Skip to content

EMBA v1.3.0 - AI-Assisted Firmware Analysis

Compare
Choose a tag to compare
@m-1-k-3 m-1-k-3 released this 25 Jul 09:49
· 2232 commits to master since this release
8bcb671

Q: Can we use AI for firmware analysis?
A: Sure, let's do it! EMBA now supports AI-assisted firmware analysis.

Again, we rise the bar in the field of Open-Source firmware security analysis. After establishing user-mode emulation or system emulation this time we moved to AI-assisted firmware analysis. More details about our AI integration are available in our Wiki


#Hackersummercamp ahead!
We got the amazing opportunity to show EMBA at the BSides conference in Las Vegas. The schedule is available here.

Additionally, you will find us with a live EMBA demo at Black Hat Arsenal

See you all in Vegas


Beside your ongoing support with feedback, testing, working on issues and spreading EMBA you can now also support EMBA as a sponsor.

image

Check it out here and start being an essential part of the future of EMBA


What's Changed

  • Exit of add_partition in L10 by @m-1-k-3 in #430
  • log dir on dep check by @m-1-k-3 in #428
  • Nikto dep fix by @m-1-k-3 in #429
  • cwe-checker install latest master by @m-1-k-3 in #431
  • Further trickest blacklist entries by @m-1-k-3 in #432
  • Freetzng-fix by @BenediktMKuehne in #433
  • update sub-shell pwd fix by @BenediktMKuehne in #435
  • Add Packetstorm and Snyk PoC sources by @m-1-k-3 in #434
  • Full install fixes by @m-1-k-3 in #436
  • s115 - empty log handling by @m-1-k-3 in #438
  • Minimal cve-search installation / Dependency issues by @m-1-k-3 in #442
  • blacklist update by @m-1-k-3 in #441
  • Introducing module_wait helper function by @m-1-k-3 in #439
  • Fix dependencies by @m-1-k-3 in #445
  • Code cleanup - comments by @m-1-k-3 in #446
  • Copyright updates 2023 by @m-1-k-3 in #447
  • Kernel downloader and vulnerability verifier by @m-1-k-3 in #451
  • cron job fix by @m-1-k-3 in #453
  • L10 improvements, more services by @m-1-k-3 in #454
  • Kernel config analysis by @m-1-k-3 in #455
  • Update the known exploit behaviour by @m-1-k-3 in #458
  • example disable profile by @m-1-k-3 in #457
  • Refactoring by @m-1-k-3 in #462
  • exploit databases updated by @m-1-k-3 in #466
  • S12 - checksec implementation fix by @m-1-k-3 in #463
  • Improve stop of system emulation by @m-1-k-3 in #465
  • Hexagon support by @m-1-k-3 in #467
  • Lighttpd analysis module by @m-1-k-3 in #469
  • s08 safe_echo fix by @m-1-k-3 in #470
  • p35 - true to not fail, s26 - check for files by @m-1-k-3 in #471
  • JTR crack multiple hash types by @m-1-k-3 in #473
  • deprecated -l option by @m-1-k-3 in #476
  • s36 fixes, renamed p61 by @m-1-k-3 in #477
  • System emulator improvements by @m-1-k-3 in #478
  • Respect module blacklist in waiting state / Installer fix by @m-1-k-3 in #479
  • Exploit database update, debug mode, command line tests by @m-1-k-3 in #481
  • Add wordlist mechanism to s109 by @m-1-k-3 in #482
  • csv export of p59, p60 and p70 by @m-1-k-3 in #483
  • disk space monitor, rpm package analysis by @m-1-k-3 in #485
  • Improve output of help command by @m-1-k-3 in #492
  • Setup further workflows by @m-1-k-3 in #490
  • Remove timezone setting by @m-1-k-3 in #494
  • Refactor, PID log, Github actions, APKHunt by @m-1-k-3 in #495
  • Packetstorm database update by @github-actions in #498
  • Snyk database update by @github-actions in #497
  • Metasploit database update by @github-actions in #496
  • Improve restart EMBA analysis feature by @m-1-k-3 in #499
  • Fix install with pip v23+ by @m-1-k-3 in #500
  • Another PIPv23 fix by @m-1-k-3 in #501
  • return if empty by @m-1-k-3 in #502
  • Input validation by @m-1-k-3 in #505
  • Check for update setting by @m-1-k-3 in #504
  • Routersploit update workflow by @m-1-k-3 in #503
  • Dependency checker, workflow by @m-1-k-3 in #506
  • Metasploit database update by @github-actions in #509
  • Snyk database update by @github-actions in #510
  • CISA known exploited database update by @github-actions in #512
  • Packetstorm database update by @github-actions in #514
  • System emulation improvements, workflow by @m-1-k-3 in #515
  • CVE state message printing by @m-1-k-3 in #518
  • Packetstorm database update by @github-actions in #528
  • Snyk database update by @github-actions in #527
  • CISA known exploited database update by @github-actions in #525
  • Routersploit database update by @github-actions in #524
  • Metasploit database update by @github-actions in #523
  • Trickest PoC database update by @github-actions in #526
  • Input adjustment by @m-1-k-3 in #529
  • version validation by @m-1-k-3 in #530
  • PATH variable bug by @m-1-k-3 in #531
  • EMBA v1.2.2 - Blue Hat edt. by @m-1-k-3 in #532
  • Sponsoring issues by @m-1-k-3 in #534
  • Metasploit database update by @github-actions in #536
  • Snyk database update by @github-actions in #539
  • CISA known exploited database update by @github-actions in #537
  • Packetstorm database update by @github-actions in #540
  • L25 improvements / multiple little fixes by @m-1-k-3 in #535
  • L10 module improvements by @m-1-k-3 in #543
  • Metasploit database update by @github-actions in #545
  • Snyk database update by @github-actions in #547
  • Packetstorm database update by @github-actions in #548
  • New version strings (Flex and NBTscan) by @HoxhaEndri in #549
  • L10 improvement round x by @m-1-k-3 in #550
  • links in templates by @m-1-k-3 in #555
  • Freetz extraction module deprecated by @m-1-k-3 in #554
  • fix for #551 by @m-1-k-3 in #553
  • Testing workflows by @BenediktMKuehne in #541
  • Packetstorm database update by @github-actions in #563
  • Snyk database update by @github-actions in #562
  • CISA known exploited database update by @github-actions in #560
  • Metasploit database update by @github-actions in #559
  • Improve web crawler (L25) by @m-1-k-3 in #557
  • Updated installer.sh for "ubuntu debian" /etc/os-release and new version string by @HoxhaEndri in #552
  • SNMP module improvements by @m-1-k-3 in #565
  • Remove warning apt-key is deprecated by @HoxhaEndri in #564
  • update entropy output by @BenediktMKuehne in #566
  • Ignore files containing the following paths: /dev/ /proc/ /sys/ by @HoxhaEndri in #569
  • Fix arch detection in f50 by @m-1-k-3 in #567
  • Install fixes by @m-1-k-3 in #570
  • fix l10 error case by @m-1-k-3 in #571
  • CISA known exploited database update by @github-actions in #573
  • Snyk database update by @github-actions in #575
  • Packetstorm database update by @github-actions in #576
  • Trickest PoC database update by @github-actions in #574
  • Improved default profile handling / running modules script by @m-1-k-3 in #572
  • Fail fetch aspnetcore-targeting-pack when cleaning up by @m-1-k-3 in #579
  • Metasploit database update by @github-actions in #581
  • CISA known exploited database update by @github-actions in #582
  • Packetstorm database update by @github-actions in #585
  • Snyk database update by @github-actions in #584
  • Trickest PoC database update by @github-actions in #583
  • fix actions, fix l10 lnk fixer by @m-1-k-3 in #580
  • remove unneeded resource by @BenediktMKuehne in #586
  • Revert "remove unneeded resource" by @m-1-k-3 in #587
  • SBOM generation fix for non vuln components by @m-1-k-3 in #589
  • Avoiding /proc and /sys paths (-xdev) in symlink script and check for missing symlinks in s115 by @HoxhaEndri in #590
  • Packetstorm database update by @github-actions in #597
  • Snyk database update by @github-actions in #596
  • CISA known exploited database update by @github-actions in #594
  • Metasploit database update by @github-actions in #593
  • Lua script analysis support, UPnP live module, improvements by @m-1-k-3 in #591
  • R.I.P. binwalk by @m-1-k-3 in #598
  • ignore named pipe by @HoxhaEndri in #601
  • Packetstorm database update by @github-actions in #607
  • Snyk database update by @github-actions in #606
  • Metasploit database update by @github-actions in #604
  • apk extraction fix by @m-1-k-3 in #603
  • R2 decompiler integration by @m-1-k-3 in #608
  • url update for sasquatch deb by @m-1-k-3 in #609
  • update ubuntu libssl source by @BenediktMKuehne in #610
  • Small cleanup fixes by @m-1-k-3 in #611
  • Packetstorm database update by @github-actions in #616
  • Snyk database update by @github-actions in #615
  • CISA known exploited database update by @github-actions in #614
  • Metasploit database update by @github-actions in #613
  • Hnap detection support for system emulator by @m-1-k-3 in #612
  • Version 1.2.3 by @m-1-k-3 in #621
  • Packetstorm database update by @github-actions in #626
  • Snyk database update by @github-actions in #625
  • Metasploit database update by @github-actions in #623
  • CISA known exploited database update by @github-actions in #624
