ABOUT
CVE DATABASE
CONTACT
VISIT SENTINELONE.COM
Another Brick In The Wall Uncovering SMM Vulnerabilities In HP Firmware 1
labs
Security Research

Another Brick in the Wall: Uncovering SMM Vulnerabilities in HP Firmware
Assaf Carlsbad /

How we used Brick to discover six different vulnerabilities affecting HP laptops' firmware

Read More
Zen And The Art Of SMM Bug Hunting 5
labs
Security Research

Zen and the Art of SMM Bug Hunting | Finding, Mitigating and Detecting UEFI Vulnerabilities
Assaf Carlsbad /

In Part 5 of our ongoing series on UEFI security research, we dive into the fascinating world of hunting and exploiting SMM vulnerabilities.

Read More
Adventures From UEFI Land The Hunt For The S3 Boot Script 1
labs
Security Research

Adventures From UEFI Land: the Hunt For the S3 Boot Script
Assaf Carlsbad /

In Part 4 of our UEFI Internals and Exploitation series, we abandon VMs and dive into UEFI on a physical machine. The quest: recovery of the S3 Boot Script.

Read More
Moving From Dynamic Emulation Of UEFI Modules To Coverage Guided Fuzzing Of UEFI Firmware 1
labs
Security Research

Moving From Dynamic Emulation of UEFI Modules To Coverage-Guided Fuzzing of UEFI Firmware
Assaf Carlsbad /

In Part 3 of our series on emulating, debugging and fuzzing UEFI modules, we provide a step-by-step guide to making a coverage-guided fuzzer for UEFI code.

Read More
Moving From Manual RE Of UEFI Modules To Coverage Guided Fuzzing Of UEFI Firmware 3
labs
Security Research

Moving From Manual Reverse Engineering of UEFI Modules To Dynamic Emulation of UEFI Firmware
Assaf Carlsbad /

Learn how to emulate, trace, debug, and Reverse Engineer UEFI modules in part 2 of our new blog series on Firmware Security

Read More
Moving From Common Sense Knowledge About UEFI To Actually Dumping UEFI Firmware 6
labs
Security Research

Moving From Common-Sense Knowledge About UEFI To Actually Dumping UEFI Firmware
Assaf Carlsbad /

The first in a series of posts for researchers on how to emulate, debug and fuzz UEFI modules, we begin with a refresher on how to dump SPI flash memory.

Read More
1 2