Skip to content

e-m-b-a/emba

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
6 branches 16 tags
Code

Latest commit

@m-1-k-3
m-1-k-3 Merge pull request #965 from BenediktMKuehne/linter-upgrades
4712d53 Dec 15, 2023
Merge pull request #965 from BenediktMKuehne/linter-upgrades 
copyright and exceptions linter functions
4712d53

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github
workflow dispatch
December 12, 2023 09:23
config
add thttpd version
December 13, 2023 16:57
helpers
Revert "force utf8 charset in htmls"
December 14, 2023 10:50
installer
docker v7
December 13, 2023 12:05
licenses
Initial system emulation commit
July 25, 2022 16:30
modules
copyright fixup/updates
December 15, 2023 10:07
scan-profiles
more control on long running modules
December 10, 2023 19:09
.dockerignore
switch to emba docker pull
September 2, 2021 09:17
.gitignore
update
July 13, 2023 09:23
CODE_OF_CONDUCT.md
linters
October 20, 2022 15:57
CONTRIBUTING.md
SC2235
November 9, 2023 09:48
CONTRIBUTORS.md
update CONTRIBUTORS.md
December 5, 2023 09:04
Dockerfile
init fw differ environment
September 12, 2023 14:01
LICENSE
emba says hello world
August 25, 2020 10:03
README.md
SC2235
November 9, 2023 09:48
SECURITY.md
update SECURITY.md
December 9, 2023 19:02
check_project.sh
copyright fixup/updates
December 15, 2023 10:07
docker-compose.yml
little fixes
December 1, 2023 09:47
emba
improve dep check
December 13, 2023 12:55
installer.sh
improve dep check
December 13, 2023 13:32
EMBA The security analyzer for firmware of embedded devices Links to the wiki for more detailed information Installation Quick start with default scan profile: Quick start with system-emulation scan profile: Quick start with AI-assisted analysis enabled Quick start in firmware diffing mode Get involved Team

README.md

EMBA

The security analyzer for firmware of embedded devices

EMBA is designed as the central firmware analysis tool for penetration testers and product security teams. It supports the complete security analysis process starting with firmware extraction, doing static analysis and dynamic analysis via emulation and finally generating a web report. EMBA automatically discovers possible weak spots and vulnerabilities in firmware. Examples are insecure binaries, old and outdated software components, potentially vulnerable scripts, or hard-coded passwords. EMBA is a command line tool with the possibility to generate an easy-to-use web report for further analysis.

EMBA assists the penetration testers and product security teams in the identification of weak spots and vulnerabilities in the firmware image. EMBA provides as much information as possible about the firmware, that the tester can decide on focus areas and is responsible for verifying and interpreting the results.

Watch EMBA

Links to the wiki for more detailed information

Installation

Before running EMBA make sure, that you have installed all dependencies with the installation script and met the prerequisites

git clone https://github.com/e-m-b-a/emba.git
cd emba
sudo ./installer.sh -d

Quick start with default scan profile:

sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-scan.emba

Quick start with system-emulation scan profile:

For further details on EMBA's system-emulation engine check the wiki.

sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-scan-emulation.emba

Quick start with AI-assisted analysis enabled

For further details on EMBA's AI analysis engine check the wiki.

sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-scan-gpt.emba

Quick start in firmware diffing mode

For further details on EMBA's firmware diffing mechanism check the wiki.

sudo ./emba -l ~/log -f ~/1st-firmware -o ~/2nd-newer-firmware -t

EMBA supports multiple testing and reporting options. For more details check the wiki.

Get involved

The IoT is growing, the development is ongoing, and there are many new features that we want to add. We welcome pull requests and issues on GitHub. Also check the CONTRIBUTING and CONTRIBUTORS documentation for further information.

Team

The core EMBA Team

Contributors

About

EMBA - The firmware security analyzer

www.securefirmware.de

Topics

linux shell iot security firmware reverse-engineering hacking artificial-intelligence embedded-systems penetration-testing infosec pentesting static-analyzer binary-analysis vulnerability-scanners embedded-linux security-tools firmware-tools vulnerability-scanner firmware-analysis

Resources

Readme

License

GPL-3.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

2.2k stars

Watchers

41 watching

Forks

194 forks
Report repository

Releases 16

EMBA v1.3.2 - EMBArk is out Latest
Dec 12, 2023
+ 15 releases

Sponsor this project

  •  
Learn more about GitHub Sponsors

Contributors 13

Languages