  • Multiple bug fixes by @m-1-k-3 in #629
  • Packetstorm database update by @github-actions in #633
  • Snyk database update by @github-actions in #632
  • Metasploit database update by @github-actions in #630
  • CISA known exploited database update by @github-actions in #631
  • Restart emulation improvements by @m-1-k-3 in #634
  • Fix all the things by @m-1-k-3 in #636
  • Metasploit database update by @github-actions in #639
  • Snyk database update by @github-actions in #642
  • Packetstorm database update by @github-actions in #643
  • CISA known exploited database update by @github-actions in #640
  • Trickest PoC database update by @github-actions in #641
  • Routersploit/emulation cleanup/installer by @m-1-k-3 in #646
  • CISA known exploited database update by @github-actions in #649
  • Metasploit database update by @github-actions in #648
  • Packetstorm database update by @github-actions in #652
  • Trickest PoC database update by @github-actions in #650
  • Snyk database update by @github-actions in #651
  • zombie handling by @m-1-k-3 in #647
  • JNAP detection by @m-1-k-3 in #654
  • Metasploit database update by @github-actions in #655
  • CISA known exploited database update by @github-actions in #656
  • Trickest PoC database update by @github-actions in #657
  • Packetstorm database update by @github-actions in #659
  • Snyk database update by @github-actions in #658
  • use env variable CONTAINER to choose the docker container by @HoxhaEndri in #644
  • JNAP unauth check by @m-1-k-3 in #660
  • Packetstorm database update by @github-actions in #665
  • Snyk database update by @github-actions in #664
  • CISA known exploited database update by @github-actions in #662
  • Metasploit database update by @github-actions in #661
  • trickest bl update by @m-1-k-3 in #667
  • Update workflows by @m-1-k-3 in #668
  • Adjust workflows / CWE checker update to v0.7 by @m-1-k-3 in #669
  • CISA known exploited database update by @github-actions in #671
  • Metasploit database update by @github-actions in #670
  • Packetstorm database update by @github-actions in #674
  • Snyk database update by @github-actions in #673
  • trickest blacklist update by @m-1-k-3 in #675
  • Trickest PoC database update by @github-actions in #672
  • s22 tear down functionality by @m-1-k-3 in #677
  • workflow, readme by @m-1-k-3 in #678
  • CISA known exploited database update by @github-actions in #679
  • Snyk database update by @github-actions in #681
  • Packetstorm database update by @github-actions in #682
  • Trickest PoC database update by @github-actions in #680
  • Little cleanups by @m-1-k-3 in #683
  • Extended version string for proftpd by @HoxhaEndri in #684
  • typo, csv cleanup by @m-1-k-3 in #687
  • trickest blacklist update by @m-1-k-3 in #688
  • Metasploit database update by @github-actions in #690
  • CISA known exploited database update by @github-actions in #691
  • Snyk database update by @github-actions in #693
  • Packetstorm database update by @github-actions in #694
  • Trickest PoC database update by @github-actions in #692
  • Fix L15 report by @m-1-k-3 in #695
  • Improve web crawler by @m-1-k-3 in #696
  • Bug fixes by @m-1-k-3 in #698
  • CISA known exploited database update by @github-actions in #700
  • Metasploit database update by @github-actions in #699
  • Packetstorm database update by @github-actions in #703
  • Snyk database update by @github-actions in #702
  • Trickest PoC database update by @github-actions in #701
  • make qnap check strict mode compatible by @m-1-k-3 in #704
  • P60 - lost functions by @m-1-k-3 in #705
  • Semgrep rule disable by @m-1-k-3 in #706
  • Move to pip env for python installation by @m-1-k-3 in #707
  • Sh eval checks by @m-1-k-3 in #710
  • CISA known exploited database update by @github-actions in #712
  • Metasploit database update by @github-actions in #711
  • Snyk database update by @github-actions in #714
  • Packetstorm database update by @github-actions in #715
  • Trickest PoC database update by @github-actions in #713
  • EMBA ChatGPT integration by @BenediktMKuehne in #602
  • load python environment in updater by @m-1-k-3 in #718
  • GPT rating improvements by @m-1-k-3 in #717
  • Release 1.3.0 by @BenediktMKuehne in #719

New Contributors

  • @github-actions made their first contribution in #498
  • @HoxhaEndri made their first contribution in #549

Full Changelog: 1.2.0-London-Calling...1.3.0-AI-for-EMBA