/embark

EMBArk - The firmware security scanning environment

Primary LanguagePythonMIT LicenseMIT

EMBArk - The firmware security scanning environment

About

EMBArk is a tool for centralized firmware analyzing. Scan, Identify, Track, Report. Built to be simple but powerful. It's the web-based enterprise interface for the firmware security scanner EMBA. It is developed to provide the firmware security analyzer EMBA as a service with feature-packed UI and to improve accessibility to the firmware scanning backend EMBA regardless of the system and operating system. Furthermore, EMBArk improves the data provision by aggregating the various scanning results in an aggregated management dashboard.

Watch EMBArk

Important

  • The new Tracking application currently doesn't work offline.
  • The device, Vendor and version tracking aren't fully integrated into all dashboards yet.
  • the only supported OS at this time is Ubuntu LTS (22.04)

Quick-Start

git clone https://github.com/e-m-b-a/embark.git; cd embark; sudo ./installer.sh -d

sudo ./run-server.sh [-a <IP/HOSTNAME>] [-h]

Automated setup on Ubuntu 22.04 LTS

  1. Checkout the repository (e.g. git clone https://github.com/e-m-b-a/embark.git)
  2. Change directory to root of the repository i.e cd embark
  3. Run sudo ./installer.sh -d to run the default installation.
  4. Further details are available in the wiki (See installation)

EMBArk is using the firmware security scanner EMBA as backend. You can take a look at the EMBA repository and get more information about usage of EMBA in the wiki. Additionally you should check the EMBArk wiki.

Start Server

To start the EMBArk-Server simply run $ sudo ./run-server.sh. This starts the http-Server on 0.0.0.0:80

Note: The default server name is "embark.local" and has to be resolved via host files or a DNS-server.
If you want to query the server using an IP or other hostname please use the -a option. (multiple inputs supported)

Upgrading

  • Use the export-DB.sh to back up your database
  • Just pull and restart
  • Usually, upgrading does NOT require a reinstallation (reinstalling will delete all files and the database completely)

Developer

For developers, we recommend simply using: sudo ./installer.sh -F and the ./dev-tools/debug-server-start.sh script.

Get involved

The IoT is growing, the development is ongoing, and there are many new features that we want to add. We welcome pull requests and bug reports or feature requests via issues on GitHub.

Acknowledgement

This project was originally initiated by Siemens Energy as AMOS project in cooperation with the FAU.

See also the original EMBArk AMOS project and AMOS.