Awesome
EmbedOS
EmbedOS - Embedded security testing operating system based on Ubuntu 18.04 preloaded with firmware security testing tools. The virtual machine can be downloaded and imported as an OVF file into VirtualBox or VMWare.
Download Link
The most recent version is 2020.2 from October 2020 and can be downloaded via the following links:
shasum -a 256 EmbedOS_2020.2-disk1.vmdk
f95f8c72e6dc1a57369a37ed4699c50a6ce7c0f7d86b23715a031151e09c4635 EmbedOS_2020.2-disk1.vmdk
shasum -a 512 EmbedOS_2020.2-disk1.vmdk
6db0142ddcd63e8096f3a97ca5d964862ea1d80aa71f07095fe5da0ced075d1446998fc13f9062cb22145589129a2ee2849f3f55e7c4b2bbcd0725afba8e3b55 EmbedOS_2020.2-disk1.vmdk
Alternative download site available soon
Credentials
Username: embedos
Password: embeddedappsec
Tools (~/tools)
- Firmware Analysis Toolkit
- Firmware Analysis Comparison Toolkit (FACT) : Not fully installed. More disk space required.
- fwanalyzer
- ByteSweep
- Firmwalker
- Checksec.sh
- Binwalk
- QEMU
- Firmadyne
- Firmware Modification Kit
- OpenOCD
- Flashrom
- minicom
- ubi_reader
- uboot write
- elfutils
- pax-utils
- prelink
- lddtree
plus more...
Some of the above tools will install additional dependencies not listed here such as radare2, cwe-checker, and others.
Vulnerable Firmware (~/firmware)
- Mirai affected firmware (DVR based)
- Damn Vulnerable Router Project
- IoTGoat
Methodology (~/Desktop/Firmware-Security-Testing-Methodology.pdf)
- Firmware Security Testing Methodology - See the following repository for further details https://scriptingxss.gitbook.io/firmware-security-testing-methodology/
Feedback
If you would like to contribute or provide feedback to improve this virtual machine, submit a pull request or get in touch over Twitter @scriptingxss.