UEFITool is a software program for reading and modifying EEPROM images with UEFI firmware.[1] It is written in C++ using the Qt library.[2] Features include the ability to view the flash regions and to extract and import them.[3] UEFITool allows the user to search for hex and text patterns.[4]
Original author(s) | Nikolaj Schlej |
---|---|
Stable release | A62
/ 2022 October 03 |
Written in | C++ |
Operating system | Windows, macOS, Linux |
License | BSD-2-Clause license |
Website | https://github.com/LongSoft/UEFITool/wiki |
UEFITool presents UEFI firmware images in a tree-like structure. It highlights the modules which are protected by the Intel Boot Guard.[4]
References
edit- ^ Lee, Micah (April 28, 2018). "It's Impossible to Prove Your Laptop Hasn't Been Hacked. I Spent Two Years Finding Out". The Intercept. Retrieved 2021-09-13.
- ^ Christensen, Jake; Anghel, Ionut Mugurel; Taglang, Rob; Chiroiu, Mihai; Sion, Radu (August 2020). "DECAF: automatic, adaptive de-bloating and hardening of COTS firmware" (PDF). SEC'20: Proceedings of the 29th USENIX Conference on Security Symposium. Retrieved January 22, 2024.
- ^ Matrosov, Alex (2019). Rootkits and bootkits: reversing modern malware and next generation threats. Eugene Rodionov, Sergey Bratus. San Francisco: No Starch Press. pp. 380–390. ISBN 978-1-59327-883-0. OCLC 1005741834.
- ^ a b de Assumpção, Matheus Bichara; dos Reis, Marcelo Abdalla; Marcondes, Marcos Roberto; da Silva Eleutério, Pedro Monteiro; Vieira, Victor Hugo (March 2023). "Forensic method for decrypting TPM-protected BitLocker volumes using Intel DCI". Forensic Science International: Digital Investigation. 44. doi:10.1016/j.fsidi.2023.301514.
External links
edit