-
-
Notifications
You must be signed in to change notification settings - Fork 238
Referring sites and talks
Michael Messner edited this page Dec 3, 2024
·
77 revisions
- Industrial Embedded Systems Hardware Penetration Testing Course - Udemy course
- NanoKVM vulnerability report based on EMBA run - Github issue
- One Day Pentest - Post
- Basics of EMBA: A Firmware Analyze Tool for Cybersecurity - Medium article
- Reverse Engineering the Eufy Ecosystem: A Deep Dive into Security Vulnerabilities and Proprietary Protocols - Paper
Intro page | EMBA note |
---|---|
- SET-TOP BOX RE: 6-PART SERIES - Blogpost
- 0xFFF: Understanding Unknown Binaries - Firmware Recon - Blogpost
Main article | Intro with EMBA shoutout |
---|---|
- Firmware Guide for Pen Testers - Blogpost
- Crowdstrike: The Aftermath - PSW #836
PSW in action | EMBA in the PSW |
---|---|
- THIS WEEK IN SECURITY: SNOWFLAKE, THE CVD TENSION, AND KASPERSKY’S EXIT — AND BREAKING BSOD - Hackaday weekly news
News overview | EMBA in the weekly news |
---|---|
- CyMed: A Framework for Testing Cybersecurity of Connected Medical Devices - Paper [EN]
Paper abstract | EMBA in the paper |
---|---|
- ECLYPSIUM TOOLBOX: EXTENDING SUPPLY CHAIN SECURITY TO NEW IT/OT/IOT DEVICES - Blog
Introduction | Eclypsium Toolbox |
---|---|
- ERS0: Enhancing Military Cybersecurity with AI-Driven SBOM for Firmware Vulnerability Detection and Asset Management - Paper / 16th International Conference on Cyber Conflict: Over the Horizon
Introduction | Evaluation of SBOM matching |
---|---|
- Using Open Source and Built-In Tools for Supply Chain Validation - Eclypsium webinar
Analyzing Firmware with EMBA | EMBA Tips and Tricks |
---|---|
- Internet of Things Security: Firmware Approach - Paper
- Corpus Christi: Establishing Replicability when Sharing the Bread is Not Allowed - Paper
- A Crash Course in Hardware Hacking Methodology: The Ones and Zeros - Article
- Packet Protector PP009: Don't Forget the Firmware - Podcast
PP009 | EMBA reference |
---|---|
- 20 essential open-source cybersecurity tools that save you time - Article
Introduction | EMBA reference |
---|---|
- LINUX SUPPLY CHAIN VALIDATION CHEAT SHEET - Blog
Introduction | EMBA reference |
---|---|
- Blackbox-Fuzzing of IoT Devices Using the Router TL-WR902AC as Example - Paper
Introduction | EMBA in the paper |
---|---|
Agenda | EMBA on stage |
---|---|
- SNHACK Attack: How Hackers Could Turn Your Smart Pet Feeder into an All-You-Can-Eat Buffet - Post
Paper intro | EMBA reference |
---|---|
- FITS: Inferring Intermediate Taint Sources for Effective Vulnerability Analysis of IoT Device Firmware - Paper
Paper intro | EMBA reference |
---|---|
- FLATLINED: ANALYZING PULSE SECURE FIRMWARE AND BYPASSING INTEGRITY CHECKING - Blog
Paper intro | EMBA results |
---|---|
- Automated firmware security static analysis tools - Blog
- Multiple vulnerabilities in Lantronix EDS-MD IoT gateway for medical devices - Pentagrid advisory
- Difficulties in Dynamic Analysis of Drone Firmware and Its Solutions - Paper
- EXPLORING EMBA: UNRAVELING FIRMWARE SECURITY WITH CONFIDENCE by Paul Asadoorian - Link
- HELP NET SECURITY - EMBA: Open-source security analyzer for embedded devices - Link
- Paul's Security Weekly - LogoFAIL, Default Passwords and Android Hacking – PSW #810
- Unveiling Vulnerabilities: A Deep Dive into WiFi Camera Security - Link [EN]
- You can learn some more IoT stuff with EMBA at Hard box training [EN]
- 41 Open-source and Free Vulnerability Scanners For Pentesting and Web App Security - Link [EN]
- BrucCON 0x0F Talk by Nate Warfield - Ghost in the machine - Schedule/Slides/Recording [EN]
Picture from live BruCON (thx to @twallutis) | EMBA on the stream |
---|---|
- Software Bill of Materials (SBOM) in Practice - Link [EN]
- Free IoT Security Seminar by KU Leuven - Web site [EN]
Training overview | EMBA in Walkthrough documentation |
---|---|
- PRACTICAL IOT HACKING Training - Black Hat USA 2023 [EN]
Training overview | EMBA live in class |
---|---|
- Leveraging EMBA for Static Firmware Vulnerability Analysis in Physical Security Products - Blog post [EN]
Our Open-Source Initiative with EMBA | Example report |
---|---|
- Report on Qubo IoT Device Vulnerability (CVE-2023-22906) - Paper [EN]
CVE-2023-22906: Introduction | CVE-2023-22906: EMBA |
---|---|
- ISSA Talk by Nate Warfield - Building on Shaky Ground: Unveiling the Vulnerabilities of Firmware - Schedule/Slides [EN]
EMBA: Overview | EMBA: Vulnerability Research |
---|---|
- VENDOR RE-USE OPENS THE APERTURE ON MANY VULNERABILITIES - Blog post from Nate Warfield [EN]
- Small term paper on the topic of the Internet of Vulnerable Things by Tobias Müller - Hochschule Offenburg Paper/Github page [EN]
- Shmoocon 2023 firetalk by Amit Serper - A 15-minute Crash Course to Building your Own IoT Hacking Lab at Home Schedule/Slides [EN]
Intro | From a binary blob to a Linux filesystem |
---|---|
- DEF CON 30 Talk by Jay Lagorio - Tear Down this Zywall: Breaking Open Zyxel Encrypted Firmware Schedule/Slides/Recording [EN]
DEF CON | EMBA: The future |
---|---|
- How to Search for Vulnerabilities in Embedded Software (June 2021) [EN]
- HackTricks book [EN]
- OWASP Firmware Security Testing Methodology [EN]
- embedsysweekly.com newsletter issue 84 [EN]
- libhunt.com repository summary [EN]
- Summary video AMOS development project for EMBArk [EN]
- Awesome Embedded and IoT Security list [EN]
- IoTSecurity101 [EN]
EMBA - firmware security scanning at its best
Sponsor EMBA and EMBArk:
The EMBA environment is free and open source!
We put a lot of time and energy into these tools and related research to make this happen. It's now possible for you to contribute as a sponsor!
If you like EMBA you have the chance to support future development by becoming a Sponsor
Thank You ❤️ Get a Sponsor
You can also buy us some beer here ❤️ Buy me a coffee
To show your love for EMBA with nice shirts or other merch you can check our Spreadshop
EMBA - firmware security scanning at its best