Displaying 1 to 20 from 30 results

rEFInd-minimal - A stunningly clean theme for the rEFInd UEFI boot manager.

  •    

rEFInd is an easy to use boot manager for UEFI based systems. This is a clean and minimal theme for it. Locate your refind EFI directory. This is commonly /boot/EFI/refind though it will depend on where you mount your ESP and where rEFInd is installed. fdisk -l and mount may help.

rufus - The Reliable USB Formatting Utility

  •    C

Use either Visual Studio 2017 (with Update 4 and SDK 10.0.16299 installed) or MinGW and then invoke the .sln or configure/make respectively. Note that, since Rufus is an OSI compliant Open Source project, you are entitled to download and use the freely available Visual Studio Community Edition to build, run or develop for Rufus. As per the Visual Studio Community Edition license this applies regardless of whether you are an individual or a corporate user.

edk2 - EDK II

  •    C

A modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications from www.uefi.org. The EDK II Project is composed of packages. The maintainers for each package are listed in Maintainers.txt.

Project mu - Modular adaptation of TianoCore's edk2 tuned for building modern devices using a scalable, maintainable, and reusable pattern.

  •    Python

Project Mu is a modular adaptation of TianoCore's edk2 tuned for building modern devices using a scalable, maintainable, and reusable pattern. Mu is built around the idea that shipping and maintaining a UEFI product is an ongoing collaboration between numerous partners. For too long the industry has built products using a "forking" model combined with copy/paste/rename and with each new product the maintenance burden grows to such a level that updates are near impossible due to cost and risk.




linuxboot - The LinuxBoot project is working to enable Linux to replace your firmware on all platforms

  •    Perl

The LinuxBoot project allows you to replace your server's firmware with Linux. For the initrd, the Heads firmware or u-root systems work well. Both will build minimal runtimes that can fit into the few megabytes of space available.

pawn - Extract BIOS firmware from Intel-based workstations and laptops

  •    C++

Copyright 2014-2017 Google Inc.Disclaimer: This is not an official Google product (experimental or otherwise), it is just code that happens to be owned by Google.

HackBGRT - Windows boot logo changer for UEFI systems

  •    C

HackBGRT is intended as a boot logo changer for UEFI-based Windows systems. When booting on a UEFI-based computer, Windows may show a vendor-defined logo which is stored on the UEFI firmware in a section called Boot Graphics Resource Table (BGRT). It's usually very difficult to change the image permamently, but a custom UEFI application may be used to overwrite it during the boot. HackBGRT does exactly that.

secure-boot - UEFI SecureBoot for ArchLinux

  •    Makefile

I want full control at what boots the computer to avoid the so called evil maid attack. That requires setting SecureBoot with only my own keys. SecureBoot protects the computer from tampering with the installed OS and boot files, while it's left powered off outside our view. It's not a substitute for disk encryption though, it's an addition to it. The *.auth files must be enrolled in the UEFI firmware the first time. Unfortunately this procedure depends on the hardware i.e. the BIOS/UEFI (see below for a Thinkpad).


efibootguard - Simple UEFI boot loader with support for safely switching between current and updated partition sets

  •    C

A bootloader based on UEFI. For sending patches, please refer to the mailing list and CONTRIBUTING.md in the source tree.

uefi-ntfs - UEFI:NTFS - Boot NTFS partitions from UEFI

  •    C

UEFI:NTFS is a generic bootloader, that is designed to allow boot from an NTFS partition, in pure UEFI mode, even if your system does not natively support it. This is primarily intended for use with Rufus, but can also be used independently. In other words, UEFI:NTFS is designed to remove the restriction, which most UEFI systems have, of only providing boot support from a FAT32 partition, and enable the ability to also boot from NTFS partitions.

efifs - EFI FileSystem drivers

  •    C

This is a GPLv3+ implementation of standalone EFI File System drivers, based on the GRUB 2.0 read-only drivers. If QEMU is installed, the Visual Studio solution will set up and test the drivers using QEMU (by also downloading a sample image for each target file system). Note however that VS debugging expects a 64-bit version of QEMU to be installed in C:\Program Files\qemu\ (which you can download here). If that is not the case, you should edit .msvc\debug.vbs accordingly.

