Penetration Testing mailing list archives
new firmware security blog
From: Blibbet <blibbet () gmail com>
Date: Tue, 09 Jun 2015 18:02:14 -0700
Hi, I've recently started a blog focusing on firmware security and firmware development, focusing mostly on UEFI, but also on BIOS, coreboot, and other technologies. It focuses mostly on Intel, but also covers ARM. I focus on Linux/Android/Chrome OS/FreeBSD, but also cover some MSFT/APPL usage. I've got a few tool reviews on there already, but I'm about to to a series of posts on UEFI security tools on github (there're a few dozen now), starting with ones that can be used to analyze BIOS ROMs, then moving onto some existing fuzzing/injection tools. I'm currently in the middle of looking at UEFI 2.5's new features, and starting to understand's ARM's Trusted Firmware project, and have some articles on writing new CHIPSEC modules in the works. A few sample posts: http://firmwaresecurity.com/2015/05/25/tool-mini-review-uefitool/ http://firmwaresecurity.com/2015/05/21/tool-mini-review-bios_diff-py/ http://firmwaresecurity.com/2015/05/09/book-review-embedded-firmware-solutions/ http://firmwaresecurity.com/2015/05/09/new-uefi-http-boot-support-in-uefi-2-5/ http://firmwaresecurity.com/2015/04/29/new-info-for-google-verified-boot-and-kernelfinger-bootloader/ The blog site is pretty boring, I'm a newbie blogger and am just learning Wordpress. :-( I'll have some resource pages, blogrolls, and archive pages on the main site soon. If anyone has any specific suggestions of firmware security that merits research, please let me know. Thanks, Lee RSS: http://firmwaresecurity.com/feed ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- new firmware security blog Blibbet (Jun 12)