Kali
OFRAK (Open Firmware Reverse Analysis Konsole) is a binary analysis and modification platform. OFRAK combines the ability to: OFRAK supports a range of embedded firmware file formats beyond userspace executables, including: OFRAK equips users with: See ofrak.com for more details. GUI Frontend The web-based GUI view provides a navigable resource tree. For the selected resource, …
Continue reading “OFRAK : Unpack, Modify, And Repack Binaries”
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and debugging of baseband firmware images. See the FirmWire documentation to get started! Installation The recommended way of using FirmWire is by using the supplied Dockerfile. To build the docker file, execute the following commands: git clone https://github.com/FirmWire/FirmWire.gitcd FirmWiregit clone https://github.com/FirmWire/panda.gitThis …
Continue reading “FirmWire : b Full-System Baseband Firmware Emulation Platform”
Bn-Uefi-Helper is a tool to helper plugin for analyzing UEFI firmware. This plugin contains the following features: Apply the correct prototype to the entry point function Fix segments so all segments are RWX and have the correct semantics This allows for global function pointers to be rendered correctly Apply types for core UEFI services (from …
Continue reading “Bn-Uefi-Helper : Helper Plugin For Analyzing UEFI Firmware”
UEFI_RETool is a tool for UEFI firmware reverse engineering. UEFI firmware analysis with uefi_retool.py script Usage Copy ida_plugin/uefi_analyser.py script and ida_plugin/uefi_analyser directory to IDA plugins directory Edit config.json file PE_DIR is a directory that contains all executable images from the UEFI firmware DUMP_DIR is a directory that contains all components from the firmware filesystem LOGS_DIR …
Continue reading “UEFI_RETool : A Tool For UEFI Firmware Reverse Engineering”
The IoTGoat Project is a deliberately insecure firmware based on OpenWrt. The project’s goal is to teach users about the most common vulnerabilities typically found in IoT devices. The vulnerabilities will be based on the IoT Top 10 as documented by OWASP: https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project. To get started with developing IoTGoat challenges, review the Build Environment Guidance …
Continue reading “IoTGoat : A Deliberately Insecure Firmware Based On OpenWrt”
Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware. Research Paper We present our approach and the findings of this work in the following research paper: Detecting Insecure Multi-binary Interactions in Embedded Firmware [PDF] Nilo Redini, Aravind Machiry, Ruoyu Wang, Chad Spensky, Andrea Continella, Yan Shoshitaishvili, Christopher Kruegel, Giovanni Vigna. To …
Firmware analysis toolkit is a toolkit to emulate firmware and analyse it for security vulnerabilities. FAT is a toolkit built in order to help security researchers analyze and identify vulnerabilities in IoT and embedded device firmware. Firmware Analysis Toolkit is build on top of the following existing tools and projects : Firmadyne Binwalk Firmware-Mod-Kit MITMproxy …
.png)
