I think we talked about it before but because I ran EMBA again and used these tools afterwards so I thought I let you know.

Is your feature request related to a problem? Please describe.
I think the password hash search and other analysis steps after unpacking in EMBA could be improved.

Describe the solution you'd like
I guess using https://github.com/returntocorp/semgrep is the best choice at the moment because of the huge amount of rules in https://github.com/returntocorp/semgrep-rules

Describe alternatives you've considered
If semgrep doesn't work for some reason there is also my standalone https://github.com/floyd-fuh/crass/blob/master/grep-it.sh script that might be easier to implement. As an fyi, I've been maintaining it for 7 years now and even though there is semgrep I'm not planning to stop. Btw. if you would like to keep your current greps we could integrate them as rules in grep-it.sh if you think something is missing.

Additional context
I know searching for CVEs is probably a quick win in many cases, but when you really want to do proper security research to pwn a device with custom/new approaches/techniques/ideas it is good to have a tool that only points to "fishy" areas (e.g. anything related to crypto as in https://github.com/floyd-fuh/crass/blob/f2da104b073f530fbadeda7578c39a377ebd296b/grep-it.sh#L318 ). In that regards I'm not sure (I really don't know as I've just started to use it) if semgrep allows an approach that is broad enough, whereas in CRASS I'm trying. I would still rather go with semgrep. Or both. If you use semgrep with --config=auto just make sure to tell your users that you are using a third-party (metrics are sent to their servers).