2015 Volatility Plugin Contest open

There’s a LOT of UEFI firmware-centric stuff that could be added to Volatility. I hope some creative security researchers consider some of the ‘low-hanging fruit’, they are offering $$ as reward for the code. 🙂 Integration with CHIPSEC’s library for forensic examination. Tianocore’s GUIDs and structure signatures, TE image format (small tweaks to PE+), firmware volume and capsule and related container formats. I wonder if Volatility can be ported to UEFI’s CPython 2.7x, so it can be used inside UEFI, and have much more access to the system? If not ported, then a bridge to an OS-level Volatility talking to CPython inside an OVMF? There’s a lot of existing Python code on exising Github projects that could be refactored, as well.


Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s