securefirmware
@securefirmware.bsky.social
The Open Source Firmware Security Analyzer
Pinned
The latest EMBA Pull Request for our system emulation engine from our contributor Endri (www.linkedin.com/in/endri-hox...) is so awesome ...
The original Firmadyne/FirmAE kernel that was used in our emulation engine was version 4.1.17 and is from Jan-2016
...
The original Firmadyne/FirmAE kernel that was used in our emulation engine was version 4.1.17 and is from Jan-2016
...
Great news for today ... you can grab our SBOM/EMBArk slides from our talk at #troopers25 here troopers.de/troopers25/t...
SBOMs the right way
TROOPERS is more than just an infoSec con. Hands-on, high-end knowledge sharing leaves you motivated and charged to
troopers.de
July 8, 2025 at 4:17 PM
Great news for today ... you can grab our SBOM/EMBArk slides from our talk at #troopers25 here troopers.de/troopers25/t...
Now with correct handler ... Thank you @rz.my / github.com/RamadhanAmiz... for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...
July 4, 2025 at 1:48 PM
Now with correct handler ... Thank you @rz.my / github.com/RamadhanAmiz... for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...
Thank you @rempahrz / github.com/RamadhanAmiz... for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...
RamadhanAmizudin - Overview
Daydreamer. RamadhanAmizudin has 54 repositories available. Follow their code on GitHub.
github.com
July 4, 2025 at 1:34 PM
Thank you @rempahrz / github.com/RamadhanAmiz... for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...
Thank you github.com/cwilliams001 for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...
cwilliams001 - Overview
cwilliams001 has 50 repositories available. Follow their code on GitHub.
github.com
July 4, 2025 at 12:48 PM
Thank you github.com/cwilliams001 for being our sponsor. Let's make firmware more secure! Do it the same here github.com/sponsors/e-m...
EMBArk v0.3 - we are #TROOPERS25 edition is available with enhanced enterprise support. Check it out ... SBOM and firmware analysis to the max github.com/e-m-b-a/emba...
June 24, 2025 at 10:01 AM
EMBArk v0.3 - we are #TROOPERS25 edition is available with enhanced enterprise support. Check it out ... SBOM and firmware analysis to the max github.com/e-m-b-a/emba...
The paper "Challenges and pitfalls while emulating six current Icelandic household routers" is available and it is a very interesting read ... Check it out here skemman.is/handle/1946/...
Thesis: "Challenges and pitfalls while emulating six current Icelandic household routers" | Skemman
skemman.is
June 21, 2025 at 8:42 AM
The paper "Challenges and pitfalls while emulating six current Icelandic household routers" is available and it is a very interesting read ... Check it out here skemman.is/handle/1946/...
It is f**** awesome to see job posting where EMBA is listed as one of the needed tools :)
June 19, 2025 at 4:38 PM
It is f**** awesome to see job posting where EMBA is listed as one of the needed tools :)
EMBA reached the next milestone. 3000 GitHub stars accomplished. This is such a big Thing for us. A very big THANK YOU to the team and to our great community. Keep on going and test your Firmware, build SBOMs and make the Internet more secure ... With EMBA on the rocks
June 17, 2025 at 7:59 PM
EMBA reached the next milestone. 3000 GitHub stars accomplished. This is such a big Thing for us. A very big THANK YOU to the team and to our great community. Keep on going and test your Firmware, build SBOMs and make the Internet more secure ... With EMBA on the rocks
Most known bugs fixed and we are ready for a testing phase before the next EMBA release. Check it out and give us feedback about all the old and new bugs. Your chance to kill our time line ;)
Start with:
git clone github.com/e-m-b-a/emba...
cd emba
sudo ./installer.sh -d
Start with:
git clone github.com/e-m-b-a/emba...
cd emba
sudo ./installer.sh -d
GitHub - e-m-b-a/emba: EMBA - The firmware security analyzer
EMBA - The firmware security analyzer. Contribute to e-m-b-a/emba development by creating an account on GitHub.
github.com
June 11, 2025 at 5:51 PM
Most known bugs fixed and we are ready for a testing phase before the next EMBA release. Check it out and give us feedback about all the old and new bugs. Your chance to kill our time line ;)
Start with:
git clone github.com/e-m-b-a/emba...
cd emba
sudo ./installer.sh -d
Start with:
git clone github.com/e-m-b-a/emba...
cd emba
sudo ./installer.sh -d
Looks as an interesting paper on emulation is coming up "Challenges and pitfalls while emulating six current Icelandic household routers" - "The most effective tool for both analysis and emulation is EMBA." skemman.is/handle/1946/...
