Relyze Review
VisitInteractive software analysis and reverse engineering platform
Relyze is a reverse engineering and binary analysis tool for security researchers and malware analysts.
AI Panel Score
7.5/10
6 AI reviews
Reviewed
Interactive software analysis and reverse engineering platform
Relyze is a reverse engineering and binary analysis tool for security researchers and malware analysts.
AI Panel Score
6 AI reviews
Reviewed
Relyze is a comprehensive reverse engineering platform designed for security researchers, malware analysts, and software engineers who need to examine and understand binary executable files. The software provides interactive analysis capabilities that allow users to disassemble, debug, and analyze various file formats including PE, ELF, and other executable types.
The platform features advanced disassembly engines, interactive graphical interfaces, and debugging capabilities that enable detailed examination of software behavior. Users can analyze malware samples, investigate security vulnerabilities, understand software functionality, and conduct forensic analysis of executable files. Relyze supports multiple processor architectures and file formats commonly encountered in security research.
The tool is positioned as a professional-grade solution for organizations and individuals involved in cybersecurity, malware research, software security assessment, and digital forensics. It competes with other reverse engineering tools by offering an integrated environment that combines multiple analysis techniques in a single platform.
Relyze targets security professionals working in threat intelligence, incident response, malware analysis, and vulnerability research. The platform aims to streamline the reverse engineering workflow by providing comprehensive analysis capabilities alongside visualization and reporting features that support detailed technical investigations.
Performs differential analysis against two binaries to explore their similarities and differences, useful for auditing patches or version changes.
Automatically reconstructs control flow graphs, resolves indirect calls, generates references, and discovers stack variables during analysis.
Provides a GUI plugin to manually query and apply static library packages against all non-library functions, aiding in function identification.
Supports performing analysis on multiple binaries in parallel and saving results to the Relyze library, enabling automated large-scale batch processing.
Visualizes relationships between code and data through interactive control flow, call, and reference graphs for intuitive binary navigation.
Disassembles native code binaries across x86, x64, ARM32, and ARM64 architectures to expose low-level instruction details.
Converts low-level native code into high-level pseudo code, enabling analysts to quickly understand program behavior without reading raw assembly.
Provides extensive coverage for both Portable Executable (PE) and Executable and Linking Format (ELF) binaries, including rich meta data for analysis.
Supports loading symbol formats such as PDB, embedded COFF, STAB, TDS, and MAP files to enrich and contextualize binary analysis.
Provides a rich Ruby plugin framework that allows users to write and load their own plugins to extend and automate Relyze's analysis capabilities.
Includes a built-in plugin to import or export x64dbg databases, including bookmarks, comments, and labels, bridging static and dynamic analysis workflows.
Generates an IMPHASH for PE files and can search the current library for archives with matching hashes, supporting malware triage and attribution.
Relyze is available free of charge for all users. It is a desktop reverse engineering and analysis tool for x86, x64, ARM32, and ARM64 native code software.
Relyze is a credible reverse engineering tool, but it is a tiny vendor in a crowded field.
“Relyze gives malware and security teams a real disassembler and decompiler, free for non-commercial use. The catch is vendor scale: Relyze Software Limited is a small UK shop competing against free Ghidra and entrenched IDA Pro.”
Reverse engineering teams already standardize on IDA Pro or free Ghidra. Relyze is the third name most analysts have heard but few have made the house tool, so adopting it is a deliberate choice you will have to explain.
The product itself holds up. Founded in 2015, Relyze ships a Native Code Decompiler across x86, x64, ARM32 and ARM64, plus Binary Diff for auditing patches and a Ruby plugin framework for automation. The x64dbg Database Integration is a genuinely useful bridge between static and dynamic analysis. Standard is free for non-commercial work, with commercial licensing by contact only.
Two concerns. It is Windows-only, and the vendor is small enough that runway is unknowable from public data. Pilot it with two analysts for one quarter, but do not retire your Ghidra workflow until the commercial quote and support terms are on paper.
Few peers standardize on Relyze, so it advances coverage rather than market position.
A lesser-known tool next to IDA Pro and Ghidra needs justification, but the product is credible.
Free Standard tier and a Quick Start guide let analysts evaluate it within a day.
Adds a capable decompiler and Binary Diff to a security team without replacing core tooling.
Relyze Software Limited has shipped since 2015 but is a small UK vendor with no public funding data.
