EEJournal

industry news
Subscribe Now
August 4, 2022

ONEKEY redefines IoT Security with UNBLOB

ONEKEY open sources its high-performance firmware extraction suite

Düsseldorf/Germany, August 4, 2022 – With the open-source release of the new binary extraction suite “UNBLOB”, ONEKEY provides a core component of its automated firmware security analysis platform to the infosec community. This will set a new milestone in the battle to raise security to a new level in the field of industrial control and production systems and connected devices.

UNBLOB is an accurate, fast, and easy-to-use extraction suite. UNBLOB parses unknown binary code or data blobs for many different archive, compression, and file-system formats, extracts their content recursively. With UNBLOB, software can be extracted down to the smallest details and presented transparently. “UNBLOB is the perfect tool for extracting and analyzing firmware binary code. In today’s connected world, billions of IoT devices, each with its own individual firmware, are in use. If vulnerable, each one poses a risk to the entire surrounding infrastructure. Through the release of UNBLOB, we empower professional security researchers and security experts around the world to uncover vulnerabilities in industrial and other products and infrastructures contributing to improve the security level of industrial systems and smart devices,” says Jan Wendenburg, CEO of ONEKEY.

Global access to IoT security
ONEKEY operates the leading European platform for automated security, compliance, and software supply chain analysis of IoT, industrial IoT (IIoT), and manufacturing (OT) devices. To do this, ONEKEY automatically constructs a digital twin based on the device’s firmware image, builds a Software Bill of Materials (SBoM) of the software components it contains, and analyzes it for vulnerabilities and configuration issues which could be exploited by hackers. “We want to give experts and interested companies worldwide access to high-performance security tools, enabling the highest possible level of IoT security. Open source is the fastest and strongest community with the will to improve technology. We want to walk the path together with the experts worldwide and therefore deliberately involve them to provide the best tools for software analysis,” continues Jan Wendenburg of ONEKEY. For companies that do not have their own in-depth expert knowledge, ONEKEY offers a comprehensive full-service solution. With this, anyone can independently inspect firmware for critical security vulnerabilities and compliance violations without needing source code, device, or network access.

Crowdsourcing for improved IoT security
UNBLOB open-source software is targeted at professional security researchers and security experts who have the necessary capabilities of analyzing or reverse engineering firmware images. Firmware images are usually distributed as BLOBs (Binary Large Objects) in binary form and therefore cannot be read or analyzed in conventional ways. In addition to providing built-in extraction capabilities for many different archive, compression, and file-system formats, UNBLOB highlights the structure of the firmware and supplies an extensible and ready-to-use framework to add extraction capabilities for custom formats in a matter of hours. “We actively support the development of an international community of security experts focused on analysis and security of IoT facilities. Remaining the weakest link in many ICT infrastructures, (I)IoT and OT devices have emerged as a lucrative target for threat actors. Securing these devices and making them resilient to cyber-attacks is a must-have on our way to strengthening our global digital infrastructure,” Wendenburg sums up.

Open sourcing UNBLOB will be accompanied by comprehensive demonstrations at two of the most renowned hacker conferences. Quentin Kaiser will present UNBLOB’s capabilities at the upcoming Black Hat Arsenal and DEF CON Demo Labs in Las Vegas. He will be accompanied by Florian Lukavsky and both are looking forward to technical deep dives with the experts.

Please visit www.unblob.org for more information and further documentation about UNBLOB.

About ONEKEY:
ONEKEY (formerly IoT Inspector) is the leading European platform for automated security & compliance analysis for industrial (IIoT), manufacturing (OT) and Internet of Things (IoT) devices. Using automatically generated “Digital Twins” and “Software Bill of Materials (SBOM)” of the devices, ONEKEY autonomously analyzes firmware for critical security vulnerabilities and compliance violations, completely without source code, device or network access. Vulnerabilities for attacks and security risks are identified in the shortest possible time and can thus be specifically remedied. Easily integrated into software development and procurement processes, the solution enables manufacturers, distributors and users of IoT technology to quickly and automatically check security and compliance before use, 24/7 throughout the product lifecycle. Leading companies, such as SWISSCOM, VERBUND AG and ZYXEL, use this platform today – universities and research institutions can use the ONEKEY platform for study purposes free of charge.

Leave a Reply

featured blogs
Sci-Fi and Fantasy Books They Should Make into Movies
May 6, 2026
Hollywood has struck gold with The Lord of the Rings and Dune'”so which sci-fi and fantasy books should filmmakers tackle next?...
More from Max's Cool Beans...

featured paper

Want early design analysis without simulation?

Sponsored by Siemens Digital Industries Software

Traditional verification methods are failing today's complex IC designs, which require a proactive, early-stage analysis approach. A shift-left methodology addresses IP block integration challenges and the limitations of traditional simulation and ERC tools. Insight Analyzer detects hard-to-find leakage issues across power domains, enabling early analysis without full simulation. Identify inefficiencies earlier to reduce rework, improve reliability, and enhance power performance.

Click to read more!

featured chalk talk

What’s Driving Zephyr’s Momentum
Sponsored by Mouser Electronics and NXP Semiconductors
In this episode of Chalk Talk, Brendon Slade from NXP and Amelia Dalton explore what Zephyr makes unique, how it compares to other RTOS options, and how its design philosophy enables developers to scale from simple prototypes to production-ready systems with confidence.
Click here for more information about NXP Semiconductors Zephyr™ OS for Edge Connected Devices
May 4, 2026
25,796 views