chipsec v1.6.1 releases: Platform Security Assessment Framework
CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low-level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X, and UEFI shell. Instructions for installing and using CHIPSEC can be found in the manual.
NOTE: This software is for security testing purposes. Use at your own risk. Read WARNING.txt before using.
The first version of CHIPSEC was released in March 2014: Announcement at CanSecWest 2014
The recent presentation on how to use CHIPSEC to find vulnerabilities in firmware, hypervisors and hardware configuration, explore low-level system assets and even detect firmware implants: Exploring Your System Deeper
What is Platform Security?
Hardware Implementation and Configuration
• Available Security Features
• Correct Configuration of HW Components
• Testing/Demonstration of HW Security Mechanisms
Firmware Implementation and Configuration
• Access Controls on Firmware Interfaces
• Correct Settings of Lock Bits
• Testing/Demonstration of FW Security Mechanisms
Feature:
+ System Management Mode
* CPU SMM Cache Poisoning / SMM Range Registers (SMRR)
* SMM memory (SMRAM) Lock
+ BIOS Write Protection
+ Direct HW Access for Manual Testing
+ Forensics
* Live system firmware analysis
* Offline system firmware analysis
Changelog v1.6.1
New or Updated Configurations:
8086/pch_5xxh– Fix missing type attribute
Removed Modules:
- None
Additional Changes:
chipsec.chipset– Update exception logic from cs exception changes
Additional Notes:
- For Windows users, please rebuild your windows driver as updates have been made.
- For Windows, Linux and MacOS: Python2 support has been deprecated as of June 2020. Please use Python3.
- Any modules under the
modules.toolsdirectory have not yet been fully validated to work with Python3.
Tutorial
Copyright (C) 2018 chipsecintel
Source: https://github.com/chipsec/
