chipsec: Platform Security Assessment Framework
CHIPSEC
CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low-level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X, and UEFI shell. Instructions for installing and using CHIPSEC can be found in the manual.
NOTE: This software is for security testing purposes. Use at your own risk. Read WARNING.txt before using.
The recent presentation on how to use CHIPSEC to find vulnerabilities in firmware, hypervisors and hardware configuration, explore low-level system assets and even detect firmware implants: Exploring Your System Deeper
What is Platform Security?
Hardware Implementation and Configuration
- • Available Security Features
- • Correct Configuration of HW Components
- • Testing/Demonstration of HW Security Mechanisms
- Firmware Implementation and Configuration
- • Access Controls on Firmware Interfaces
- • Correct Settings of Lock Bits
- • Testing/Demonstration of FW Security Mechanisms
Feature:
+ System Management Mode
* CPU SMM Cache Poisoning / SMM Range Registers (SMRR)
* SMM memory (SMRAM) Lock
+ BIOS Write Protection
+ Direct HW Access for Manual Testing
+ Forensics
* Live system firmware analysis
* Offline system firmware analysis
Tutorial
Copyright (C) 2018 chipsecintel
Source: https://github.com/chipsec/