securefirmware

Is the @BugProve firmware analysis scanner already history? They referencing EMBA in their blogposts ... see also bugprove.com/firmware-sec... Thank you for the ping. We liked your product :)

EMBA is now fully connected with the awesome #SBOM management environment @dependencytrack by #OWASP.
Check the great news around your next level #IoT security testing experience here github.com/e-m-b-a/emba...

Great news for today ... you can grab our SBOM/EMBArk slides from our talk at #troopers25 here troopers.de/troopers25/t...

Now with correct handler ... Thank you @rz.my / github.com/RamadhanAmiz... for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...

RamadhanAmizudin - Overview Daydreamer. RamadhanAmizudin has 54 repositories available. Follow their code on GitHub.

Thank you @rempahrz / github.com/RamadhanAmiz... for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...

cwilliams001 - Overview cwilliams001 has 50 repositories available. Follow their code on GitHub.

Thank you github.com/cwilliams001 for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...

EMBArk v0.3 - we are #TROOPERS25 edition is available with enhanced enterprise support. Check it out ... SBOM and firmware analysis to the max github.com/e-m-b-a/emba...

FACT, QEMU, EMUX, Qiling, Firmadyne, FAT, FirmAE, Pandawan, and EMBA were evaluated based on how easy they were to set up and how well they managed to emulate our firmware images. The most effective tool for both analysis and emulation is EMBA.

Thesis: "Challenges and pitfalls while emulating six current Icelandic household routers" | Skemman

The paper "Challenges and pitfalls while emulating six current Icelandic household routers" is available and it is a very interesting read ... Check it out here skemman.is/handle/1946/...

It is f**** awesome to see job posting where EMBA is listed as one of the needed tools :)

EMBA reached the next milestone. 3000 GitHub stars accomplished. This is such a big Thing for us. A very big THANK YOU to the team and to our great community. Keep on going and test your Firmware, build SBOMs and make the Internet more secure ... With EMBA on the rocks

GitHub - e-m-b-a/emba: EMBA - The firmware security analyzer EMBA - The firmware security analyzer. Contribute to e-m-b-a/emba development by creating an account on GitHub.

Most known bugs fixed and we are ready for a testing phase before the next EMBA release. Check it out and give us feedback about all the old and new bugs. Your chance to kill our time line ;)

Start with:
git clone github.com/e-m-b-a/emba...
cd emba
sudo ./installer.sh -d

Looks as an interesting paper on emulation is coming up "Challenges and pitfalls while emulating six current Icelandic household routers" - "The most effective tool for both analysis and emulation is EMBA." skemman.is/handle/1946/...

Firmware Guide for Pen Testers - Eclypsium | Supply Chain Security for the Modern Enterprise This post helps penetration testers and red teamers discover and exploit weaknesses in IoT and/or network devices. Open-source tools configured specifically for this task make the process easier and l...

Firmware Guide for Pen Testers - eclypsium.com/blog/firmwar...

Basics of EMBA: A Firmware Analyze Tool for Cybersecurity - medium.com/@sansalnuray...

Binary Code Analysis for IEC 62443-4-1 SVV-3 - youtu.be/1prqHbTKORU?...

Have a good time

Ghosts in the Machine - BruCON 0x0F - github.com/n0x08/Confer...

Tear Down this Zywall! - media.defcon.org/DEF%20CON%20...

Set-Top Box RE: 6-part series (4 of 6) - cc-sw.com/set-top-box-...

Building on Shaky Ground ISSA - github.com/n0x08/Confer...

Exploring EMBA: Unraveling Firmware Security with Confidence - Eclypsium | Supply Chain Security for the Modern Enterprise EMBA represents a significant step forward in the realm of firmware security analysis. In a world where our reliance on interconnected devices continues to grow, understanding and securing the firmwar...

Need some good read for the weekend? Check this ...

Exploring EMBA: Unraveling Firmware Security with Confidence - eclypsium.com/blog/explori...

0xFFF: Understanding Unknown Binaries - Firmware Recon - www.linkedin.com/pulse/0xfff-...

EMBA got a massive performance boost. Check the updated #SBOM performance and enjoy the power

Currently there is so much stuff happening around EMBA ... today I can share that we got the chance to share the latest EMBA and #SBOM stuff at the #TROOPERS25 /
@wearetroopers.bsky.social security conference. Check it out here troopers.de/troopers25/a...

The updated EMBA kernel is currently version 4.1.52 from May-2018 (a two year time-travel)

This PR introduces kernel 4.14.336 from Jan-2024 (8 years update from the initial Firmadyne/FirmAE kernel)

Our system emulation engine is now more up to date than ever before. See github.com/e-m-b-a/emba...

The latest EMBA Pull Request for our system emulation engine from our contributor Endri (www.linkedin.com/in/endri-hox...) is so awesome ...

The original Firmadyne/FirmAE kernel that was used in our emulation engine was version 4.1.17 and is from Jan-2016

...

I just published Leveraging Automated Firmware Analysis with the Open-Source Firmware Analyzer EMBA link.medium.com/xE9lCbHWiLb

Root vulnerabilities in Siemens Sentron 7KT PAC1260 Data Manager remain open Because support for a Siemens multi-channel current meter has expired, there are no more security updates.

I just realized that @heisec.bsky.social has written a nice article about some vulnerabilities we reported to Siemens in the Sentron PAC1260 device. Check it out here www.heise.de/en/news/Root...

New Research paper with EMBA support is out there "Dealing with Security and Privacy Challenges in Android through App Code Analysis". Check it out here iris.unige.it/retrieve/a2b...

Automatically password cracking with EMBA in action for a real world vulnerability in Edimax firmware

QNX Support in EMBA · Issue #1472 · e-m-b-a/emba Hello! I wanted to raise the idea of potentially adding QNX support to EMBA, to see what the maintainers thought and if it was a path worth putting energy towards. Is your feature request related t...

We have several issues open that need your support. Today I will highlight the issue "QNX Support in EMBA". If you have details, testing firmware or other interesting details on QNX that we can use for improving support please check the issue here github.com/e-m-b-a/emba...

How cool is that ... PaloAlto
research team is using EMBA. Check the PaloAlto blog post "Healthcare Monitors at Risk Beyond a Backdoor" live.paloaltonetworks.com/t5/community...

Release EMBA v1.5.2 - SBOM - The next generation · e-m-b-a/emba We need to talk about serious SBOM tooling! The CRA will hit us all ... quite hard and very soon. Check the dates (from Wikipedia): And check the SBOM requiremenents here: To give it a bump there...

We are very proud to show you the new “EMBA v1.5.2 - #SBOM - The next generation” release. So many highlights … check the release notes and give it a try. #Firmware security analysis goes SBOM github.com/e-m-b-a/emba...

Free tip of the week: You need to verify every component that your SBOM tool is so proud to show you. Ensure your SBOM tooling is not fooling you :-D

Vulnerability Exploitability eXchange (VEX) | CycloneDX OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. The specification supports Software Bill of Materials (SBOM)...

Is VEX a thing out there in the SBOM environment? cyclonedx.org/capabilities...