CHIPSEC – Platform Security Assessment Framework For Firmware Hacking


CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.

CHIPSEC - Platform Security Assessment Framework


It includes a security test suite, tools for accessing various low-level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X and UEFI shell.

You can use CHIPSEC to find vulnerabilities in firmware, hypervisors and hardware configuration, explore low-level system assets and even detect firmware implants.

What does CHIPSEC Platform Security Assessment Framework Do?

CHIPSEC has a bunch of modules focusing on areas such as Secure Boot, System Management Mode (SMM/SMRAM), BIOS and Firmware security, BIOS write protection etc.

Modules such as:

– SMRAM Locking
– BIOS Keyboard Buffer Sanitization
– SMRR Configuration
– BIOS Protection
– SPI Controller Locking
– BIOS Interface Locking
– Access Control for Secure Boot Keys
– Access Control for Secure Boot Variables

CHIPSEC Firmware Hacking Warnings

1. CHIPSEC kernel drivers provide direct access to hardware resources to user-mode applications (for example, access to physical memory). When installed on production systems this could allow malware to access privileged hardware resources.

2. The driver is distributed as source code. In order to load it on Operating System which requires kernel drivers to be signed (for example, 64-bit versions of Microsoft Windows 7 and higher), it is necessary to enable TestSigning (or equivalent) mode and sign the driver executable with test signature. Enabling TestSigning (or equivalent) mode turns off an important OS kernel protection and should not be done on production systems.

3. Due to the nature of access to hardware, if any CHIPSEC module issues incorrect access to hardware resources, Operating System can hang or panic.

You can download CHIPSEC here:

chipsec-v1.3.6rc1.zip

Or read more here.

Posted in: Hardware Hacking


Latest Posts:


Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.
Second Order - Subdomain Takeover Scanner Tool Second Order – Subdomain Takeover Scanner Tool
Second Order Subdomain Takeover Scanner Tool scans web apps for second-order subdomain takeover by crawling the application and collecting URLs (and other data)
Binwalk - Firmware Security Analysis & Extraction Tool Binwalk – Firmware Security Analysis & Extraction Tool
Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering & extracting of firmware.
zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors


Comments are closed.