Skip to content

SBOM environment

Michael Messner edited this page Oct 11, 2024 · 47 revisions

One of the goals of EMBA was always to generate an accurate real live overview of the threads from the firmware that is currently analyzed. Over the time EMBA is grown and today she is not only a firmware analyzer anymore. People are using EMBA to test every piece of binary. Out there in the companies is one of the big challenges to create a SBOM for your product environment. EMBA is now prepared todo the job and support your team also in this area.

Currently, the following SBOM sources are supported:

  • Binaries and libraries (as before via module s09 - excluded from quick sbom profile)
  • Linux Kernel (via module S24 - could take quite long)
  • Linux Kernel (extracted from kernel modules - module s25)
  • Kernel modules (via module s25)
  • Linux distribution identification (via module s06)
  • RPM package management system (via module S08)
  • Debian package management system (via module S08)
  • OpenWRT Package management system (via module S08)
  • Python PIP package management system (via module S08)
  • Python requirements files (via module S08)
  • RPM packages (via module S08)
  • DEB packages (via module S08)
  • FreeBSD pkg packages (via module S08)
  • Java archives (jar, war - via module S08)
  • Alpine APK
  • Python poetry
  • Python wheel
  • Rust (cargo.lock)
  • Ruby (gem)
  • PHP composer
  • JavaScript - npm
  • Nix (outputs in /nix/store)
  • Nix flake.lock
  • Python pip .lock
  • Windows binary exif data
  • Windows binary extraction and analysis