R0 CREW

Links (radare_en)

http://blog.techorganic.com/2016/03/08/radare-2-in-0x1e-minutes/

Malfunction - set of tools for cataloging and comparing malware at a function level. Uses @radareorg for finding function locations
https://github.com/Dynetics/Malfunction

kextd_patcher
https://github.com/Tyilo/kextd_patcher

r2-ropstats
https://github.com/shaded-enmity/r2-ropstats

Graphical ROP chain builder using radare2 and r2pipe
https://github.com/jpenalbae/rarop

Extract functions and opcodes with radare2 (for malware analysis)
https://github.com/andrewaeva/strange-functions

  • mipstring.py
    r2pipe script to add data reference to strings and corresponding comments in disassembly, targeted for MIPS arch.
  • esilstring.py
    r2pipe script which uses ESIL emulation to add non-obvious data reference to strings and corresponding comments in disassembly, targeted for MIPS arch - but potentially plaform independent.
  • BPF architecture
    Plugin to support Berkeley Packet Filter as a radare2 architecture, with full ESIL emulation.
    https://github.com/mrmacete/r2scripts

Reversing crackme and introduction to Radare2 (on Spanish)
https://www.youtube.com/watch?v=ZufH1WwNR8k

Radare2 of the Lost Magic Gadget
https://0xabe.io/howto/exploit/2016/03/30/Radare2-of-the-Lost-Magic-Gadget.html

NuitDuhack - Matriochka+Invest
https://blog.0x80.org/nuitduhack-matriochka-writeup/

BREAKING CERBER STRINGS OBFUSCATION WITH PYTHON AND RADARE2
http://aassfxxx.infos.st/article26/breaking-cerber-strings-obfuscation-with-python-and-radare2

https://unlogic.co.uk/2016/04/27/binary-bomb-with-radare2-phase-3/

The BIG big endian patch
http://radare.today/posts/big-big-endian/

Improving analysis
http://radare.today/posts/Improving-analysis/

Rasm2net!

binaries: https://github.com/radare/radare2-bindings/releases/download/0.10.2/rasm2net.zip (requires latest r2 and mono/.net)
source: https://github.com/radare/radare2-bindings/blob/master/r2pipe/dotnet/FormExample/rasm2net.cs

Writing a Malware Config Parser Using Radare2 and Ruby
http://www.morphick.com/blog/2016/1/6/writing-a-malware-config-parser-using-radare2-and-ruby

Writing my first shellcode - iptables -P INPUT ACCEPT
https://0day.work/writing-my-first-shellcode-iptables-p-input-accept/

r2m2 - radare2 + miasm2 = :heart:
https://transfer.sh/bNv74/r2m2-sstic2016.pdf

Reversing and Exploiting Embedded Devices: The Software Stack (Part 1)
https://www.praetorian.com/blog/reversing-and-exploiting-embedded-devices-part-1-the-software-stack

An attempt at covering some of radare2’s capabilities of reversing, exploitation and others as well through practical examples
https://www.gitbook.com/book/monosource/radare2-explorations/details

Disassembling 6502 code with Radare – Part II
http://retro.moe/2015/12/09/disassem…adare-part-ii/

RADARE2 REDUX: SINGLE-STEP DEBUG A 64-BIT EXECUTABLE AND SHARED OBJECT.

http://davidjwalling.blogspot.ru/2016/10/radare2-redux-single-step-debug-64-bit.html

Reversing the FBI malware’s payload with radare2
https://www.reddit.com/r/ReverseEngi…hellcode_with/
http://pastebin.com/aFUP2gLB

Hackover CTF 2016 - tiny_backdoor writeup
http://karabut.com/hackover-ctf-2016-tiny_backdoor-writeup.html

Getting started with Radare2
http://blog.dutchcoders.io/getting-started-with-radare2/