Skip to content

Commit

Permalink
Update README.
Browse files Browse the repository at this point in the history
  • Loading branch information
Evgenii Rasskazov committed Jul 7, 2020
1 parent b84f611 commit 704c43b
Showing 1 changed file with 10 additions and 10 deletions.
20 changes: 10 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,27 +2,27 @@

## About

The analyzer automates the process of exploring EFI files. After the analysis, well-known protocols, interrupts, etc. are found.
The analyzer automates the process of researching EFI files, helps to discover and analyze well-known protocols, smi handlers, etc.

## Features

### Find known EFI GUID's
### Finds known EFI GUID's

![guids](./img/guids.png)

### Identified protocols which are finding with `LOCATE_PROTOCOL` function
### Identifies protocols located with `LOCATE_PROTOCOL` function

![locateProtocols](./img/locateProtocols.png)

### Identified functions used as the `NOTIFY` function
### Identifies functions used as the `NOTIFY` function

![notify](./img/notify.png)

### Identified protocols installed in the module through `INSTALL_PROTOCOL_INTERFACE`
### Identifies protocols installed in the module through `INSTALL_PROTOCOL_INTERFACE`

![install](./img/install.png)

### Identified functions used as an interrupt function (like some hardware, software or child interrupt)
### Identifies functions used as an interrupt function (like some hardware, software/child interrupt)

![ioTrap](./img/ioTrap.png)

Expand All @@ -32,9 +32,9 @@ The analyzer automates the process of exploring EFI files. After the analysis, w

![sw](./img/sw.png)

### Script for loading efi modules to relevant directories upon import in `Headless mode`
### Script for loading efi modules to relevant directories in `Headless mode`

Sorting smm modules relying on meta information by next folders:
Sorting smm modules relying on meta information into next folders:

* SwInterrupts
* ChildInterrupts
Expand All @@ -45,14 +45,14 @@ Sorting smm modules relying on meta information by next folders:

## Installation

Set the `GHIDRA_INSTALL_DIR` environment variable to the ghidra path.
Set `GHIDRA_INSTALL_DIR` environment variable to ghidra path.

Start `gradlew.bat`, after the completion of building a copy archive from the `dist` directory to `GHIDRA_HOME_DIR/Extensions/Ghidra/`.
And turn on this extention in your ghidra.

## Usage

After install, you can use the analyzer. If you open a UEFI file, the analyzer appears and is selected automatically.
After installation you are free to use this analyzer. If you open a EFI file, the analyzer appears selected automatically.
To start the analyzer, press `A` or `Analysis/Auto Analyze` and press `Analyze`.

## References
Expand Down

0 comments on commit 704c43b

Please sign in to comment.