Skip to content

SBOM environment

Jump to bottom
Michael Messner edited this page Oct 11, 2024 · 47 revisions

The main goal of EMBA was always to get an accurate real live overview of the threads for the firmware image that is currently analyzed. While a few years ago the target audience were only pentesters, in today’s EMBA world also software developers, product owners and product security teams are using her to achieve different goals.

Over the time EMBA is grown and today she is not only a firmware analyzer anymore. Nowadays, EMBA is used to test every little piece of unknown binary. While the main interest stays on analyzing Linux based firmware, we can see that EMBA is also used for UEFI, Windows binaries, Linux binaries, Scripts, Android APKs and a lot of other stuff. Beside the high fragmentation of the targets under test, we have seen a growing demand for SBOM generation. EMBA includes some kind of basic SBOM support for ages, but as most of our analyzed firmware images do not rely on package managers, we have not seen the demand for supporting them on a broad base till today.

Now, we have adjusted our approach to support a broad range of package managers, packet types and further sources for getting an accurate SBOM out of every testing candidate.

Beside our binary analysis mechanism as SBOM source EMBA is now able to extract details from the following sources:

  • Binaries and libraries (as before via module s09 - excluded from quick sbom profile)
  • Linux Kernel (via module S24 - could take quite long)
  • Linux Kernel (extracted from kernel modules - module s25)
  • Kernel modules (via module s25)
  • Linux distribution identification (via module s06)
  • RPM package management system (via module S08)
  • Debian package management system (via module S08)
  • OpenWRT Package management system (via module S08)
  • Python PIP package management system (via module S08)
  • Python requirements files (via module S08)
  • RPM packages (via module S08)
  • DEB packages (via module S08)
  • FreeBSD pkg packages (via module S08)
  • Java archives (jar, war - via module S08)
  • Alpine APK
  • Python poetry
  • Python wheel
  • Rust (cargo.lock)
  • Ruby (gem)
  • JavaScript - npm
  • Windows binary exif data
  • Windows binary extraction and analysis

EMBA - firmware security scanning at its best

Sponsor EMBA and EMBArk:

The EMBA environment is free and open source!

We put a lot of time and energy into these tools and related research to make this happen. It's now possible for you to contribute as a sponsor!

If you like EMBA you have the chance to support future development by becoming a Sponsor

Thank You ❤️ Get a Sponsor
You can also buy us some beer here ❤️ Buy me a coffee

To show your love for EMBA with nice shirts or other merch you can check our Spreadshop

EMBA - firmware security scanning at its best

Clone this wiki locally