ONEKEY open sources its high-performance firmware extraction suite

Düsseldorf, July 04, 2022 – With the open-source release of the new binary extraction suite “UNBLOB”, ONEKEY provides a core component of its automated firmware security analysis platform to the infosec community. This will set a new milestone in the battle to raise security to a new level in the field of industrial control and production systems and connected devices.
UNBLOB is an accurate, fast, and easy-to-use extraction suite. UNBLOB parses unknown binary code or data blobs for many different archive, compression, and file-system formats, extracts their content recursively. With UNBLOB, software can be extracted down to the smallest details and presented transparently. “UNBLOB is the perfect tool for extracting and analyzing firmware binary code. In today’s connected world, billions of IoT devices, each with its own individual firmware, are in use. If vulnerable, each one poses a risk to the entire surrounding infrastructure. Through the release of UNBLOB, we empower professional security researchers and security experts around the world to uncover vulnerabilities in industrial and other products and infrastructures contributing to improve the security level of industrial systems and smart devices,” says Jan Wendenburg, CEO of ONEKEY.

Global access to IoT security

ONEKEY operates the leading European platform for automated security, compliance, and software supply chain analysis of IoT, industrial IoT (IIoT), and manufacturing (OT) devices. To do this, ONEKEY automatically constructs a digital twin based off the device’s firmware image, builds a Software Bill of Materials (SBoM) of the software components it contains, and analyzes it for vulnerabilities and configuration issues which could be exploited by hackers. “We want to give experts and interested companies worldwide access to high-performance security tools, enabling the highest possible level of IoT security. Open source is the fastest and strongest community with the will to improve technology. We want to walk the path together with the experts worldwide and therefore deliberately involve them to provide the best tools for software analysis,” continues Jan Wendenburg of ONEKEY. For companies that do not have their own in-depth expert knowledge, ONEKEY offers a comprehensive full-service solution. With this, anyone can independently inspect firmware for critical security vulnerabilities and compliance violations without needing source code, device, or network access.

Crowdsourcing for improved IoT security

UNBLOB open-source software is targeted at professional security researchers and security experts who have the necessary capabilities of analyzing or reverse engineering firmware images. Firmware images are usually distributed as BLOBs (Binary Large Objects) in binary form and therefore cannot be read or analyzed in conventional ways. In addition to providing built-in extraction capabilities for many different archive, compression, and file-system formats, UNBLOB highlights the structure of the firmware and supplies an extensible and ready-to-use framework to add extraction capabilities for custom formats in a matter of hours. “We actively support the development of an international community of security experts focused on analysis and security of IoT assets. Remaining as the weakest link in many ICT infrastructures (I)IoT and OT devices have emerged as a lucrative target for threat actors. Securing these devices and making them resilient to cyber-attacks is a must-have on our way to strengthening our global digital infrastructure,” Wendenburg sums up. Open sourcing UNBLOB will be accompanied by comprehensive demonstrations at two of the most renowned hacker conferences. Quentin Kaiser will present UNBLOB’s capabilities at the upcoming Black Hat Arsenal and DEF CON Demo Labs in Las Vegas. He will be accompanied by Florian Lukavsky and both are looking forward on technical deep dives with the experts.

Please visit for more information and further documentation about UNBLOB.