efiXplorer - IDA plugin for UEFI firmware analysis and reverse engineering automation
Contributors:
- Alex Matrosov (@matrosov)
- Andrey Labunets (@isciurus)
- Philip Lebedev (@p41l)
- Yegor Vasilenko (@yeggor)
Supported versions of Hex-Rays products: everytime we focus on last versions of IDA and Decompiler because trying to use most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations.
Why not IDApython: all code developed in C++ because it's a more stable and performant way to support a complex plugin and get full power of most recent SDK's features.
Supported Platforms: Win, Linux and OSX (x86/x64).
Annotate assembly code automatically with available Boot Services
Annotate assembly code automatically with available Runtime Services
Before analysis | After analysis |
---|---|
From the beginning of the project, we focus on building extensible architecture to make our life easier to support the current version and adding new features ๐
We try to make the build process for different platforms very simple, just use the build script to automate this process๐
Usage: build.py [OPTIONS] IDASDK_DIR
Options:
-c, --copy TEXT path to IDA plugins directory
--help Show this message and exit.
example of build process:
./build.py <IDASDK75_DIR>
Copy compiled binaries of efiXplorer plugin and guids
directory to <IDA_DIR>/plugins
. Enjoy!
For IDA:
- https://github.com/yeggor/UEFI_RETool
- https://github.com/gdbinit/EFISwissKnife
- https://github.com/snare/ida-efiutils
For Ghidra: