[server_bot]

Given Ghidra's [1] decompilation support, emulation (CPU via PCODE IR, not whole-system) support, headless analysis scripting API, and the active open-source contribution/issue community - I find it hard to justify other static RE tooling.

Any thoughts on why I would choose Rizin over Ghidra?

[1] https://ghidra-sre.org/

[jcranmer]

Well, I would say that the tool to really beat here is IDA Pro, with radare2 largely feeling like a poor man's attempt at IDA from my limited trials of it. In the past decade, Binary Ninja and Ghidra came out to also compete in this space, and the cutter project came out to give a sorely-needed GUI for radare2. Of the new tools, the only one I've tried is Ghidra.

Personally, were cost not an issue, I would just stick with IDA. However, IDA Pro is obscenely expensive, with the cheapest version "only" $365/yr and a full version costing into the tens of thousands, and it's not clear to me that the cost is worth it. I've had a lot of paper-cuts with Ghidra, but it still feels far better to me than radare2.

[tptacek]

OT: I thought I had an idea of what it is you do, but now it's clear I don't, and I'd love to hear more about why it is you've evaluated all the mainstream reversing tools. :)

[jcranmer]

Reverse engineering is mostly a side interest of mine, but I do have a bad habit of overestimating the complexity of the bugs I encounter and launch into reverse engineering software to figure out why it's not working properly.

I actually work on compilers, so training myself on reverse engineering isn't totally useless, especially since a lot of what I like is about the pattern recognition of more advanced compiler features. And if you're trying to retrofit high-level optimizations in a low-level backend, reverse engineering the high-level structures is exactly what you need.

[ActorNightly]

Radare (and Im guessing by extension Rizin) is terminal based. This means you can integrate it with custom tooling a lot easier than with Ghidra, which can be useful if you are doing RE with the aim of translation to a different arch or doing automated analysis.

Ghidra is a more all in one solution when you are doing more in depth vulnerability analysis. We used to use it back at my previous job when it was still proprietary and provided to subcontractors only to run in SCIFs, and it generally is better if you are looking for vulnerabilities.