What is OFRAK?
OFRAK (Open Firmware Reverse Analysis Konsole) is a binary analysis and modification platform developed by Red Balloon Security. OFRAK combines the ability to:
- Identify and Unpack many binary formats
- Analyze unpacked binaries with field-tested reverse engineering tools
- Modify and Repack binaries with powerful patching strategies
OFRAK supports a range of embedded firmware file formats beyond userspace executables, including:
- Compressed filesystems
- Compressed & checksummed firmware
- RTOS/OS kernels
OFRAK equips users with:
- A Graphical User Interface (GUI) for interactive exploration and visualization of firmware images
- A Python API for readable and reproducible scripts that can be applied to entire classes of binaries, rather than just one specific binary
- Recursive identification, unpacking, and repacking of many file formats, from ELF executables, to filesystem archives, to compressed and checksummed data
- Built-in, extensible integration with powerful analysis backends (angr, Binary Ninja, Ghidra, IDA Pro)
- Extensibility by design via a common interface to easily write additional OFRAK components and add support for a new file format or binary patching operation
How to Use OFRAK
The source code for the community version of OFRAK is a available in our GitHub repository. This version comes with an OFRAK Community License and is intended for educational uses, personal development, or just having fun.
News & Resources
OFRAK was featured in a WIRED article here.
OFRAK was presented at SummerCon 2022. The presentation is available here.
Connect with us on ofrak.slack.com!