June 3, 2025 at 5:57 AM
Looks as an interesting paper on emulation is coming up "Challenges and pitfalls while emulating six current Icelandic household routers" - "The most effective tool for both analysis and emulation is EMBA." skemman.is/handle/1946/...
Need some good read for the weekend? Check this ...
Exploring EMBA: Unraveling Firmware Security with Confidence - eclypsium.com/blog/explori...
0xFFF: Understanding Unknown Binaries - Firmware Recon - www.linkedin.com/pulse/0xfff-...
Exploring EMBA: Unraveling Firmware Security with Confidence - eclypsium.com/blog/explori...
0xFFF: Understanding Unknown Binaries - Firmware Recon - www.linkedin.com/pulse/0xfff-...
Exploring EMBA: Unraveling Firmware Security with Confidence - Eclypsium | Supply Chain Security for the Modern Enterprise
EMBA represents a significant step forward in the realm of firmware security analysis. In a world where our reliance on interconnected devices continues to grow, understanding and securing the firmwar...
eclypsium.com
May 30, 2025 at 6:48 AM
Need some good read for the weekend? Check this ...
Exploring EMBA: Unraveling Firmware Security with Confidence - eclypsium.com/blog/explori...
0xFFF: Understanding Unknown Binaries - Firmware Recon - www.linkedin.com/pulse/0xfff-...
Exploring EMBA: Unraveling Firmware Security with Confidence - eclypsium.com/blog/explori...
0xFFF: Understanding Unknown Binaries - Firmware Recon - www.linkedin.com/pulse/0xfff-...
Currently there is so much stuff happening around EMBA ... today I can share that we got the chance to share the latest EMBA and #SBOM stuff at the #TROOPERS25 /
@wearetroopers.bsky.social security conference. Check it out here troopers.de/troopers25/a...
@wearetroopers.bsky.social security conference. Check it out here troopers.de/troopers25/a...
May 21, 2025 at 1:01 PM
Currently there is so much stuff happening around EMBA ... today I can share that we got the chance to share the latest EMBA and #SBOM stuff at the #TROOPERS25 /
@wearetroopers.bsky.social security conference. Check it out here troopers.de/troopers25/a...
@wearetroopers.bsky.social security conference. Check it out here troopers.de/troopers25/a...
The latest EMBA Pull Request for our system emulation engine from our contributor Endri (www.linkedin.com/in/endri-hox...) is so awesome ...
The original Firmadyne/FirmAE kernel that was used in our emulation engine was version 4.1.17 and is from Jan-2016
...
The original Firmadyne/FirmAE kernel that was used in our emulation engine was version 4.1.17 and is from Jan-2016
...
May 13, 2025 at 12:40 PM
The latest EMBA Pull Request for our system emulation engine from our contributor Endri (www.linkedin.com/in/endri-hox...) is so awesome ...
The original Firmadyne/FirmAE kernel that was used in our emulation engine was version 4.1.17 and is from Jan-2016
...
The original Firmadyne/FirmAE kernel that was used in our emulation engine was version 4.1.17 and is from Jan-2016
...
Reposted by securefirmware
I just published Leveraging Automated Firmware Analysis with the Open-Source Firmware Analyzer EMBA link.medium.com/xE9lCbHWiLb
link.medium.com
July 17, 2024 at 11:54 AM
I just published Leveraging Automated Firmware Analysis with the Open-Source Firmware Analyzer EMBA link.medium.com/xE9lCbHWiLb
I just realized that @heisec.bsky.social has written a nice article about some vulnerabilities we reported to Siemens in the Sentron PAC1260 device. Check it out here www.heise.de/en/news/Root...
Root vulnerabilities in Siemens Sentron 7KT PAC1260 Data Manager remain open
Because support for a Siemens multi-channel current meter has expired, there are no more security updates.
www.heise.de
April 17, 2025 at 7:35 AM
I just realized that @heisec.bsky.social has written a nice article about some vulnerabilities we reported to Siemens in the Sentron PAC1260 device. Check it out here www.heise.de/en/news/Root...
