chipsec
binwalk
chipsec | binwalk | |
---|---|---|
16 | 29 | |
2,827 | 10,161 | |
0.6% | 0.6% | |
9.3 | 0.0 | |
6 days ago | about 1 month ago | |
Python | Python | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
chipsec
- Chipsec: Platform Security Assessment Framework
-
Platbox: UEFI and SMM Platform Security Assessment Tool for AMD and Intel
Here is the thread about ARM https://github.com/chipsec/chipsec/issues/461
- M18 Guide to Undervolt and Performance - Follow at your own risk, involves BIOS modification
-
MacBookPro6,2 w/ Win11: Screen brightness?
using Chipsec utility. It requires installing Python 3, runs on any OS. Commands must be executed in elevated terminal / command prompt (or with sudo if using on non-Windows).
-
CosmicStrand: Almost impossible to remove? More like impossible to find information on it.
[CHIPSEC GitHub] https://github.com/chipsec/chipsec
-
The Privacy, Security, & OSINT Show: 272-Processor Attacks Explained
Paul Asadoorian https://twitter.com/securityweekly https://eclypsium.com/2022/07/26/firmware-security-realizations-part-1-secure-boot-and-dbx/ https://github.com/mjg59/mei-amt-check https://github.com/chipsec/chipsec.git https://github.com/intel/INTEL-SA-00075-Linux-Detection-And-Mitigation-Tools https://github.com/ptresearch/mmdetect https://github.com/corna/me_cleaner/
-
CosmicStrand: The discovery of a sophisticated UEFI firmware rootkit
https://github.com/chipsec/chipsec
It's not out of band and therefore vulnerable to massively clever malware, but it's still useful.
-
Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us
As an aside, if you want to sorta see how vunlerable your UEFI is, you can run Chipsec to find out. It has a specific test for all the write-enable bits and stuff.
-
[GUIDE] Unlock the EC TDP limit of your low power U series Intel CPU
If you are like me and don't have the option, you need to modify the option through EFI shell. Download UEFI Tool, IFR extractor, RU.efi, and UEFI Shell, and your bios.bin/biosfd . On HP laptops, you can obtain it through the third option "Copy" . You can find the platform ID in the bios.
binwalk
- HTB - Pilgrimage Writeup
-
Is it possible to extract firmware through a USB-C cable
https://github.com/ReFirmLabs/binwalk/wiki/Quick-Start-Guide here's how to extract firmware
-
Mounting 20-year-old OpenBSD drive under macOS?
If you can get them attached to something, I wouldn’t bother trying to mount then, just dump the contents and use something inker binwalk to figure things out and see if it can extract things.
-
Sketchy USB Update
With that said, I'll repeat what i said last post, run binwalker on the image. Nothing that anyone is saying here is probably going to work because that doesn't have any features of an FS image
-
Unknown USB Files - How to view?
Op, run binwalk. Don't just run it though an hex editor, you won't understand anything. It's a forensics tool to analyze unknown binary blobs (much better than gitbash that someone mentioned). It can also unpack these files automatically, there's no better universal tool for it
-
Trying to find hex in bin file
Not sure if it would be easier or not, but you could also use binwalk to find a binary string in a file.
- An unidentified filesystem while analyzing a firmware
- Caffè Italia * 05/02/23
-
Security Advisory: Remote Command Execution in binwalk
Not true, it's still not patched. See https://github.com/ReFirmLabs/binwalk/pull/617
-
Show HN: Unblob – extraction suite for 30+ file formats
Looks nice! Kind of reminds me of binwalk: https://github.com/ReFirmLabs/binwalk
What are some alternatives?
Universal-IFR-Extractor - Utility that can extract the internal forms represenation from both EFI and UEFI modules.
foremost - Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery. Originally developed by the United States Air Force Office of Special Investigations and The Center for Information Systems Security Studies and Research , foremost has been opened to the general public. We welcome any comments, suggestions, patches, or feedback you have on this program. Please direct all correspondence to [email protected].
Platbox - UEFI and SMM Assessment Tool
unblob - Extract files from any kind of container formats
Universal-IFR-Extractor - Utility that can extract the internal forms represenation from both EFI and UEFI modules.
osx-dictionary - CLI for OSX Dictionary.app
INTEL-SA-00075-Linux-Detection-And-Mitigation-Tools
Wireshark - Read-only mirror of Wireshark's Git repository at https://gitlab.com/wireshark/wireshark. ⚠️ GitHub won't let us disable pull requests. ⚠️ THEY WILL BE IGNORED HERE ⚠️ Upload them at GitLab instead.
mmdetect - Intel ME Manufacturing Mode Detection Tools
ghidra - Ghidra is a software reverse engineering (SRE) framework
reolink-fw - Extract information and files from Reolink firmwares.
pfSense - Main repository for pfSense