fkie-cad/FACT_core: Firmware Analysis and Comparison Tool

The Firmware Analysis and Comparison Tool (formerly known as Fraunhofer's Firmware Analysis Framework (FAF)) is intended to automate most of the firmware analysis process. It unpacks arbitrary firmware files and processes several analysis. Additionally, it can compare several images or single files.
Furthermore, Unpacking, analysis and compares are based on plug-ins guaranteeing maximal flexibility and expandability.
More details and some screenshots can be found on our project page.

Requirements

FACT is designed as a multiprocess application, the more Cores and RAM, the better.

Minimal	Recommended	Software
4 Cores 8GB RAM	16 Cores 64GB RAM	Ubuntu (16.04 or 18.04) Python 3.5 or above

It is possible to install FACT on any Linux distribution but the installer is limited to Ubuntu 16.04 and 18.04 at the moment.

❗️ Caution: FACT is not intended to be used as public internet service. The GUI is not a hardened WEB-application and it may take your server at risk!

Installation

The installation is generally wrapped in a single script. Some features can be selected specifically though. See INSTALL.md for details.

Usage

You can start FACT by executing the start_all_installed_fact_components scripts. The script detects all installed components automatically.

$ ./start_all_installed_fact_components

Afterwards FACT can be accessed on http://localhost:5000 and https://localhost (nginx), respectively.

You can shutdown the system by pressing Ctrl + c or by sending a SIGTERM to the start_all_installed_faf_components script.

Advanced Usage

🔥 We're currently working to improving our documentation, including installation, getting started and alike. Follow progess on our wiki pages. ✌️

REST API

FACT provides a REST API. More information can be found here.

User Management

FACT provides an optional basic authentication, role and user management. More information can be found here.

List of available community plug-ins and REST scripts

Plug-ins
- Firmadyne
REST
- FACT Search and Download
- PDF Report Generator

Contribute

The easiest way to contribute is writing your own plug-in. Our Developers Manual can be found here.

Acknowledgments

This project is partly financed by German Federal Office for Information Security (BSI) and others.

License

    Firmware Analysis and Comparison Tool (FACT)
    Copyright (C) 2015-2019  Fraunhofer FKIE

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
    
    Some plug-ins may have different licenses. If so, a license file is provided in the plug-in's folder.