Software:UEFITool

From HandWiki
Short description: Software program
UEFITool
Original author(s)Nikolaj Schlej
Stable release
A62 / 2022 October 03; 21 months ago (03-10-2022)
Written inC++
Operating systemWindows, macOS, Linux
LicenseBSD-2-Clause license
Websitehttps://github.com/LongSoft/UEFITool/wiki

UEFITool is a software program for reading and modifying EEPROM images with UEFI firmware.[1] It is written in C++ using the Qt library.[2] Features include the ability to view the flash regions and to extract and import them.[3] UEFITool allows the user to search for hex and text patterns.[4]

UEFITool presents UEFI firmware images in a tree-like structure. It highlights the modules which are protected by the Intel Boot Guard.[4]

References

  1. Lee, Micah (April 28, 2018). "It's Impossible to Prove Your Laptop Hasn't Been Hacked. I Spent Two Years Finding Out." (in en). https://theintercept.com/2018/04/28/computer-malware-tampering/. 
  2. Christensen, Jake; Anghel, Ionut Mugurel; Taglang, Rob; Chiroiu, Mihai; Sion, Radu (August 2020). "DECAF: automatic, adaptive de-bloating and hardening of COTS firmware". SEC'20: Proceedings of the 29th USENIX Conference on Security Symposium. https://www.usenix.org/system/files/sec20-christensen.pdf. Retrieved January 22, 2024. 
  3. Matrosov, Alex (2019). Rootkits and bootkits: reversing modern malware and next generation threats. Eugene Rodionov, Sergey Bratus. San Francisco: No Starch Press. pp. 380–390. ISBN 978-1-59327-883-0. OCLC 1005741834. 
  4. 4.0 4.1 de Assumpção, Matheus Bichara; dos Reis, Marcelo Abdalla; Marcondes, Marcos Roberto; da Silva Eleutério, Pedro Monteiro; Vieira, Victor Hugo (March 2023). "Forensic method for decrypting TPM-protected BitLocker volumes using Intel DCI". Forensic Science International: Digital Investigation 44. doi:10.1016/j.fsidi.2023.301514. https://www.sciencedirect.com/science/article/pii/S266628172300015X. Retrieved January 22, 2024. 

External links