https://github.com/hacking-support/DVUEFI Skip to content Navigation Menu Toggle navigation Sign in * Product + Actions Automate any workflow + Packages Host and manage packages + Security Find and fix vulnerabilities + Codespaces Instant dev environments + GitHub Copilot Write better code with AI + Code review Manage code changes + Issues Plan and track work + Discussions Collaborate outside of code Explore + All features + Documentation + GitHub Skills + Blog * Solutions By size + Enterprise + Teams + Startups By industry + Healthcare + Financial services + Manufacturing By use case + CI/CD & Automation + DevOps + DevSecOps * Resources Topics + AI + DevOps + Security + Software Development Explore + Learning Pathways + White papers, Ebooks, Webinars + Customer Stories + Partners * Open Source + GitHub Sponsors Fund open source developers + The ReadME Project GitHub community articles Repositories + Topics + Trending + Collections * Enterprise + Enterprise platform AI-powered developer platform Available add-ons + Advanced Security Enterprise-grade security features + GitHub Copilot Enterprise-grade AI features + Premium Support Enterprise-grade 24/7 support * Pricing Search or jump to... Search code, repositories, users, issues, pull requests... Search [ ] Clear Search syntax tips Provide feedback We read every piece of feedback, and take your input very seriously. [ ] [ ] Include my email address so I can be contacted Cancel Submit feedback Saved searches Use saved searches to filter your results more quickly Name [ ] Query [ ] To see all available qualifiers, see our documentation. Cancel Create saved search Sign in Sign up Reseting focus You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert {{ message }} hacking-support / DVUEFI Public * Notifications You must be signed in to change notification settings * Fork 1 * Star 20 Damn Vulnerable UEFI License MIT license 20 stars 1 fork Branches Tags Activity Star Notifications You must be signed in to change notification settings * Code * Issues 0 * Pull requests 0 * Actions * Projects 0 * Security * Insights Additional navigation options * Code * Issues * Pull requests * Actions * Projects * Security * Insights hacking-support/DVUEFI This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository. main BranchesTags Go to file Code Folders and files Name Name Last commit Last commit message date Latest commit History 49 Commits docs docs edk2-build-toolchain edk2-build-toolchain tools tools vuln-edk2 @ 36fc13b vuln-edk2 @ 36fc13b .gitmodules .gitmodules LICENSE LICENSE README.md README.md View all files Repository files navigation * README * MIT license [DVUEFILogo] Damn Vulnerable UEFI (DVUEFI) An Exploitation Toolkit and Learning Platform for Unveiling and Fixing UEFI Firmware Vulnerabilities Presented at Black Hat USA 2024 Arsenal [dvuefi] Introduction Inspired by projects such as Damn Vulnerable Web Application and OWASP's Damn Vulnerable Web Sockets, Damn Vulnerable UEFI (DVUEFI) is designed to help guide ethical hackers, security researchers, and firmware enthusiasts in getting started with UEFI firmware security, by facilitating the exploration of vulnerabilities by example. The DVUEFI project is engineered to simulate real-world firmware attacks, offering an environment for practicing and refining exploitation techniques. DVUEFI is accompanied by a robust, continuously evolving catalog of documented UEFI vulnerabilities. Each entry is detailed with exploitation methods, potential impacts, and strategic mitigation recommendations, serving as both a learning tool and a reference for security practitioners. OS Support DEVUEFI's exploitation environment is designed to be deployable on both Windows and Linux using either QEMU for the first two stages and VMWare Workstation Player for the final stage (the free version, VMWare Workstation Player, will suffice). Tools We extend and combine different engines of UEFITool to help with automation for the third stage. For more information on the tool, see Tools. Getting Started Clone this repository using git clone --recursive git@github.com:hacking-support/DVUEFI.git # ssh or git clone --recursive https://github.com/hacking-support/DVUEFI.git # https To start setting up your exploitation environment, head over to Level 0: Setup Acknowledgements DVUEFI would not exist without the previous contributions of many members of the UEFI community. * UEFI image analysis and modification: https://github.com/LongSoft /UEFITool * Inspiration for Apps to make Vulnerable: https://github.com/ fpmurphy/UEFI-Utilities-2019 About Damn Vulnerable UEFI Resources Readme License MIT license Activity Custom properties Stars 20 stars Watchers 3 watching Forks 1 fork Report repository Releases No releases published Packages 0 No packages published Contributors 2 * @staslyakhov staslyakhov Stanislav Lyakhov * @HackingThings HackingThings Mickey Languages * C++ 50.3% * C 48.2% * Other 1.5% Footer (c) 2024 GitHub, Inc. Footer navigation * Terms * Privacy * Security * Status * Docs * Contact * Manage cookies * Do not share my personal information You can't perform that action at this time.