Replies: 5 comments 2 replies
-
|
I think the deep extractor is causing such issues if he does not find a valid Linux system. You can disable it via the emba/scan-profiles/quick-sbom.emba Line 25 in 1b3e900 |
Beta Was this translation helpful? Give feedback.
-
|
Trying this: ./emba -l ../Connectors -f ../ExterroConnectors.7z -p
./scan-profiles/quick-scan.emba -q
that seems to work, thank you very much for that.
…On Sun, Feb 23, 2025 at 3:47 AM Michael Messner ***@***.***> wrote:
I think the deep extractor is causing such issues if he does not find a
valid Linux system. You can disable it via the -q parameter or in the
scan-profile as shown here
https://github.com/e-m-b-a/emba/blob/1b3e900f658a72806dd1cae78ddd839e41706087/scan-profiles/quick-sbom.emba#L25
—
Reply to this email directly, view it on GitHub
<#1478 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AO3JWYYQDSHSLLFNHJPP75L2RGKLBAVCNFSM6AAAAABXVS6OE6VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTEMRZGA3DKMI>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
We need to improve this behaviour in the future ... |
Beta Was this translation helpful? Give feedback.
-
|
Michael,
Anything I can do to help? I will need to get some authorization but will
try.
A lot of times when doing the scans I find myself archiving specific
directories of information. Not sure if this would fit into things.
I could also see at some point that if I was able to get local LLM model
running to see how/if that would work with EMBA.
As always appreciate the work.
David
…On Mon, Feb 24, 2025 at 5:22 AM Michael Messner ***@***.***> wrote:
We need to improve this behaviour in the future ...
—
Reply to this email directly, view it on GitHub
<#1478 (reply in thread)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AO3JWYYVQOL3EXHH5S64OW32RL6GNAVCNFSM6AAAAABXVS6OE6VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTEMRZHE2TIMI>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
Hi David, every help is very much appreciate. There are multiple issues open that need some helping hands. Additionally, if you are working with AI/LLM we currently have support for GPT but there are multiple other AI's out there that could be integrated as option. |
Beta Was this translation helpful? Give feedback.
-
|
I will make an inquiry and see if I am allowed.
I have not done much GIT stuff; very old school by your standards but would
like to contribute in some way.
…On Mon, Feb 24, 2025 at 6:05 AM Michael Messner ***@***.***> wrote:
Michael, Anything I can do to help? I will need to get some authorization
but will try. A lot of times when doing the scans I find myself archiving
specific directories of information. Not sure if this would fit into
things. I could also see at some point that if I was able to get local LLM
model running to see how/if that would work with EMBA. As always appreciate
the work. David
Hi David, every help is very much appreciate. There are multiple issues
open that need some helping hands. Additionally, if you are working with
AI/LLM we currently have support for GPT but there are multiple other AI's
out there that could be integrated as option.
—
Reply to this email directly, view it on GitHub
<#1478 (reply in thread)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AO3JWYZ2AEDSO4WGLU2HAFL2RMDHNAVCNFSM6AAAAABXVS6OE6VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTEMRZHE4TSNY>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
if you want I will file a bug.
[image: image.png]
…On Thu, Feb 27, 2025 at 8:02 PM David Busby ***@***.***> wrote:
I will make an inquiry and see if I am allowed.
I have not done much GIT stuff; very old school by your standards but
would like to contribute in some way.
On Mon, Feb 24, 2025 at 6:05 AM Michael Messner ***@***.***>
wrote:
> Michael, Anything I can do to help? I will need to get some authorization
> but will try. A lot of times when doing the scans I find myself archiving
> specific directories of information. Not sure if this would fit into
> things. I could also see at some point that if I was able to get local LLM
> model running to see how/if that would work with EMBA. As always appreciate
> the work. David
>
> Hi David, every help is very much appreciate. There are multiple issues
> open that need some helping hands. Additionally, if you are working with
> AI/LLM we currently have support for GPT but there are multiple other AI's
> out there that could be integrated as option.
>
> —
> Reply to this email directly, view it on GitHub
> <#1478 (reply in thread)>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AO3JWYZ2AEDSO4WGLU2HAFL2RMDHNAVCNFSM6AAAAABXVS6OE6VHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTEMRZHE4TSNY>
> .
> You are receiving this because you authored the thread.Message ID:
> ***@***.***>
>
|
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
I recently got an ISO with quite a few programs but I do not need to analyze them all. So pulled the directories of tools off that I did need to review. To make it a little easier I converted each directory to a 7z archive.
Now when I run EMBA to analyze it is very odd. EMBA seems to get "stuck" on the P60_deep_extractor. I don't mean it stops but after nearly a week it is still running and the initial size of the 7z archive is only 168.1MB compressed. I am running 8 Processors and 12GB memory on a VM. Just seems odd that it is taking so long. It is commercial software and would not surprise me if they put some sort of anti-forensic in it but I did analyze an exe with no issue from this vendor.
Just found it odd.
Anyone seen something like this before I did not notice anything in the discussion.
Beta Was this translation helpful? Give feedback.
All reactions