Security teams who want a polished decompiler alongside Ghidra.
Analysts who need Linux or macOS desktop support.
Relyze is a focused, well-built Windows reverse engineering desktop, but its ecosystem is thin next to Ghidra.
“Relyze pairs a genuine multi-architecture decompiler with a Ruby plugin layer in one focused desktop tool. For a security lead picking a reverse engineering substrate, the call is craft depth versus a much smaller community.”
A reverse engineering team picking a desktop analyzer is choosing a substrate it will annotate against for years, and Relyze's Native Code Decompiler covering x86, x64, ARM32 and ARM64 in one engine is real craft, not a checklist. Control Flow Graph Reconstruction resolves indirect calls and discovers stack variables automatically — depth that signals engineers who have shipped serious tooling.
The architecture is honest about its scope. Built in C++Builder with a Ruby Plugin Framework, Relyze Software Limited has shipped this since 2015, and the Standard tier being free for non-commercial use makes evaluation costless. x64dbg Database Integration bridges static and dynamic workflows cleanly.
But the catch is reach. It is Windows-only, and the plugin and script corpus around it is thin next to Ghidra's NSA-backed community or IDA Pro's two decades of extensions. A focused, durable bet for a Windows malware shop, not a platform play.
Relyze sits as a focused mid-tier option between free Ghidra and the dominant IDA Pro.
Disassembly, decompilation, binary diff, and IMPHASH generation match how malware analysts actually triage samples.
The Ruby Plugin Framework and x64dbg Database Integration connect static and dynamic workflows, though Windows-only limits reach.
A single-vendor Windows-only tool since 2015 is durable but creates a narrower path than open platforms.
The Native Code Decompiler and automatic Control Flow Graph Reconstruction across four architectures show real engineering craft.
Malware analysts who want a focused Windows reverse engineering desktop.
Teams who need Linux-native reverse engineering tooling.
The free sticker only holds for non-commercial use, and the commercial price isn't published anywhere.
“Standard edition is free, but commercial work requires a Professional license that no public page quotes. The Euro-only checkout and dead purchase URL mean every business buyer starts with an email.”
Relyze Standard costs $0. The catch is the license terms: free covers non-commercial use only, and Binary Diff plus command-line usage are disabled in that edition. Any commercial analyst needs Professional.
TCO math. Professional pricing is not on the site — the purchase page 404s, and quotes come in Euro through a 2Checkout reseller. Licenses are perpetual with a 12-month update window; 24 or 36-month extensions are quote-only. So budget two numbers: the seat and the renewal you can't see yet. Compare Ghidra, which is free for commercial use with no license tier at all. IDA Pro publishes nothing either, but Hex-Rays at least answers procurement fast.
For a malware team of five, the spend is real but unpredictable. The Ruby Plugin Framework and x64dbg Database Integration cut tooling cost elsewhere. However, an unquoted price is a forecasting gap, not a bargain.
Euro-only billing through a 2Checkout reseller and no published price add friction for any non-EU buyer.
Perpetual use survives a lapsed subscription, and multi-machine activation is set at purchase with no auto-renewal trap.
Standard is free, but the purchase page 404s and Professional pricing is quoted only on request.
Binary Diff, IMPHASH generation, and the Ruby Plugin Framework deliver measurable triage and automation value for security teams.
Perpetual licenses cap cost, but the unpublished seat price and quote-only 24/36-month update extensions make year-3 spend hard to model.
Solo researchers who do non-commercial reverse engineering for free.
Procurement teams who need a fixed quote before committing.
Relyze pairs a clean decompiler with a Ruby plugin framework, but Windows-only walls out half the bench.
“Relyze gives malware analysts a fast Native Code Decompiler and real x64dbg interop without IDA's license bill. But it runs on Windows only, and quiet release cadence makes it a side tool, not a daily driver.”
A reverse engineer's day-three test is whether the decompiler keeps up with the assembly. Relyze's Native Code Decompiler turns x86, x64, ARM32, and ARM64 into readable pseudo code fast, and Control Flow Graph Reconstruction resolves indirect calls without manual nudging. That is the part the demo and the real workflow agree on.
The workflow glue is genuinely good. The x64dbg Database Integration imports bookmarks, comments, and labels, so static and dynamic passes stop living in separate worlds. IMPHASH generation lands triage hashes straight into the library. The Ruby Plugin Framework automates the repetitive sweeps Ghidra makes you script in Java or Python.
