Update README.md

2026-02-20 13:50:42 +00:00 · 2025-08-06 10:40:36 +05:30
parent 5a4a214417
commit c02b40aaaf
1 changed files with 45 additions and 13 deletions
--- a/README.md
+++ b/README.md
@@ -629,19 +629,51 @@
 ********************************************************************************************************************************
 ### Pentesting Firmwares and emulating and analyzing

-#### *Firmware Analysis Tools*
- - [EMBA-An analyzer for embedded Linux firmware](https://p4cx.medium.com/emba-b370ce503602)
- - [FACT-Firmware Analysis and Comparison Tool](https://github.com/fkie-cad/FACT_core)
- - [Binwalk-v3](https://github.com/ReFirmLabs/binwalk/tree/binwalkv3)
- - [fwhunt-scanner-Tools for analyzing UEFI firmware and checking UEFI modules with FwHunt rules](https://github.com/binarly-io/fwhunt-scan)
- - [Qiling](https://github.com/qilingframework/qiling)
- - [fwanalyzer](https://github.com/cruise-automation/fwanalyzer)
- - [ByteSweep](https://gitlab.com/bytesweep/bytesweep)
- - [Firmwalker](https://github.com/craigz28/firmwalker)
- - [Checksec.sh](https://github.com/slimm609/checksec.sh)
- - [QEMU](https://www.qemu.org/)
- - [Firmadyne](https://github.com/firmadyne/firmadyne)
- - [Firmware Modification Kit](https://code.google.com/archive/p/firmware-mod-kit/)
+#### 🔹 Static Firmware Analysis Tools
+- [**EMBA** – Analyzer for embedded Linux firmware (static scanning, reporting)](https://p4cx.medium.com/emba-b370ce503602)
+- [**FACT** – Firmware Analysis and Comparison Tool](https://github.com/fkie-cad/FACT_core)
+- [**Binwalk v3** – Extraction and static filesystem analysis for firmware images](https://github.com/ReFirmLabs/binwalk/tree/binwalkv3)
+- [**Firmwalker** – Greps for credentials/secrets in extracted firmware](https://github.com/craigz28/firmwalker)
+- [**fwanalyzer** – Policy-based static analysis of firmware files](https://github.com/cruise-automation/fwanalyzer)
+- [**fwhunt-scan** – Analyze UEFI firmware, check modules with FwHunt rules](https://github.com/binarly-io/fwhunt-scan)
+- [**ByteSweep** – Modern, multi-arch firmware vulnerability scanner](https://gitlab.com/bytesweep/bytesweep)
+- [**QueryX** – Static taint-tracking and binary analysis for firmware](https://github.com/RiS3-Lab/QueryX)
+- [**FirmGraph** – Builds control/call graphs from firmware binary code](https://github.com/ucsb-seclab/firmgraph)
+- [**BINSEC** – Symbolic/taint-based static analysis of binaries](https://github.com/binsec/binsec)
+- [**Ghidra** – Advanced static disassembly and decompilation](https://github.com/NationalSecurityAgency/ghidra)
+- [**Radare2** – Static/dynamic reverse engineering, disassembly](https://github.com/radareorg/radare2)
+- [**Cutter** – GUI for Radare2 with static/dynamic features](https://github.com/rizinorg/cutter)
+- [**RetDec** – Machine-code decompiler](https://github.com/avast/retdec)
+- [**Diaphora** – Binary diffing for firmware/patch analysis](https://github.com/joxeankoret/diaphora)
+- [**Firmware Modification Kit** – Toolkit for extracting/repacking firmware](https://code.google.com/archive/p/firmware-mod-kit/)
+- [**unblob** – Extraction framework for embedded filesystems/blobs](https://github.com/onekey-sec/unblob)
+- [**fchk** – Security checks for firmware images](https://github.com/IOActive/fchk)
+- [**Checksec.sh** – Checks binary hardening (for firmware ELF files)](https://github.com/slimm609/checksec.sh)
+
+#### 🔸 Dynamic Analysis & Emulation Tools
+- [**Firmadyne** – Automated Linux firmware emulation and analysis](https://github.com/firmadyne/firmadyne)
+- [**QEMU** – System emulator for firmware images](https://www.qemu.org/)
+- [**PANDA** – Platform for architecture-neutral dynamic analysis (record/replay, taint, fuzz)](https://github.com/panda-re/panda)
+- [**Avatar2** – Dynamic firmware analysis/instrumentation](https://github.com/avatartwo/avatar2)
+- [**Renode** – Emulates embedded systems, SoCs, peripherals](https://github.com/renode/renode)
+- [**Unicorn Engine** – Multi-architecture CPU emulator](https://github.com/unicorn-engine/unicorn)
+- [**Bochs** – IA-32 (x86) PC emulator](https://github.com/bochs-dev-team/bochs)
+- [**SymQEMU** – Symbolic execution for Linux binaries](https://github.com/weiwei1116/symqemu)
+- [**HALucinator** – HAL reconstruction for emulated firmware](https://github.com/ucsb-seclab/HALucinator)
+- [**FirmAE** – Automated emulation/analysis of firmware](https://github.com/firmadyne/firmAE)
+- [**Boofuzz** – Network/protocol fuzzing for firmware targets](https://github.com/jtpereyda/boofuzz)
+- [**Syzkaller** – Kernel fuzzer for Linux/firmware](https://github.com/google/syzkaller)
+- [**Dr. Memory** – Dynamic memory analysis (adaptable for firmware)](https://github.com/DynamoRIO/drmemory)
+- [**S2E** – Selective symbolic execution for binary software](https://github.com/S2E/s2e)
+- [**FirmWire** – Baseband firmware emulation (cellular/IoT)](https://github.com/FirmWire/FirmWire)
+
+#### 🟪 Hybrid (Static + Dynamic) & Instrumentation Frameworks
+- [**Firmware Analysis Toolkit (FAT)** – Hybrid static/dynamic workflow for firmware](https://github.com/attify/firmware-analysis-toolkit)
+- [**Angr** – Symbolic execution and hybrid static/dynamic binary analysis](https://github.com/angr/angr)
+- [**Frida** – Dynamic instrumentation toolkit](https://github.com/frida/frida)
+- [**Qiling** – Emulator supporting static/dynamic analysis of binaries/firmware](https://github.com/qilingframework/qiling)
+- [**Radare2/Cutter** – Both support static and dynamic analysis](https://github.com/radareorg/radare2)
+- [**Ret-sync** – Sync reverse engineering across Ghidra/IDA/R2](https://github.com/bootleg/ret-sync)
 
 #### *Resources*
 - [Firmware analysis and reversing](https://www.owasp.org/index.php/IoT_Firmware_Analysis)