EMBA is designed as the central firmware analysis tool for penetration testers and product security teams. It supports the complete security analysis process starting with firmware extraction, doing static analysis and dynamic analysis via emulation and finally generating a web report. EMBA automatically discovers possible weak spots and vulnerabilities in firmware. Examples are insecure binaries, old and outdated software components, potentially vulnerable scripts, or hard-coded passwords. EMBA is a command line tool with the possibility to generate an easy-to-use web report for further analysis.
EMBA assists the penetration testers and product security teams in the identification of weak spots and vulnerabilities in the firmware image. EMBA provides as much information as possible about the firmware, that the tester can decide on focus areas and is responsible for verifying and interpreting the results.
Before running EMBA make sure, that you have installed all dependencies with the installation script and met the prerequisites
git clone https://github.com/e-m-b-a/emba.git
cd emba
sudo ./installer.sh -dsudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-scan.emba
For further details on EMBA's system-emulation engine check the wiki.
sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-scan-emulation.emba
For further details on EMBA's AI analysis engine check the wiki.
sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/default-scan-gpt.emba
For further details on EMBA's firmware diffing mechanism check the wiki.
sudo ./emba -l ~/log -f ~/1st-firmware -o ~/2nd-newer-firmware -t
EMBA supports multiple testing and reporting options. For more details check the wiki.
The IoT is growing, the development is ongoing, and there are many new features that we want to add. We welcome pull requests and issues on GitHub. Also check the CONTRIBUTING and CONTRIBUTORS documentation for further information.