The catch is reach. Relyze is Windows-only, so an ELF analyst on Linux is stuck in a VM all day. It has been free for non-commercial use since 2015, but the changelog is quiet, so treat it as a sharp second opinion, not a primary IDA replacement.
Native Code Decompiler and CFG reconstruction hold up past the demo on real x64 and ARM binaries.
A quick start PDF ships, but a quiet changelog signals thin ongoing docs.
Windows-only forces Linux ELF analysts into a VM for every session.
The Ruby Plugin Framework and parallel multi-binary analysis scale into automated batch triage.
x64dbg database import bridges static and dynamic passes that usually live apart.
Malware analysts who want a fast decompiler without an IDA license.
Linux-based ELF researchers who need a native cross-platform tool.
Relyze gets you reading native code fast, as long as you live on Windows.
“Relyze disassembles and decompiles x86 through ARM64 binaries, and the desktop edition is free for non-commercial use. The Windows-only build and contact-us pricing are the catch.”
The free desktop edition is the real story here. You can disassemble x86, x64, ARM32, and ARM64 native code with no credit card, and the Native Code Decompiler turns raw assembly into pseudo code so you are not squinting at instructions on day one. For a category where Ghidra is the free default, that lowers the bar to actually try it.
What keeps it useful past day three is Binary Diff. Comparing two builds to see what a patch changed is the kind of task you do constantly, and having it built in saves a tab. The Ruby plugin framework means you can automate the repetitive parts once you know your way around. The x64dbg database import is a nice touch.
The catch is the platform. It is Windows-only, with no public price on the commercial tiers, just a contact form. Month three, that desk-bound reality starts to sting.
Interactive control flow and call graphs show care in the everyday navigation surface.
The Native Code Decompiler eases the start, but Ruby plugin depth takes weeks to reach.
Desktop reverse engineering has no real mobile use case, so this scores neutral.
A free desktop edition plus an included quick start PDF lowers the first-hour bar.
Control flow reconstruction resolves indirect calls and stack variables automatically, a solid-feeling core.
Security researchers who reverse engineer native Windows binaries.
Analysts who work on macOS or Linux desktops.
Relyze has survived eleven years in a category Ghidra reshaped — the small team is the watch item.
“Relyze Software Limited has shipped a credible reverse engineering tool since 2015, and the free non-commercial edition is real, not a teaser. The catch is opacity: commercial pricing is contact-only and the vendor looks small.”
Reverse engineering tools have a graveyard. Relyze isn't in it. Relyze Software Limited has shipped since 2015, and the changelog still moves — that's eleven years of cadence in a niche category. Survivor, so far.
The product holds up on evidence. The Native Code Decompiler turns x86, x64, ARM32, and ARM64 into pseudo code, and the Ruby plugin framework plus x64dbg Database Integration mean your annotations aren't trapped. Exit portability is genuinely decent here. But the moat is the worry. Ghidra is free and NSA-backed; IDA Pro owns the install base. Relyze sits between two giants.
The yellow flag is the commercial tier: pricing is contact-only, no public number, and the team reads as very small. For a one-off analyst the free edition is a clean bet. For an org standardizing on it, ask about support before you commit.
It is a solid integrated environment but sits between free Ghidra and incumbent IDA Pro with no obvious moat.
The Ruby plugin framework and x64dbg database import/export keep annotations and labels portable.
Eleven years of cadence is reassuring, but contact-only pricing and a very small team leave the 3-year bet unclear.
The landing copy is plain and technical, and the free non-commercial edition delivers exactly the listed features.
Shipping since 2015 with an active changelog matches the survivor pattern, not the abandoned-tool pattern.
Security researchers who want a capable free reverse engineering tool
Teams who need a vendor with public pricing and a large support org
Common questions answered by our AI research team
Yes, Relyze supports debugging of executable files as part of its interactive analysis capabilities.
Yes, Relyze can analyze malware samples, offering interactive examination tools designed for security professionals.
Yes, Relyze is designed for security professionals conducting reverse engineering tasks.
Yes, Relyze includes disassembly capabilities as a core feature of its binary analysis platform.
Relyze is a UK-based software reverse engineering tool providing interactive disassembly, decompilation, and diffing for x86, x64, ARM32, and ARM64 binaries.
