FACT_core
by fkie-cad
FACT is an automated firmware analysis and comparison tool that enables deep inspection, visualization, and vulnerability assessment of firmware components through a unified web interface and API.
Firmware Analysis and Comparison Tool
Primary Use Case
FACT is primarily used by security researchers, firmware analysts, and forensic investigators to identify functionality, components, and potential security weaknesses in black box firmware. It automates manual firmware analysis tasks, providing browsable, searchable, and comparable results to streamline vulnerability discovery and forensic investigations.
- Automated firmware unpacking and analysis
- Browsable, searchable, and comparable analysis results
- HTML/JS/CSS-based web interface for easy visualization and navigation
- REST-like HTTP API with integrated SwaggerUI for automation and integration
- File tree rendering of firmware components
- Tag-based highlighting of relevant analysis findings
- Support for multiple concurrent processes to leverage multi-core systems
- Download options for firmware and components for further analysis
Installation
- Ensure system meets minimal requirements: 4 cores, 8 GB RAM, 10 GB disk space
- Preferably use recommended specs: 16 cores, 64 GB RAM, 10+ GB disk space
- Install on supported Linux distributions: Debian 12, Ubuntu 22.04/24.04, Linux Mint 21/22, Kali (experimental)
- Clone the repository from GitHub
- Run the provided installer script or follow the setup instructions in the documentation
- Allocate sufficient disk space for unpacked files and analysis results, possibly on a separate partition
- Start the FACT web interface locally or share it over the network
Usage
>_ fact-cli analyze <firmware-file>Analyze a firmware sample to generate unpacking and vulnerability reports
>_ fact-cli serveStart the FACT web interface server locally for interactive analysis
>_ curl http://localhost:8080/api/swagger-ui/Access the integrated SwaggerUI to explore and interact with the REST-like API
- Integrate FACT into firmware development pipelines to automate vulnerability detection early in the SDLC.
- Use FACT's REST API to build custom dashboards correlating firmware vulnerabilities with threat intelligence feeds.
- Leverage FACT for purple team exercises to simulate firmware compromise and improve detection capabilities.
- Combine FACT with dynamic analysis tools to enhance firmware behavioral analysis and uncover hidden threats.
- Deploy FACT in incident response workflows to accelerate forensic investigations of compromised embedded devices.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about FACT_core. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
This tool hasn't been indexed yet. Request indexing to enable AI chat.
Admin will review your request within 24 hours
Related Tools
owasp-fstm
scriptingxss/owasp-fstm
The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with conducting firmware security assessments.
python-client
onekey-sec/python-client
Official Python API client for ONEKEY