{"id":19134,"date":"2021-10-13T15:21:20","date_gmt":"2021-10-13T15:21:20","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=19134"},"modified":"2021-10-13T15:21:23","modified_gmt":"2021-10-13T15:21:23","slug":"efixplorer","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/efixplorer\/","title":{"rendered":"efiXplorer : IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation"},"content":{"rendered":"\n<p><strong>efiXplorer<\/strong>&nbsp;&#8211; IDA plugin for UEFI firmware analysis and reverse engineering automation<\/p>\n\n\n\n<p><strong>Supported versions of Hex-Rays products:<\/strong>&nbsp;everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on previous generations.<\/p>\n\n\n\n<p><strong>Why not IDApython:<\/strong>&nbsp;all code developed in C++ because it&#8217;s a more stable and performant way to support a complex plugin and get full power of most recent SDK&#8217;s features.<\/p>\n\n\n\n<p><strong>Supported Platforms:<\/strong>&nbsp;Windows, Linux and OSX.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>efiXplorer core features<\/strong><\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Features Summary Table<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><thead><tr><th>Feature name<\/th><th>32-bit<\/th><th>64-bit<\/th><\/tr><\/thead><tbody><tr><td>Boot Services<\/td><td>+<\/td><td>+<\/td><\/tr><tr><td>Runtime Services<\/td><td>+<\/td><td>+<\/td><\/tr><tr><td>SMM services<\/td><td>&#8211;<\/td><td>+<\/td><\/tr><tr><td>PEI Services<\/td><td>+<\/td><td>&#8211;<\/td><\/tr><tr><td>Protocols<\/td><td>+<\/td><td>+<\/td><\/tr><tr><td>GUIDS<\/td><td>+<\/td><td>+<\/td><\/tr><tr><td>Applying types for local variables<\/td><td>+<\/td><td>+<\/td><\/tr><tr><td>Vulnerabilities scanner<\/td><td>+<\/td><td>+<\/td><\/tr><tr><td>Report in JSON format<\/td><td>+<\/td><td>+<\/td><\/tr><tr><td>Loader<\/td><td>&#8211;<\/td><td>+<\/td><\/tr><tr><td>Dependency graph<\/td><td>&#8211;<\/td><td>+<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\"><a href=\"https:\/\/github.com\/binarly-io\/efiXplorer\/wiki\/efiXplorer-features#identify-available-boot-services-automatically\"><\/a><strong>Identify available Boot Services automatically<\/strong><\/p>\n\n\n\n<p>Annotate Boot Services calls in assembly code automatically:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-go-agnzFGjA\/YV0gKjJz0TI\/AAAAAAAALAs\/eTkQYQHTpJ03gta6HYak1L0T_E-fm5SpgCLcBGAsYHQ\/s1572\/1.gif\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\"><strong>Identify available Runtime Services automatically<\/strong><\/p>\n\n\n\n<p>Annotate Runtime Services calls in assembly code automatically:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-QTyE5G3JCFE\/YV0gsSq4poI\/AAAAAAAALA0\/v1JnVCkyaJUtDovIOe44deDZiijJZ6ZZwCLcBGAsYHQ\/s1572\/2.gif\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\"><strong>Identify available SMM services automatically<\/strong><\/p>\n\n\n\n<p>Annotate SMM Services calls in assembly code automatically:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-yHCaXosb9DY\/YV0iBC5s6TI\/AAAAAAAALA8\/089G8ETkOVMu-GOqmshP_oY7g_Y8bixQQCLcBGAsYHQ\/s1572\/3.gif\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\"><strong>Identify available PEI services automatically<\/strong><\/p>\n\n\n\n<p>Annotate PEI Services calls in assembly code automatically:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-gvAleAuiPBk\/YV0lHOmddII\/AAAAAAAALBc\/ZyQfN-IudpAMQieLIXbE8vbxU0Hw_7yzgCLcBGAsYHQ\/s1572\/4.gif\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\"><strong>Identify available EFI Protocols automatically<\/strong><\/p>\n\n\n\n<p>Build the list of EFI Protocols firmware consumes and installs:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-zRR4eJv5Lqg\/YV2RIfP58zI\/AAAAAAAALCM\/pmeDMdyRu1Ut7o9Dr_IGDUVTJf3TbHSjQCLcBGAsYHQ\/s1572\/5.gif\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\"><strong>Identify known EFI GUIDs<\/strong><\/p>\n\n\n\n<p>Build the list of identified EFI GUIDs (including protocol names for known GUIDS):<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-M8JI3IsBy6M\/YV2RwaOUhpI\/AAAAAAAALCU\/Y1thSao2xXMuiO7X6ouHNjzjTf0GZZFdgCLcBGAsYHQ\/s1572\/6.gif\" alt=\"\" \/><\/figure>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Applying Types For Protocols Interfaces<\/strong><\/p>\n\n\n\n<p>This feature works only in conjunction with a HexRays decompiler. If you don&#8217;t have a HexRays decompiler, build&nbsp;<code>efiXplorer<\/code>&nbsp;without&nbsp;<code><strong>hexrays_sdk<\/strong><\/code>.