Skip to content

EMBA v1.5.2 - SBOM - The next generation

Latest
Latest
Compare
Choose a tag to compare
@m-1-k-3 m-1-k-3 released this 11 Mar 08:38
· 51 commits to master since this release
v1.5.2-SBOM-next-generation-EMBA
fbe1811
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

We need to talk about serious SBOM tooling! The CRA will hit us all ... quite hard and very soon. Check the dates (from Wikipedia):

image

And check the SBOM requiremenents here:

image

To give it a bump there are also some penalties if you are not able to fulfill the CRA:

image

We have seen this coming a while ago and decided to move EMBA from the firmware analyzer to the SBOM tool (without loosing our main competence in firmware analysis). During the last months we have rewritten main parts of EMBA to ensure we can build SBOMs. The goal was not only to build some SBOM ... our goal was always to build SBOMs that provide more value, are reproducible and accurate. This also includes targets where no package manager is available but also systems with multiple package managers.

The following highlights happened somehow during the last weeks:

  • cve-bin-tool integration for module f17 resulted in a rewrite of f20 (which was completely removed for this release)
  • SBOM VEX support via module f17 (integrated into the main SBOM but also available seperated)
  • Further sources for SBOM generation are supported - Check our wiki
  • Improved S09 threading by @gluesmith2021
  • Massive bug fixing - more and more bug reports from our fellow EMBA users are coming in
  • More and more users are also helping in fixing stuff ... thank you for supporting EMBA
  • Improved the system check on EMBA startup resulted in speeding up EMBA
  • Improved our quality checking process of newly built EMBA base images
  • Integrated auto generation of kernel and gcc data into our github pipeline (available in config directory)

Beside your ongoing support with feedback, testing, working on issues and spreading EMBA you can now also support EMBA as a sponsor.
image

Check it out here and start being an essential part of the future of EMBA

It is always a pleasure to welcome new contributors to EMBA. This time we welcome:

How can you reach us and stay up to date? Just take one of these channels:

Now, start your fresh Kali Linux (put enough CPU power and RAM into it) and install EMBA:

└─$ git clone https://github.com/e-m-b-a/emba.git
└─$ cd emba 
└─$ sudo ./installer.sh -d

This will install all pre-requisites, including the docker base image and the CVE database, which will need some bandwith, harddrive space and time.

Afterwards, you are ready to analyse your first firmware with EMBA:

└─$ sudo ./emba -l ~/log -f ~/firmware -p ./scan-profiles/quick-scan.emba

For updating your oudated EMBA installation, please check the update section in our wiki.

What's Changed

  • Fix missing kernel config analysis because of lKCONFIG_EXTRACTED/KCON… by @chconil in #1415
  • Metasploit database update by @github-actions in #1417
  • CISA known exploited database update by @github-actions in #1418
  • Snyk database update by @github-actions in #1419
  • Snyk database update by @github-actions in #1421
  • CISA known exploited database update by @github-actions in #1420
  • Version identifier bugs / New binwalk with improved decryptor by @m-1-k-3 in #1416
  • fix s118 threading output / p99 csv by @m-1-k-3 in #1423
  • Snyk database update by @github-actions in #1427
  • Metasploit database update by @github-actions in #1424
  • CISA known exploited database update by @github-actions in #1425
  • Quick version identifier update by @github-actions in #1426
  • p65 rpm, fixes, cleanup by @m-1-k-3 in #1428
  • Quick version identifier update by @github-actions in #1432
  • CISA known exploited database update by @github-actions in #1431
  • Metasploit database update by @github-actions in #1430
  • add ipk module, fix rpm db module by @m-1-k-3 in #1429
  • remove grep log by @m-1-k-3 in #1437
  • fix x86 run script by @m-1-k-3 in #1435
  • update copyright 2025 by @m-1-k-3 in #1438
  • Metasploit database update by @github-actions in #1440
  • CISA known exploited database update by @github-actions in #1441
  • Snyk database update by @github-actions in #1442
  • Initial json logger by @m-1-k-3 in #1444
  • Little error handling updates by @m-1-k-3 in #1443
  • Snyk database update by @github-actions in #1447
  • CISA known exploited database update by @github-actions in #1446
  • Metasploit database update by @github-actions in #1445
  • Metasploit database update by @github-actions in #1449
  • CISA known exploited database update by @github-actions in #1450
  • Snyk database update by @github-actions in #1451
  • CISA known exploited database update by @github-actions in #1454
  • Snyk database update by @github-actions in #1455
  • Update grype.yml by @BenediktMKuehne in #1456
  • Manual update GCC and kernel release configs by @m-1-k-3 in #1457
  • Add gcc and linux workflow by @m-1-k-3 in #1460
  • Fix empty results from S09 because of "grep: Argument list too long" by @gluesmith2021 in #1461
  • CVE bin tool integration, VEX support -> F20 replacement by @m-1-k-3 in #1452
  • S09 unique bins by @m-1-k-3 in #1465
  • Snyk database update by @github-actions in #1469
  • CISA known exploited database update by @github-actions in #1468
  • Metasploit database update by @github-actions in #1467
  • Effective (and fast) S09 threading by @gluesmith2021 in #1462
  • Linux kernel version database update by @github-actions in #1470
  • SBOM: C/C++ Conan package management integration by @m-1-k-3 in #1473
  • disabled status-bar for embark by @BenediktMKuehne in #1459
  • Revert "disabled status-bar for embark" by @BenediktMKuehne in #1474
  • fix results from race condition in MD5 list generation by @gluesmith2021 in #1471
  • S115 #1476 by @m-1-k-3 in #1477
  • CISA known exploited database update by @github-actions in #1481
  • Metasploit database update by @github-actions in #1480
  • Snyk database update by @github-actions in #1482
  • Linux kernel version database update by @github-actions in #1479
  • little fixes and cleanup by @m-1-k-3 in #1483
  • Foscam extraction (P20) fixes by @m-1-k-3 in #1484
  • CVE update db by @m-1-k-3 in #1486
  • Metasploit database update by @github-actions in #1488
  • Snyk database update by @github-actions in #1491
  • Quick version identifier update by @github-actions in #1490
  • CISA known exploited database update by @github-actions in #1489
  • Linux kernel version database update by @github-actions in #1487
  • fixing bugs by @m-1-k-3 in #1492
  • SBOM cpan/php/python module by @m-1-k-3 in #1493
  • Installer fixes by @m-1-k-3 in #1495
  • Remove dep checker for container by @m-1-k-3 in #1494
  • Ensure SBOM is valid by @m-1-k-3 in #1498
  • S26 issue - add further deps by @m-1-k-3 in #1496
  • Fix s118 log by @m-1-k-3 in #1499
  • Linux kernel version database update by @github-actions in #1501
  • CISA known exploited database update by @github-actions in #1503
  • Metasploit database update by @github-actions in #1502
  • Snyk database update by @github-actions in #1504
  • No findings no log/Installer warning by @m-1-k-3 in #1500
  • max_pid_protections to named references by @m-1-k-3 in #1505
  • bump version v1.5.2 by @m-1-k-3 in #1506

New Contributors

Full Changelog: v1.5.1-rise-from-the-dead...v1.5.2-SBOM-next-generation-EMBA

Contributors

m-1-k-3, BenediktMKuehne, and 2 other contributors
Assets 2
Loading
1 Join discussion