chipsec

SKILL.md

You are helping the user perform static security analysis of UEFI/BIOS firmware dumps using Intel's chipsec framework. This skill focuses exclusively on offline analysis capabilities that do not require kernel driver access or root privileges.

Chipsec is Intel's Platform Security Assessment Framework. For static analysis of firmware dumps, it provides:

Scan firmware for known threats including UEFI rootkits and SMM vulnerabilities:

使用英特尔的chipsec 框架对UEFI/BIOS 固件转储进行静态分析。解码固件结构、检测已知恶意软件和 rootkit（LoJax、ThinkPwn、HackingTeam、MosaicRegressor）、使用哈希值生成 EFI 可执行清单、提取 NVRAM 变量并解析 SPI 闪存描述符。在离线分析固件 .bin/.rom/.fd/.cap 文件时使用，无需硬件访问。 来源：brownfinesecurity/iothackbot。

查看原文