EmbedOS
EmbedOS - Embedded security testing operating system based on Ubuntu 18.04 preloaded with firmware security testing tools. The virtual machine can be downloaded and imported as an OVF file into VirtualBox or VMWare.
Download Link
Alternative download site available soon
Credentials
Username: embedos
Password: embeddedappsec
Tools (~/tools)
- Firmware Analysis Toolkit
- Firmware Analysis Comparison Toolkit (FACT) : Not fully installed. More disk space required.
- fwanalyzer
- ByteSweep
- Firmwalker
- Checksec.sh
- Binwalk
- QEMU
- Firmadyne
- Firmware Modification Kit
- OpenOCD
- Flashrom
- minicom
- ubi_reader
- uboot write
- elfutils
- pax-utils
- prelink
- lddtree
plus more...
Some of the above tools will install additional dependencies not listed here such as radare2, cwe-checker, and others.
Vulnerable Firmware (~/firmware)
- Mirai affected firmware (DVR based)
- Damn Vulnerable Router Project
- IoTGoat
Methodology (~/Desktop/Firmware-Security-Testing-Methodology.pdf)
- Firmware Security Testing Methodology - See the following repository for further details https://github.com/scriptingxss/owasp-fstm/
Feedback
If you would like to contribute or provide feedback to improve this virtual machine, submit a pull request or get in touch over Twitter @scriptingxss.