a new update on r2hermes — decompiler outputs have been improved. they’re now more readable and look much cooler!

https://github.com/radareorg/r2hermes

sometimes i test some AI models and check the outputs for the same tasks. this is the damn socket design powered by claude opus 4.5.. no error handling, no thread-safe structure, fool recv()-send() implementation.

never give to AI full control.

r2hermes now supports Hermes footer hash verification! the pd:hi command displays hash information including source hash, footer hash, and validation status. Use the .(fix-hbc) macro to automatically add/fix the footer hash for binary patching - it handles both files with and without existing footers :)

Github:
https://github.com/radareorg/r2hermes

r2renef - Renef IO Plugin for Radare2 released!

Github: https://github.com/ahmeth4n/r2renef

I built a small radare2 IO plugin to combine radare2’s powerful binary analysis features with Renef’s Android runtime instrumentation.

This allows you to use static analysis (disasm, analysis) together with runtime capabilities like hooking, memory and module operations in a single workflow, without constant context switching.

The project is still early, but already useful in daily Android reverse-engineering tasks.

Feedback and contributions are always welcome, especially from those working with radare2, Android, or low-level instrumentation👌

I’ve been working on a small native hooking & mini-instrumentation framework called Renef — mainly to improve my C++ skills and experiment with building something from scratch. It’s designed to be lightweight, fast, and as quiet as possible during runtime.

Github link: https://github.com/ahmeth4n/renef
Documentation link: https://renef.io/

The project includes a custom Lua 5.4 scripting engine with onEnter/onLeave callbacks, eval/load support, and memory operations like pattern scanning, patching, and dumping — all directly from scripts.

Hooking is based on ARM64 inline hooking, with support for PLT/GOT hooks and trampolines. There’s also a simple generator (hookgen <symbol>) that creates ready-to-use Lua hook templates. (I put in a few small scripts too — like a quick Flutter SSL pinning bypass 🤐 )

It supports spawn / attach / watch modes, uses Unix Domain Sockets instead of TCP, avoids ptrace(), and works in a memory-only setup with session-based authentication.

There’s no Java ART or iOS hooking yet — it’s native-only for now. I’ll add more features over time (or maybe someone will contribute before I do).
This is a hobby project I’m building in my free time, so some parts may still be rough.

If you run into issues, feel free to open one on GitHub. 👌