I just learned about Firminator. Sad that it has been around for some time and I am just noticing it. 😦 They are looking for donations:
The first (afaik) open source (wannabe) firmware vulnerability scanner.
Firminator goal is to provide static & dynamic analysis of firmwares. For the dynamic analysis the firmwares will be emulated using firmadyne.
FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware. It includes the following components:
* modified kernels (MIPS: v2.6.32, ARM: v4.1, v3.10) for instrumentation of firmware execution;
* a userspace NVRAM library to emulate a hardware NVRAM peripheral;
* an extractor to extract a filesystem and kernel from downloaded firmware;
* a small console application to spawn an additional shell for debugging;
* and a scraper to download firmware from 42+ different vendors.
We have also written the following three basic automated analyses using the FIRMADYNE system.
* Accessible Webpages: This script iterates through each file within the filesystem of a firmware image that appears to be served by a webserver, and aggregates the results based on whether they appear to required authentication.
* SNMP Information: This script dumps the contents of the public and private SNMP v2c communities to disk using no credentials.
* Vulnerability Check: This script tests for the presence of 74 vulnerabilities using exploits from Metasploit and other sources.