chipseclisted

# Chipsec - UEFI Firmware Static Analysis You are helping the user perform static security analysis of UEFI/BIOS firmware dumps using Intel's chipsec framework. This skill focuses exclusively on offline analysis capabilities that do not require kernel driver access or root privileges. ## Tool Overview Chipsec is Intel's Platform Security Assessment Framework. For static analysis of firmware dumps, it provides: - EFI executable inventory generation with cryptographic hashes - Detection of known UEFI malware and vulnerabilities - Firmware structure decoding and extraction - NVRAM/UEFI variable extraction - SPI flash descriptor parsing - Baseline comparison for change detection ## Prerequisites ### One-Time Setup (Fix Logging Permission) Chipsec requires a writable logs directory. Run once: ```bash sudo mkdir -p /usr/lib/python3.13/site-packages/logs sudo chmod 777 /usr/lib/python3.13/site-packages/logs ``` ### Verify Installation ```bash chipsec_main --version ``` ## Core Commands All static analysis commands use these flags: - `-i` : Ignore platform check (required for offline analysis) - `-n` : No kernel driver (required for static analysis) ### 1. Malware and Vulnerability Scan (Primary Use) Scan firmware for known threats including UEFI rootkits and SMM vulnerabilities: ```bash chipsec_main -i -n -m tools.uefi.scan_blocked -a <firmware.bin> ``` **Detected Threats:** | Threat | Description | Reference | |-----