chipsec v1.9.1 releases: Platform Security Assessment Framework
CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low-level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X, and UEFI shell. Instructions for installing and using CHIPSEC can be found in the manual.
NOTE: This software is for security testing purposes. Use at your own risk. Read WARNING.txt before using.
The recent presentation on how to use CHIPSEC to find vulnerabilities in firmware, hypervisors and hardware configuration, explore low-level system assets and even detect firmware implants: Exploring Your System Deeper
What is Platform Security?
Hardware Implementation and Configuration
• Available Security Features
• Correct Configuration of HW Components
• Testing/Demonstration of HW Security Mechanisms
Firmware Implementation and Configuration
• Access Controls on Firmware Interfaces
• Correct Settings of Lock Bits
• Testing/Demonstration of FW Security Mechanisms
Feature:
+ System Management Mode
* CPU SMM Cache Poisoning / SMM Range Registers (SMRR)
* SMM memory (SMRAM) Lock
+ BIOS Write Protection
+ Direct HW Access for Manual Testing
+ Forensics
* Live system firmware analysis
* Offline system firmware analysis
Changelog v1.9.1
- Add type hints to aligned_column_spacing functions by @dscott90 in #1586
- Add applicable Python version, Type Hint & f-string PEPs to contribution guide by @frinzell in #1587
- Update the wording around the -i flag by @npmitche in #1593
- Update mailing list and add Discord server link by @npmitche in #1592
- Use CPUID to identify processors instead of PCI Dev ID by @jun2zhou in #1590
Additional Notes:
- Linux driver was updated in this release. Be sure to re-compile.
- Python2 support has been deprecated as of June 2020 and is no longer supported for Chipsec 1.8.0. Please use Python3.
- If you are having issues with running in the UEFI Shell, please be sure to update your python executable using the zip in this release.
- Some modules under the
modules.toolsdirectory have not been fully validated to work with Python3. Please report any issues. - ➡️
masterbranch has been renamed tomain⬅️
Tutorial
Copyright (C) 2018 chipsecintel
Source: https://github.com/chipsec/
