembly

pdf

Seek to address

s 0x00401000

Visual mode

VV

Note: VV enters visual graph mode showing control flow. Press 'p' to cycle through views, 'q' to quit visual mode. Visual mode is much easier to navigate than raw commands.

Search for Patterns

Search for strings, bytes, and code patterns in the binary.

Search string

/ password

Search hex bytes

/x 9090909090

Cross-references to current function

axt @@ fcn.*

Useful Commands Cheatsheet

Essential r2 commands for everyday use.

Quick reference

# aaa - analyze all
# afl - list functions
# pdf - print disassembly of function
# iz - list strings
# VV - visual graph mode
# s addr - seek to address
# / string - search for string
# axt addr - cross-references to address
# px 64 - print 64 bytes hex dump
# ? - help for any command prefix

Note: Radare2 has a steep learning curve but is incredibly powerful once you learn the commands. Every command can be followed by '?' for help (e.g., 'a?' shows all analysis commands).

Back to Radare2 Full Documentation