Abstract
The UEFI BIOS firmware will handle some of the first steps of the boot of a computer. This low-level firmware developed by the computer manufacturers is best known for implementing SecureBoot, the security protection which should guarantee that the next steps in the boot, the bootloader and the kernel, are not corrupted. In recent years, compromising this firmware has allowed attackers to inject invisible backdoors in the UEFI code: allowing them to get code execution in the kernel during the boot and to be persistent across the re-initialization of the computer.
This training is ideally suited for software engineers and security researcher who wish to better understand the boot of a computer and wants to acquire the basics for being able to reverse firmware. No prior knowledge is required in this field and the course will start by introducing how this works before making practices for interfacing with the UEFI. Practice will be made using emulation and an external hardware board, but the students are encouraged to look at the UEFI firmware on their own computer.
At the end of this training, students will have a global understanding of the main part of an UEFI firmware and how an Intel computer boots. They will be able to look at an unknown UEFI firmware implementation and will be able to reverse engineer its drivers.
Full syllabus: click here
Next sessions
Training has been recorded and can be bought and followed at any time. Private sessions can be organized. All informations on Advanced Security Training.