The firmware scanning environment with EMBA and EMBArk

Hello EMBArk


Everything started as an idea in the beginning of 2021. The idea was to build an enterprise ready open source firmware analysis environment on top of EMBA. This environment should allow every product security team as well as every penetration tester and security researcher to use professional firmware analysis to improve the security of IoT/OT/ICS … (you name it) devices as easy as possible. This idea was mixed up to an AMOS research project, where a team of students built a first PoC of EMBArk.…
Read more ⟶

Firmware diffing


The identification of the relevant changes between firmware releases is an essential step in bug hunting. For example, in exploit development you are sometimes interested in the changes between two firmware versions - The vulnerable version compared to the fixed version. As it is usually quite hard to extract enough useful information from the published advisories or the CVE details, the only possibility is to check the real differences between the relevant firmware releases.…
Read more ⟶

EMBA version 1.3.1 is out now


What happened since the last EMBA release? There was the absolute great #Hackersummercamp with our talks at BSidesLV, ICS Village (DEF CON) and Black Hat (Arsenal). The recording of the BSides talk is already available here. Beside this, Nate did a really great talk at BruCON – see here. Beside a lot of code cleanup, bug fixing and some little improvements the new firmware diffing mode is one of the highlights in version 1.…
Read more ⟶

AI supported firmware analysis


EMBA - The AI powered firmware security analyzer Why not use AI for firmware analysis? This is the idea we had since the public release of OpenAI’s GPT-3 and GPT-4 earlier this year. We started testing OpenAI’s ChatGPT for different possible usage scenarios like the integration of further CVE explanation: Additionally, we thought about a quick lookup for potential exploit code or POC’s: It can be seen that the available information is quite limited because of the limited dataset for these types of requests.…
Read more ⟶

EMBA version 1.1.2 is out now


Version 1.1.2 - Knight Rider Edt. of EMBA is out
Read more ⟶

EMBA version 1.1.0 is out now


Version 1.1.0 - Las Vegas Edt. of EMBA is out
Read more ⟶

EMBA goes to Vegas baby


It’s official, in August Pascal and myself will present the firmware security analyzer EMBA at Black Hat and DEF CON in Las Vegas. We are super excited and happy to have the possibility to show you the best firmware scanner on the best stage! As this is not enough, we are planning to release a huge update for EMBA … stay tuned You can find further details at the Black Hat USA Arsenal page and the DEF CON 30 forum…
Read more ⟶

EMBA Version 1.0.0 is out now


Version 1.0.0 - Singapore Edt. of EMBA is out
Read more ⟶

Join us at Black Hat Asia


You can attend the Black Hat Business Hall for free - check it out and join our talk on firmware analysis with EMBA here.…
Read more ⟶

EMBA v0.9.0 - Munich Edt released


1500 pull requests for version 0.9.0
Read more ⟶