Overview
Explore an innovative approach to UEFI firmware vulnerability research in this 52-minute Black Hat conference talk. Delve into the development of efiXplorer, a tool designed to address the limitations of existing UEFI analysis instruments, particularly for x86-based systems. Learn how automated static analysis can be leveraged to hunt for vulnerabilities in UEFI firmware at scale, filling a gap in publicly available tools for this specific purpose. Gain insights from security experts Andrey Labunets, Philip Lebedev, Alex Matrosov, and Yegor Vasilenko as they discuss the challenges of reversing UEFI firmware and present their solution for more effective vulnerability detection.
Syllabus
efiXplorer: Hunting for UEFI Firmware Vulnerabilities at Scale with Automated Static Analysis
Taught by
Black Hat