DSecurity/efiSeek DSecurity/efiSeek

  • Stars
    star
    300
  • Rank 138,870 (Top 3 %)
  • Language
    Java
  • License
    Apache License 2.0
  • Created over 4 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
DSecurity/efiSeek
github

DSecurity

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Ghidra analyzer for UEFI firmware.

efiSeek for Ghidra

About

The analyzer automates the process of researching EFI files, helps to discover and analyze well-known protocols, smi handlers, etc.

Features

Finds known EFI GUID's

guids

Identifies protocols located with LOCATE_PROTOCOL function

locateProtocols

Identifies functions used as the NOTIFY function

notify

Identifies protocols installed in the module through INSTALL_PROTOCOL_INTERFACE

install

Identifies functions used as an interrupt function (like some hardware, software/child interrupt)

ioTrap

sx

child

sw

Script for loading efi modules to relevant directories in Headless mode

Sorting smm modules relying on meta information into next folders:

  • SwInterrupts
  • ChildInterrupts
  • HwInterrupts
  • UnknownInterrupts

sort

Installation

Set GHIDRA_INSTALL_DIR environment variable to ghidra path.

Start gradlew.bat, after the completion of building a copy archive from the dist directory to GHIDRA_HOME_DIR/Extensions/Ghidra/. And turn on this extention in your ghidra.

Usage

After installation you are free to use this analyzer. If you open a EFI file, the analyzer appears selected automatically. To start the analyzer, press A or Analysis/Auto Analyze and press Analyze.

References

More Repositories

1

checkm8-arduino

The checkm8 port for Arduino and USB Host Shield
C
117
star
2

crauEmu

crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks
Python
104
star
3

istio-security-restrictions-bypass

Detect and bypass Istio sidecar
10
star
4

GhidraSMRAMLoader

SMRAM loader for ghidra
Java
1
star