Skip to content
Firmware Analysis and Comparison Tool
Branch: master
Clone or download
Latest commit 264d52e Jun 19, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
docs Update index.md May 20, 2019
src Merge branch 'refactoring_and_test_coverage' of https://github.com/fk… Jun 19, 2019
.bettercodehub.yml moved better code yml to correct folder Jun 4, 2019
.codacy.yml removed codacy changes Jul 20, 2018
.coveragerc codecov integration Oct 13, 2017
.gitignore coveragerc was erroneously excluded from gitignore Mar 29, 2019
.isort.cfg fixed imports that might break with isort May 28, 2019
.jshintrc added jshintrc file Apr 25, 2019
.pre-commit-config.yaml added isort May 28, 2019
.pylintrc added pylint config Feb 6, 2019
CODE_OF_CONDUCT.md Create CODE_OF_CONDUCT.md Oct 10, 2017
CONTRIBUTING.md coding guidelines moved to wiki Oct 13, 2017
INSTALL.md Update INSTALL.md Feb 20, 2019
LICENSE Create LICENSE Sep 19, 2017
README.md changed link to pdf generator Jun 13, 2019
pytest.ini

README.md

FACT Logo

The Firmware Analysis and Comparison Tool (FACT)

codecov BCH compliance Codacy Badge Gitter chat Black Hat Arsenal

The Firmware Analysis and Comparison Tool (formerly known as Fraunhofer's Firmware Analysis Framework (FAF)) is intended to automate most of the firmware analysis process. It unpacks arbitrary firmware files and processes several analysis. Additionally, it can compare several images or single files.
Furthermore, Unpacking, analysis and compares are based on plug-ins guaranteeing maximal flexibility and expandability.
More details and some screenshots can be found on our project page.

Requirements

FACT is designed as a multiprocess application, the more Cores and RAM, the better.

Minimal Recommended Software
4 Cores
8GB RAM
16 Cores
64GB RAM
Ubuntu (16.04 or 18.04)
Python 3.5 or above

It is possible to install FACT on any Linux distribution but the installer is limited to Ubuntu 16.04 and 18.04 at the moment.

❗️ Caution: FACT is not intended to be used as public internet service. The GUI is not a hardened WEB-application and it may take your server at risk!

Installation

The installation is generally wrapped in a single script. Some features can be selected specifically though. See INSTALL.md for details.

Usage

You can start FACT by executing the start_all_installed_fact_components scripts. The script detects all installed components automatically.

$ ./start_all_installed_fact_components

Afterwards FACT can be accessed on http://localhost:5000 and https://localhost (nginx), respectively.

You can shutdown the system by pressing Ctrl + c or by sending a SIGTERM to the start_all_installed_faf_components script.

Advanced Usage

🔥 We're currently working to improving our documentation, including installation, getting started and alike. Follow progess on our wiki pages. ✌️

REST API

FACT provides a REST API. More information can be found here.

User Management

FACT provides an optional basic authentication, role and user management. More information can be found here.

List of available community plug-ins and REST scripts

Contribute

The easiest way to contribute is writing your own plug-in. Our Developers Manual can be found here.

Acknowledgments

This project is partly financed by German Federal Office for Information Security (BSI) and others.

License

    Firmware Analysis and Comparison Tool (FACT)
    Copyright (C) 2015-2019  Fraunhofer FKIE

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
    
    Some plug-ins may have different licenses. If so, a license file is provided in the plug-in's folder.
You can’t perform that action at this time.