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><a href=\"https:\/\/github.com\/binarly-io\/efiXplorer\/wiki\/efiXplorer-features#vulnerabilities-scanner\"><\/a><strong>Vulnerabilities Scanner<\/strong><\/p>\n\n\n\n<p><code><strong>efiXplorer<\/strong><\/code>&nbsp;scans drivers for the following types of vulnerabilities:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>SMM callouts<\/li><li>OOB Write via wrong&nbsp;<code><strong>GetVariable<\/strong><\/code>&nbsp;usage (in PEI, DXE and SMM drivers)<\/li><\/ul>\n\n\n\n<p>At the end of the analysis, a chooser is displayed with the suspected vulnerabilities.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><a href=\"https:\/\/github.com\/binarly-io\/efiXplorer\/wiki\/efiXplorer-features#report-in-json-format\"><\/a><strong>Report in JSON format<\/strong><\/p>\n\n\n\n<p>After analysis&nbsp;<code><strong>efiXplorer<\/strong><\/code>&nbsp;saves the report in JSON format.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-vivid-cyan-blue-background-color has-background\" href=\"https:\/\/github.com\/binarly-io\/efiXplorer\/wiki\/efiXplorer-features\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>efiXplorer&nbsp;&#8211; IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products:&nbsp;everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions of Hex-Rays products and do not guarantee stable work on [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":19154,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[4308,4309,4311,4310],"class_list":["post-19134","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-efixplorer","tag-ida-plugin","tag-reverse-engineering-automation","tag-uefi-firmware"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>efiXplorer : IDA Plugin For UEFI Firmware Analysis<\/title>\n<meta name=\"description\" content=\"efiXplorer\u00a0- IDA plugin for UEFI firmware analysis and reverse engineering automation. we focus on last versions of IDA and Decompiler\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/efixplorer\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"efiXplorer : IDA Plugin For UEFI Firmware Analysis\" \/>\n<meta property=\"og:description\" content=\"efiXplorer\u00a0- IDA plugin for UEFI firmware analysis and reverse engineering automation. we focus on last versions of IDA and Decompiler\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/efixplorer\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2021-10-13T15:21:20+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-10-13T15:21:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"efiXplorer : IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation\",\"datePublished\":\"2021-10-13T15:21:20+00:00\",\"dateModified\":\"2021-10-13T15:21:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/\"},\"wordCount\":317,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png\",\"keywords\":[\"efiXplorer\",\"IDA Plugin\",\"Reverse Engineering Automation\",\"UEFI Firmware\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/efixplorer\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/\",\"name\":\"efiXplorer : IDA Plugin For UEFI Firmware Analysis\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png\",\"datePublished\":\"2021-10-13T15:21:20+00:00\",\"dateModified\":\"2021-10-13T15:21:23+00:00\",\"description\":\"efiXplorer\u00a0- IDA plugin for UEFI firmware analysis and reverse engineering automation. we focus on last versions of IDA and Decompiler\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/efixplorer\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/efixplorer\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"efiXplorer : IDA Plugin For UEFI Firmware Analysis","description":"efiXplorer\u00a0- IDA plugin for UEFI firmware analysis and reverse engineering automation. we focus on last versions of IDA and Decompiler","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/efixplorer\/","og_locale":"en_US","og_type":"article","og_title":"efiXplorer : IDA Plugin For UEFI Firmware Analysis","og_description":"efiXplorer\u00a0- IDA plugin for UEFI firmware analysis and reverse engineering automation. we focus on last versions of IDA and Decompiler","og_url":"https:\/\/kalilinuxtutorials.com\/efixplorer\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2021-10-13T15:21:20+00:00","article_modified_time":"2021-10-13T15:21:23+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/efixplorer\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/efixplorer\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"efiXplorer : IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation","datePublished":"2021-10-13T15:21:20+00:00","dateModified":"2021-10-13T15:21:23+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/efixplorer\/"},"wordCount":317,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/efixplorer\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png","keywords":["efiXplorer","IDA