The identification of the relevant changes between firmware releases is an essential step in bug hunting. For example, in exploit development you are sometimes interested in the changes between two firmware versions - The vulnerable version compared to the fixed version. As it is usually quite hard to extract enough useful information from the published advisories or the CVE details, the only possibility is to check the real differences between the relevant firmware releases.…

What happened since the last EMBA release? There was the absolute great #Hackersummercamp with our talks at BSidesLV, ICS Village (DEF CON) and Black Hat (Arsenal). The recording of the BSides talk is already available here. Beside this, Nate did a really great talk at BruCON – see here. Beside a lot of code cleanup, bug fixing and some little improvements the new firmware diffing mode is one of the highlights in version 1.…

EMBA - The AI powered firmware security analyzer Why not use AI for firmware analysis? This is the idea we had since the public release of OpenAI’s GPT-3 and GPT-4 earlier this year. We started testing OpenAI’s ChatGPT for different possible usage scenarios like the integration of further CVE explanation: Additionally, we thought about a quick lookup for potential exploit code or POC’s: It can be seen that the available information is quite limited because of the limited dataset for these types of requests.…

Version 1.1.2 - Knight Rider Edt. of EMBA is out

Version 1.1.0 - Las Vegas Edt. of EMBA is out

It’s official, in August Pascal and myself will present the firmware security analyzer EMBA at Black Hat and DEF CON in Las Vegas. We are super excited and happy to have the possibility to show you the best firmware scanner on the best stage! As this is not enough, we are planning to release a huge update for EMBA … stay tuned You can find further details at the Black Hat USA Arsenal page and the DEF CON 30 forum…

Version 1.0.0 - Singapore Edt. of EMBA is out

You can attend the Black Hat Business Hall for free - check it out and join our talk on firmware analysis with EMBA here.…

1500 pull requests for version 0.9.0

EMBA goes to Black Hat Asia 2022