Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/e-m-b-a/emba
EMBA - The firmware security analyzer
https://github.com/e-m-b-a/emba
artificial-intelligence binary-analysis embedded-linux embedded-systems firmware firmware-analysis firmware-tools hacking infosec iot linux penetration-testing pentesting reverse-engineering sbom security security-tools static-analyzer vulnerability-scanner vulnerability-scanners
Last synced: 3 days ago
JSON representation
EMBA - The firmware security analyzer
- Host: GitHub
- URL: https://github.com/e-m-b-a/emba
- Owner: e-m-b-a
- License: gpl-3.0
- Created: 2020-08-25T07:59:12.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2024-10-27T08:29:03.000Z (3 months ago)
- Last Synced: 2024-10-29T15:34:27.827Z (3 months ago)
- Topics: artificial-intelligence, binary-analysis, embedded-linux, embedded-systems, firmware, firmware-analysis, firmware-tools, hacking, infosec, iot, linux, penetration-testing, pentesting, reverse-engineering, sbom, security, security-tools, static-analyzer, vulnerability-scanner, vulnerability-scanners
- Language: Shell
- Homepage: https://www.securefirmware.de
- Size: 21.5 MB
- Stars: 2,666
- Watchers: 44
- Forks: 232
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
- awesome-iot-security-resource - emba
- awesome-embedded-and-iot-security - emba - Analyze Linux-based firmware of embedded devices. (Software Tools / Analysis Tools)
- awesome-rainmana - e-m-b-a/emba - EMBA - The firmware security analyzer (Shell)
- awesome-hacking-lists - e-m-b-a/emba - EMBA - The firmware security analyzer (Shell)
- awesome-security-vul-llm - e-m-b-a/emba - m-b-a/emba?style=flat-square) - EMBA是一款开源的安全扫描器,能够对嵌入式设备的固件进行静态和动态分析,识别弱点和漏洞。它生成Web报告以供进一步分析,并具有系统仿真和AI辅助分析选项。 (LLM分析过程)
README
# EMBA
## The security analyzer for firmware of embedded devices*EMBA* is designed as the central firmware analysis and SBOM tool for penetration testers, product security teams, developers and responsible product managers. It supports the complete security analysis process starting with *firmware extraction*, doing *static analysis* and *dynamic analysis* via emulation, building the SBOM and finally generating a web based vulnerability report. *EMBA* automatically discovers possible weak spots and vulnerabilities in firmware. Examples are insecure binaries, old and outdated software components, potentially vulnerable scripts, or hard-coded passwords. *EMBA* is a command line tool with the possibility to generate an easy-to-use web report for further analysis.
*EMBA* assists the penetration testers, product security teams and developers in the identification of weak spots and vulnerabilities in the firmware image. *EMBA* provides as much information as possible about the firmware, that the tester can decide on focus areas and is responsible for verifying and interpreting the results.
[![Watch EMBA](https://raw.githubusercontent.com/wiki/e-m-b-a/emba/images/youtube-emba.png)](https://youtu.be/_dvdy3klFFY "Watch EMBA")
----------------------
#### Links to the wiki for more detailed information
- [Home](https://github.com/e-m-b-a/emba/wiki)
- [Feature overview](https://github.com/e-m-b-a/emba/wiki/Feature-overview)
- [Installation](https://github.com/e-m-b-a/emba/wiki/Installation)
- [Usage](https://github.com/e-m-b-a/emba/wiki/Usage)
- [FAQ](https://github.com/e-m-b-a/emba/wiki/FAQ)## Installation
Before running *EMBA* make sure, that you have [installed](https://github.com/e-m-b-a/emba/wiki/Installation) all dependencies with the installation script and met the [prerequisites](https://github.com/e-m-b-a/emba/wiki/Installation#prerequisites)
```console
git clone https://github.com/e-m-b-a/emba.git
cd emba
sudo ./installer.sh -d
```## Quick start with default scan profile:
```console
sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-scan.emba```
## Quick start with default SBOM profile:
For further details on EMBA's SBOM capabilities check the [wiki](https://github.com/e-m-b-a/emba/wiki/SBOM-environment)
```console
sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-sbom.emba```
## Quick start with system-emulation scan profile:
For further details on EMBA's system-emulation engine check the [wiki](https://github.com/e-m-b-a/emba/wiki/System-emulation).
```console
sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-scan-emulation.emba```
---
*EMBA* supports multiple testing and reporting [options](https://github.com/e-m-b-a/emba/wiki/Usage#arguments). For more details check the [wiki](https://github.com/e-m-b-a/emba/wiki/Usage).## Get involved
The IoT is growing, the development is ongoing, and there are many new features that we want to add.
We welcome [pull requests](https://github.com/e-m-b-a/emba/pulls) and [issues](https://github.com/e-m-b-a/emba/issues) on GitHub. Also check the [CONTRIBUTING](./CONTRIBUTING.md) and [CONTRIBUTORS](./CONTRIBUTORS.md) documentation for further details on how to get part of the _EMBA_ commmunity.## Team
[The core EMBA Team](https://github.com/orgs/e-m-b-a/people)
[Contributors](https://github.com/e-m-b-a/emba/blob/master/CONTRIBUTORS.md)