Rizin

Rizin serves as a comprehensive reverse engineering framework and command-line toolset. It enables users to analyze binaries, disassemble code, debug programs, perform forensics tasks, and edit files as a scriptable hexadecimal editor capable of handling disk files and more. The suite includes multiple specialized binaries for tasks like assembly, binary information extraction, diffing, pattern finding, hashing, and signature generation.

Use cases include malware analysis, vulnerability research, software debugging, and binary patching across various architectures. The tool supports multiple architectures and bit widths, making it versatile for different binary formats and platforms. Rizin is particularly valued for its command-line efficiency and extensibility through scripts and plugins.

The package ecosystem includes libraries (librizin0, librizin-common), development files (librizin-dev), and standalone tools like rz-asm, rz-bin, rz-diff, enhancing its utility in automated workflows and integration with other tools.

Rizin operates as a modular framework with a core command-line interface (rizin binary) that loads architecture-specific plugins for disassembly, analysis, and debugging. It performs static and dynamic analysis using commands like 'aaa' for recursive code analysis, supports PIE binaries with base address overrides, and integrates libraries for parsing formats like ELF, Mach-O, and PE. Subtools leverage Rizin core libraries for specialized tasks: rz-asm handles assembly/disassembly, rz-bin extracts metadata and debug info, rz-diff computes edit distances or fuzzy hashes, while environment variables like RZ_ARCH and RZ_ASM_BITS configure behavior across tools.