UefiToolsPkg - Various useful utilities for UEFI

  •    C

This is a Tiano Core (edk2) package with various goodies. The goal was to make the UEFI environment much more useful to system hackers. It may be a reduced environment, but there's no need for it to remain a crippled one. People make the analogy of UEFI being the 21st century equivalent of DOS, yet DOS was a vastly more useful environment than UEFI is today. Hopefully, one day this will grow into a veritable distribution of software to be productive even without a "real OS" around.

s6_pcie_microblaze - PCI Express DIY hacking toolkit for Xilinx SP605

  •    C

This repository contains a set of tools and proof of concepts related to PCI-E bus and DMA attacks. It includes HDL design which implements software controllable PCI-E gen 1.1 endpoint device for Xilinx SP605 Evaluation Kit with Spartan-6 FPGA. In comparison with popular USB3380EVB this design allows to operate with raw Transaction Level Packets (TLP) of PCI-E bus and perform full 64-bit memory read/write operations. It's early version of my first much or less complicated FPGA project, so the speed is quite slow (around 1-2 Mb/s), but in upcoming releases it will be significantly increased by connecting PCI-E endpoint to MicroBlaze soft processor with AXI DMA engine. However, even such low speed is more than enough for reliable implementation of various practical attacks over PCI-E bus: to demonstrate applied use cases of the design, there's a tool for pre-boot DMA attacks on UEFI based machines which allow executing arbitrary UEFI DXE drivers during platform init. Another example shows how to use pre-boot DMA attacks to inject Hyper-V VM exit handler backdoor into the virtualization-based security enabled Windows 10 Enterprise running on UEFI Secure Boot enabled platform. Provided Hyper-V backdoor PoC might be useful for reverse engineering and exploit development purposes, it provides an interface for inspecting of hypervisor state (VMCS, physical/virtual memory, registers, etc.) from guest partition and perform the guest to host VM escape attacks. s6_pcie_microblaze.xise − Xilinx ISE project file.

mu_plus - Microsoft Core UEFI Value

  •    C

For more information see the Code of Conduct FAQ https://opensource.microsoft.com/codeofconduct/faq/ or contact opencode@microsoft.com. with any additional questions or comments. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

mu_tiano_plus - UEFI Tiano Core Value

  •    C

For more information see the Code of Conduct FAQ https://opensource.microsoft.com/codeofconduct/faq/ or contact opencode@microsoft.com. with any additional questions or comments. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

systemboot - SystemBoot is a LinuxBoot distribution that works as a system firmware + bootloader, based on u-root

  •    Go

This work is similar to the pxeboot and boot commands that are already part of u-root, but approach and implementation are slightly different. Thanks to Chris Koch and Jean-Marie Verdun for pioneering in this area. This project started as a personal experiment under github.com/insomniacslk/systemboot but it is now an effort of a broader community and graduated to a real project for system firmwares.

clr-boot-manager - Kernel & Boot Loader Management

  •    C

clr-boot-manager exists to enable the correct maintenance of vendor kernels and appropriate garbage collection tactics over the course of upgrades. The implementation provides the means to enable correct cohabitation on a shared boot directory, such as the EFI System Partition for UEFI-booting operating systems. Special care is taken to ensure the boot partition is handled gracefully, and in the instance that it is not already mounted, then clr-boot-manager will automatically discover and mount it, and automatically unmount the boot partition again when it is complete.

BiosSledgehammer - Automated BIOS, ME, TPM firmware update and BIOS settings for HP devices

  •    PowerShell

Automated BIOS, ME, TPM firmware update and BIOS settings for HP devices. For the Windows 10 rollout, we need you to support ten different hardware models and all of them need to be updated to the newest BIOS version. Some devices require a TPM firmware update to use the security features that depend on TPM 2.0. You also need to update the BIOS settings for all devices (Secure Boot, Fast Boot etc.) to meet Microsoft recommendations. And while you are at it, please also make sure to patch the Management Engine firmware security issue. Oh, and a new BIOS password would be a big plus because we currently have twenty different passwords in use.

thinkpad-shahash - Script to recompute SHA1 hashes for Lenovo ThinkPad Sandy Bridge laptops to get rid of 5 beeps on boot

  •    Python

This is a small utility which checks and recomputes sha1 hashes used to validate Lenovo ThinkPad X220/T420 (and probably other Sandy Bridge ThinkPads) firmware integrity. You can hear 5 beeps twice if the firmware fails validation and you have TPM (security chip) turned on, which is pretty common for modified firmwares. This utility is now fully automatic, it can re-hash TCPA blocks, recompute RSA signatures of said blocks and replace Lenovo public key with yours.