Skip to main content
POST
/
v1
/
evidence
/
firmware
Analyze firmware binary for security
curl --request POST \
  --url https://api.usenabla.com/v1/evidence/firmware \
  --header 'Content-Type: application/json' \
  --header 'X-Customer-Key: <api-key>' \
  --data '
{
  "name": "iot-device-firmware",
  "content_base64": "f0VMRgIBAQAAAAAAAAAAAA==",
  "file_name": "firmware-v2.6.11.bin"
}
'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "name": "<string>",
  "detected_format": "elf",
  "strings": [
    "<string>"
  ],
  "security_features": [
    "nx"
  ],
  "findings": [
    "MED: NX/DEP bit not enabled",
    "LOW: Stack canaries not detected"
  ],
  "architecture": "x86_64",
  "entry_point": "0x401000",
  "cfg_mermaid": "<string>",
  "mappings": [
    {
      "framework": "nist_800_53",
      "control": "SI-16",
      "rationale": "Binary hardening feature 'nx' contributes to memory protection"
    }
  ],
  "pfr_assessment": {},
  "artifacts": [
    {
      "filename": "nist80053-assessment.json",
      "content_type": "application/json",
      "content_base64": "<string>",
      "size_bytes": 123,
      "diagram": "<string>"
    }
  ]
}

Authorizations

X-Customer-Key
string
header
required

Customer API key for authentication

Body

name
string
required

Name for the firmware analysis

Example:

"iot-device-firmware"

content_base64
string
required

Base64-encoded firmware binary

Example:

"f0VMRgIBAQAAAAAAAAAAAA=="

file_name
string

Original filename (optional)

Example:

"firmware-v2.6.11.bin"

Response

Firmware analysis completed

id
string<uuid>
required
name
string
required

Firmware name

detected_format
enum<string>
required

Detected binary format

Available options:
elf,
pe,
mach_o,
wasm,
raw
strings
string[]
required

Extracted ASCII strings (max 200)

security_features
enum<string>[]
required

Detected security features

Available options:
nx,
aslr,
stack_canary,
cfi,
fortify,
pie,
relro,
signed
findings
string[]
required

Security findings with severity (CRITICAL, HIGH, MED, LOW, INFO)

Example:
[
  "MED: NX/DEP bit not enabled",
  "LOW: Stack canaries not detected"
]
architecture
string

CPU architecture

Example:

"x86_64"

entry_point
string

Entry point address

Example:

"0x401000"

cfg_mermaid
string

Control Flow Graph in Mermaid format (if available)

mappings
object[]

Mappings to compliance frameworks

pfr_assessment
object

NIST SP 800-193 Platform Firmware Resilience assessment

artifacts
object[]