Damn Vulnerable UEFI: Simulate real-world firmware attacks
Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities.
Simulate real-world firmware attacks
DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI firmware security by providing examples to explore potential vulnerabilities.
The project is engineered to simulate real-world firmware attacks, offering an environment for practicing and refining exploitation techniques.
DVUEFI includes a comprehensive, ever-growing catalog of documented UEFI vulnerabilities. Each entry provides in-depth details on exploitation techniques, potential impacts, and recommended mitigation strategies, making it a valuable reference for security professionals.
Download DVUEFI
DVUEFI is available for free on GitHub. The exploitation environment is designed to be deployable on Windows and Linux using either QEMU for the first two stages, and VMWare Workstation Player for the final stage.
Must read:
- 20 free cybersecurity tools you might have missed
- 15 open-source cybersecurity tools you’ll wish you’d known earlier
- 20 essential open-source cybersecurity tools that save you time