Build GenAI Apps from Scratch — UCSB PaCE Certificate Program
The Most Addictive Python and SQL Courses
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a comprehensive analysis of UEFI-based rootkits and malware detection in this Black Hat USA 2013 conference talk. Delve into the Rootkit Detection Framework for UEFI (RDFU), a unified set of tools developed to combat emerging threats across various UEFI implementations. Examine a sample bootkit for Apple OSX, designed specifically for testing purposes, which demonstrates sophisticated infection techniques and functionalities such as FileVault password sniffing, privilege escalation, and file hiding. Learn about the UEFI conceptual overview, runtime services, and the inner workings of RDFU. Gain insights into bootkit workflows and process hiding techniques. Discover the potential applications of this open-source technology in addressing UEFI-based security challenges.
Syllabus
Intro
Our motivation
Booting with BIOS
UEFI Conceptual overview
UEFI images
UEFI Runtime services
How does RDFU work?
Bootkit workflow
Hiding processes
Taught by
Black Hat