Setup a VM for Firmware /IOT analysis

The Internet of Things“ will be a term that we will hear and be confronted more and more in the future. Such a thing can be a person with a heart monitor implant or simply a „smart watch“, „fitness tracker“ or any other embedded device that can be connected or controlled over the internet. Below you’ll see some examples and the list is huge:


I was asking myself what kind of opensource tools do we have to analyze the firmware of embedded/IOT devices and did some researches. In this post I want to show you how you can build your own virtual machine with some opensource tools to get started. First let’s download a preinstalled Image of KALI Linux.

Before starting the VM we have to made sure in the network settings of Virtualbox that our virtual machine has access to the internet.

Tools we want to install:

  • binwalk
  • FAT (Firmadyne,QEMU, Firmware mod kit,firmwalker,mitm proxy)
  • Kdiff3
  • Radare2
  • OpenOCD
  • Flashrom
  • Buidroot
  • GDB-Multiarch
  • GNU radio companion /GQRX
  • RTL-SDR Tools
  • Ubertooth, HackRF Tools
  • Zigbee Tools (Killerbee)

Navigate to:

First let’s install binwalk and the firmware analysis toolkit:

sudo apt-get install binwalk

Install firmadyne and dependencies:

sudo apt-get install busybox-static fakeroot git kpartx
netcat-openbsd nmap python-psycopg2 python3-psycopg2 snmp uml-utilities
util-linux vlan qemu-system-arm qemu-system-mips qemu-system-x86

git clone --recursive

cd ./firmadyne; ./

Edit firmadyne.config and make the FIRMWARE_DIR point to the current location of Firmadyne folder.

Setting up FAT

git clone
mv firmware-analysis-toolkit/ .
mv firmware-analysis-toolkit/ .
chmod +x 
chmod +x

Here, edit the line number 9 which is firmadyne_path = '/root/tools/firmadyne' to the correct path in your system.

Setting up Firmware-mod-kit

sudo apt-get install git build-essential zlib1g-dev liblzma-dev python-magic
git clone

Find the location of binwalk using which binwalk . Modify the file to change the value of variable BINWALK to the value of /usr/local/bin/binwalk (if that is where your binwalk is installed)

Setting up MITM Proxy

apt-get install mitmproxy

Setting up Firmwalker

git clone

sudo apt-get install git build-essential zlib1g-dev liblzma-dev python-magic
git clone

Install Flashrom 0.99

wget apt-get
make && make install

Install Radar2

sudo apt-get install radar2

Install OpenOCD

sudo apt-get install openocd

Install gdb-multiarch

sudo apt-get install gdb-multiarch

Install gnu-radio / gqrx / rtl-sdr

sudo apt-get install gnuradio gqrx rtl-sdr

Install hackrf / ubertooth

sudo apt-get install hackrf ubertooth

Install Killerbee

apt-get install python-gtk2 python-cairo python-usb python-crypto
python-serial python-dev libgcrypt-dev
sudo apt-get install mercurial
hg clone
cd scapy-com
chmod +x
python install
cd ..
git clone
cd killerbee
python install
cd tools/
chmode +x *

Additional Tools (Arduino and XTCU)

sudo apt-get install arduino arduino-core

For XTCU go to the following URL and download the linux binary:

chmod +x


Now we are done and ready to start with some exercise 🙂


Ersten Kommentar schreiben


Deine E-Mail-Adresse wird nicht veröffentlicht.