MITRE Copernicus was — AFAICT — the first public firmware vulnerability analysis tool. I’ve not given it enough coverage here, only a single post:
https://firmwaresecurity.com/2015/05/22/mitre-copernicus/
I presume that everyone already knows about it. If you don’t know about it, it is worth investigating
It appears that MITRE hasn’t updated Copernicus, in a while, at least I can’t find any. I just noticed that Xeno of LebaCore, formerly of MITRE and one of the Copernicus developers, gave an URL to the latest version of it, which is a public download:
The same URL to that zip is in the below mini-review for BIOS Diff, a cross-platform open source firmware utility that is included in Copernicus:
https://firmwaresecurity.com/2015/05/21/tool-mini-review-bios_diff-py/
Copernicus is Windows-centric, and public release is closed-source, including the driver. I wish there was another host for it, in addition to blackhat.com, a domain commonly attacked by hacker. I wish it was hosted in another place, and included a .SHA256 and OpenPGP .ASC sidecar files for verfication. I REALLY wish the sources to the Windows driver were published!
Looking forward to another version of Copernicus, or some other new tools from LegbaCore!
check this https://github.com/chipsec/chipsec
LikeLike