New Research paper with EMBA support is out there "Dealing with Security and Privacy Challenges in Android through App Code Analysis". Check it out here iris.unige.it/retrieve/a2b...
April 2, 2025 at 8:48 AM
New Research paper with EMBA support is out there "Dealing with Security and Privacy Challenges in Android through App Code Analysis". Check it out here iris.unige.it/retrieve/a2b...
Automatically password cracking with EMBA in action for a real world vulnerability in Edimax firmware
CVE-2024-57040 could apply to MANY IoT devices as passwords for root-level accounts are not difficult to discover and crack. The Edimax IC-7100 (recently in the news) has hashes that were cracked automatically by EMBA. The IC-7100 default creds are also in the docs, do we need CVEs for these?
March 21, 2025 at 7:46 AM
Automatically password cracking with EMBA in action for a real world vulnerability in Edimax firmware
We have several issues open that need your support. Today I will highlight the issue "QNX Support in EMBA". If you have details, testing firmware or other interesting details on QNX that we can use for improving support please check the issue here github.com/e-m-b-a/emba...
QNX Support in EMBA · Issue #1472 · e-m-b-a/emba
Hello! I wanted to raise the idea of potentially adding QNX support to EMBA, to see what the maintainers thought and if it was a path worth putting energy towards. Is your feature request related t...
github.com
March 13, 2025 at 6:52 PM
We have several issues open that need your support. Today I will highlight the issue "QNX Support in EMBA". If you have details, testing firmware or other interesting details on QNX that we can use for improving support please check the issue here github.com/e-m-b-a/emba...
How cool is that ... PaloAlto
research team is using EMBA. Check the PaloAlto blog post "Healthcare Monitors at Risk Beyond a Backdoor" live.paloaltonetworks.com/t5/community...
research team is using EMBA. Check the PaloAlto blog post "Healthcare Monitors at Risk Beyond a Backdoor" live.paloaltonetworks.com/t5/community...
March 12, 2025 at 12:00 PM
How cool is that ... PaloAlto
research team is using EMBA. Check the PaloAlto blog post "Healthcare Monitors at Risk Beyond a Backdoor" live.paloaltonetworks.com/t5/community...
research team is using EMBA. Check the PaloAlto blog post "Healthcare Monitors at Risk Beyond a Backdoor" live.paloaltonetworks.com/t5/community...
We are very proud to show you the new “EMBA v1.5.2 - #SBOM - The next generation” release. So many highlights … check the release notes and give it a try. #Firmware security analysis goes SBOM github.com/e-m-b-a/emba...
Release EMBA v1.5.2 - SBOM - The next generation · e-m-b-a/emba
We need to talk about serious SBOM tooling! The CRA will hit us all ... quite hard and very soon. Check the dates (from Wikipedia): And check the SBOM requiremenents here: To give it a bump there...
github.com
March 11, 2025 at 8:50 AM
We are very proud to show you the new “EMBA v1.5.2 - #SBOM - The next generation” release. So many highlights … check the release notes and give it a try. #Firmware security analysis goes SBOM github.com/e-m-b-a/emba...
Free tip of the week: You need to verify every component that your SBOM tool is so proud to show you. Ensure your SBOM tooling is not fooling you :-D
February 25, 2025 at 9:23 AM
Free tip of the week: You need to verify every component that your SBOM tool is so proud to show you. Ensure your SBOM tooling is not fooling you :-D
Is VEX a thing out there in the SBOM environment? cyclonedx.org/capabilities...
Vulnerability Exploitability eXchange (VEX) | CycloneDX
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. The specification supports Software Bill of Materials (SBOM)...
cyclonedx.org
January 31, 2025 at 6:02 PM
Is VEX a thing out there in the SBOM environment? cyclonedx.org/capabilities...
Just in time for a happy new year with better firmware analysis. Now with the enhanced binwalk decryptor available in EMBA. SBOM, known vulnerabilities, static analysis, emulation and much more (Screenshots from DIR-822 Rev C) github.com/e-m-b-a/emba
December 29, 2024 at 2:12 PM
Just in time for a happy new year with better firmware analysis. Now with the enhanced binwalk decryptor available in EMBA. SBOM, known vulnerabilities, static analysis, emulation and much more (Screenshots from DIR-822 Rev C) github.com/e-m-b-a/emba