Deploy and manage confidential containers on Kubernetes

COCONUT-SVSM

AMD SEV-SNP PoC with SVSM, KBS proxy, virtio-blk device, and stateful vTPM

Attestation and Secret Delivery Components

A reference implementation of the KBS attestation protocol

Occlum is a memory-safe, multi-process library OS for Intel SGX

Linux UEFI library written in pure Go.

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as g…

Updated version of System Management Mode backdoor for UEFI based platforms: old dog, new tricks

Quickly create and run optimised Windows, macOS and Linux virtual machines

Image manipulation tools for the Management Engine firmware

Website for Research Artifacts from the Security Community

Intel Engine & Graphics Firmware Analysis Tool

UFFAF - UEFI Firmware Foundational Automation Framework (formerly XmlCli)

UEFI and SMM Assessment Tool

Quibble - the custom Windows bootloader

Rust library for parsing a number of firmware images

Hex diff viewer using alignment algorithms from biology

TPM2 samples with go-tpm and tpm2_tools

Bootkit sample for firmware attack

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

A tool for checking the security hardening options of the Linux kernel