Download Latest Version EMBA v2.0.0 - A brave new world of firmware analysis source code.tar.gz (3.3 MB)
Email in envelope

Get an email when there's a new version of EMBA

Home / v1.5.0-SBOMdorado
Name Modified Size InfoDownloads / Week
Parent folder
EMBA v1.5.0 - SBOMdorado source code.tar.gz 2024-10-22 3.2 MB
0
EMBA v1.5.0 - SBOMdorado source code.zip 2024-10-22 3.4 MB
0
README.md 2024-10-22 24.4 kB
0
Totals: 3 Items   6.6 MB 0

The main goal of EMBA was always to get an accurate real life overview of the threats of a firmware image. While a few years ago the target audience were only pentesters, in today’s EMBA world also software developers, product owners and product security teams are using her to achieve different goals.

Over the time EMBA is grown and today she is not only a firmware analyzer anymore. Nowadays, EMBA is used to test every little piece of unknown binary. While the main interest stays on analyzing Linux based firmware, we have seen that EMBA is also used for UEFI, Windows binaries, Linux binaries, different Scripts, Android APKs and a lot of other stuff. Beside the high fragmentation of the targets under test, we have seen a growing demand for SBOM generation. EMBA includes some kind of basic SBOM support for ages, but as most of our analyzed binaries do not rely on some kind of package managers, we have not seen the demand for supporting them on a broad base - until today.

We have now adjusted our approach to support a broad range of package managers, packet types and further sources for getting an accurate SBOM out of every testing candidate.

Beside our binary analysis mechanism as the only source of truth, EMBA is now able to extract further details from the following sources:

  • [x] Binaries and libraries
  • [x] Linux Kernel
  • [x] Kernel modules
  • [x] Linux distribution identification
  • [x] RPM package management system
  • [x] Debian package management system
  • [x] OpenWRT Package management system
  • [x] Python PIP package management system
  • [x] Python requirements files
  • [x] RPM packages
  • [x] DEB packages
  • [x] FreeBSD pkg packages
  • [x] Java archives
  • [x] Alpine APK
  • [x] Python poetry
  • [x] Python wheel
  • [x] Rust (cargo.lock)
  • [x] Ruby (gem)
  • [x] JavaScript - npm
  • [x] Windows binary exif data
  • [x] Windows binary extraction and analysis

Further details can be found in our wiki

Additionally, we did something more: * FLOSS interview - check it out here * Ubuntu 24.04 LTS support * Switching from docker-compose to docker compose * Bug fixing * Refactoring * Docker base image updates

Beside your ongoing support with feedback, testing, working on issues and spreading EMBA you can now also support EMBA as a sponsor. image

A big kudos goes to to offchain-audit for his sponsoring and to n0x08 for his ongoing support.

Check it out here and start being an essential part of the future of EMBA

It is always a pleasure to welcome new contributors to EMBA. This time we can welcome: * @gluesmith2021 made their first contribution in https://github.com/e-m-b-a/emba/pull/1150 * @Grezzo made their first contribution in https://github.com/e-m-b-a/emba/pull/1222

Now, start your fresh Kali Linux (put enough CPU power and RAM into it) and install EMBA:

└─$ git clone https://github.com/e-m-b-a/emba.git
└─$ cd emba 
└─$ sudo ./installer.sh -d

This will install all pre-requisites, including the docker base image and the cve database, which will need some bandwith, harddrive space and time.

Afterwards, you are ready to analyse your first firmware with EMBA:

└─$ sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/quick-scan.emba

What's Changed

New Contributors

Full Changelog: https://github.com/e-m-b-a/emba/compare/1.4.0-ICS-testing-edt...v1.5.0-SBOMdorado

Source: README.md, updated 2024-10-22