{"id":13605930,"url":"https://github.com/gdbinit/EFISwissKnife","last_synced_at":"2025-04-12T05:35:11.815Z","repository":{"id":64346079,"uuid":"94218590","full_name":"gdbinit/EFISwissKnife","owner":"gdbinit","description":"An IDA plugin to improve (U)EFI reversing","archived":false,"fork":false,"pushed_at":"2017-06-17T12:40:30.000Z","size":83,"stargazers_count":147,"open_issues_count":1,"forks_count":24,"subscribers_count":16,"default_branch":"master","last_synced_at":"2024-08-03T19:38:55.635Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gdbinit.png","metadata":{"files":{"readme":"README","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-06-13T13:55:00.000Z","updated_at":"2024-06-21T00:07:22.000Z","dependencies_parsed_at":"2023-01-15T13:00:57.813Z","dependency_job_id":null,"html_url":"https://github.com/gdbinit/EFISwissKnife","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gdbinit%2FEFISwissKnife","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gdbinit%2FEFISwissKnife/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gdbinit%2FEFISwissKnife/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gdbinit%2FEFISwissKnife/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gdbinit","download_url":"https://codeload.github.com/gdbinit/EFISwissKnife/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223498104,"owners_count":17155263,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T19:01:04.395Z","updated_at":"2024-11-07T10:31:32.899Z","avatar_url":"https://github.com/gdbinit.png","language":"C++","funding_links":[],"categories":["C++","Reverse Engineering"],"sub_categories":["Malware Articles and Sources"],"readme":"______________________.___\n\\_   _____/\\_   _____/|   |\n |    __)_  |    __)  |   |\n |        \\ |     \\   |   |\n/_______  / \\___  /   |___|\n        \\/      \\/\n  _________       .__                 ____  __.      .__  _____\n /   _____/_  _  _|__| ______ ______ |    |/ _| ____ |__|/ ____\\____\n \\_____  \\\\ \\/ \\/ /  |/  ___//  ___/ |      \u003c  /    \\|  \\   __\\/ __ \\\n /        \\\\     /|  |\\___ \\ \\___ \\  |    |  \\|   |  \\  ||  | \\  ___/\n/_______  / \\/\\_/ |__/____  \u003e____  \u003e |____|__ \\___|  /__||__|  \\___  \u003e\n        \\/                \\/     \\/          \\/    \\/              \\/\n\nEFI Swiss Knife\nAn IDA plugin to improve (U)EFI reversing\n\nCopyright (C) 2016, 2017  Pedro Vilaça (fG!) - reverser@put.as - https://reverse.put.as\n\nThis is an IDA plugin to assist in (U)EFI binaries reversing.\nIt is based on original work by Snare - https://github.com/snare/ida-efiutils\nSince I hate Python I did something new in C adding some extra features that I wanted.\n\nTested with IDA 6.9/6.95 Mac OS X version.\n\nTo compile for OS X use the Makefile or the XCode Project.\n\nYou will need to edit the XCode project and set the paths to the SDK.\n(default is to /Applications/IDA Pro 6.95/idasdk695)\n\nYou should edit config.h and modify the log and database paths.\n\nCopy EFISwissKnife.pmc64 to /Applications/IDA Pro 6.95/idaq.app/Contents/MacOS/plugins/\n\nBy default it only compiles the plugin to the 64 bit version of IDA. If you want the plugin to 32 bit version\nyou need to edit the Xcode Project and change __EA64__=1 to 0.\n\nTo call it from IDA use Shift+F2 and then\n1) To display a menu with run options: RunPlugin(\"EFISwissKnife\", 1);\n2) To run with default options: RunPlugin(\"EFISwissKnife\", 0);\n3) To run in batch mode: RunPlugin(\"EFISwissKnife\", 2);\n\nThe plugin supports batch mode in case you want to mass analyse EFI binaries and gather some statistics about services usage.\n\nYou probably want to update the GUIDs available at efi_guids.h.\n\nThis code is targetting Mac OS X EFI binaries. It should work with other platforms UEFI binaries without problems or with minor\nmodifications and updates.\n\nOnly PE binaries supported, no TE binaries supported yet.\n\nThat's it! Enjoy :-)\n\nfG!\n\nv1.0 - Initial version\n\nIDA BUGS:\nAnother bug is related to the PLUGIN_UNL flag. It is used to \"Unload the plugin immediately after calling 'run'.\".\nIf this option is set, it crashes the Windows version. Mac version seems do to fine with it.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgdbinit%2FEFISwissKnife","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgdbinit%2FEFISwissKnife","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgdbinit%2FEFISwissKnife/lists"}