Plugin","Reverse Engineering Automation","UEFI Firmware"],"articleSection":["Kali Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/efixplorer\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/efixplorer\/","url":"https:\/\/kalilinuxtutorials.com\/efixplorer\/","name":"efiXplorer : IDA Plugin For UEFI Firmware Analysis","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/efixplorer\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/efixplorer\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png","datePublished":"2021-10-13T15:21:20+00:00","dateModified":"2021-10-13T15:21:23+00:00","description":"efiXplorer\u00a0- IDA plugin for UEFI firmware analysis and reverse engineering automation. we focus on last versions of IDA and Decompiler","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/efixplorer\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/efixplorer\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-abKQgAT5nns\/YV2U8pjudVI\/AAAAAAAALCc\/mbPToA7_O3028p6D8wuRaQdFdnErUBHqQCLcBGAsYHQ\/s728\/download%2B%25282%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":11205,"url":"https:\/\/kalilinuxtutorials.com\/uefi_retool\/","url_meta":{"origin":19134,"position":0},"title":"UEFI_RETool : A Tool For UEFI Firmware Reverse Engineering","author":"R K","date":"August 12, 2020","format":false,"excerpt":"UEFI_RETool is a tool for UEFI firmware reverse engineering. UEFI firmware analysis with uefi_retool.py script Usage Copy ida_plugin\/uefi_analyser.py script and ida_plugin\/uefi_analyser directory to IDA plugins directoryEdit config.json filePE_DIR is a directory that contains all executable images from the UEFI firmwareDUMP_DIR is a directory that contains all components from the firmware\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":4449,"url":"https:\/\/kalilinuxtutorials.com\/idarling-reverse-engineering-plugin\/","url_meta":{"origin":19134,"position":1},"title":"IDArling : Collaborative Reverse Engineering Plugin for IDA Pro &#038; Hex-Ray","author":"R K","date":"April 4, 2019","format":false,"excerpt":"IDArling is a collaborative reverse engineering plugin for IDA Pro and Hex-Rays. It allows to synchronize in real-time the changes made to a database by multiple users, by connecting together different instances of IDA Pro. The main features of IDArling are: hooking general user eventsstructure and enumeration supportHex-Rays decompiler syncingreplay\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":35429,"url":"https:\/\/kalilinuxtutorials.com\/hrtng-ida-plugin-elevating-idas-capabilities-for-advanced-malware-analysis\/","url_meta":{"origin":19134,"position":2},"title":"hrtng IDA Plugin : Elevating IDA&#8217;s Capabilities For Advanced Malware Analysis","author":"Varshini","date":"December 11, 2024","format":false,"excerpt":"hrtng IDA plugin is a collection of tools, ideas and experiments from different sources I've found interesting and useful in my reversing work. A practical guide to the reverse of a complex malware using the example of dissecting a FinSpy module with help of hrtng IDA plugin on securelist There\u2026","rel":"","context":"In &quot;Malware&quot;","block_context":{"text":"Malware","link":"https:\/\/kalilinuxtutorials.com\/category\/malware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjSjqTCMpgErTwvhs8Pwxrzhh1vlkbosIPdeKSze2DmCM4MeOvJvqX1C704IHUr6OcakNQcjXZEKUTuU0078asNZNCo_DLGHD5cxnFrjWll3-8mNfm-l-aYKpZGLasRc4YX8OllJ_k3Ff1yGnMOLuvTFIj66qxnoaPRtQcGHFdNAWQXR4ui3BNG3EOByYiW\/s1600\/hrtng%20IDA%20Plugin.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjSjqTCMpgErTwvhs8Pwxrzhh1vlkbosIPdeKSze2DmCM4MeOvJvqX1C704IHUr6OcakNQcjXZEKUTuU0078asNZNCo_DLGHD5cxnFrjWll3-8mNfm-l-aYKpZGLasRc4YX8OllJ_k3Ff1yGnMOLuvTFIj66qxnoaPRtQcGHFdNAWQXR4ui3BNG3EOByYiW\/s1600\/hrtng%20IDA%20Plugin.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjSjqTCMpgErTwvhs8Pwxrzhh1vlkbosIPdeKSze2DmCM4MeOvJvqX1C704IHUr6OcakNQcjXZEKUTuU0078asNZNCo_DLGHD5cxnFrjWll3-8mNfm-l-aYKpZGLasRc4YX8OllJ_k3Ff1yGnMOLuvTFIj66qxnoaPRtQcGHFdNAWQXR4ui3BNG3EOByYiW\/s1600\/hrtng%20IDA%20Plugin.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjSjqTCMpgErTwvhs8Pwxrzhh1vlkbosIPdeKSze2DmCM4MeOvJvqX1C704IHUr6OcakNQcjXZEKUTuU0078asNZNCo_DLGHD5cxnFrjWll3-8mNfm-l-aYKpZGLasRc4YX8OllJ_k3Ff1yGnMOLuvTFIj66qxnoaPRtQcGHFdNAWQXR4ui3BNG3EOByYiW\/s1600\/hrtng%20IDA%20Plugin.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjSjqTCMpgErTwvhs8Pwxrzhh1vlkbosIPdeKSze2DmCM4MeOvJvqX1C704IHUr6OcakNQcjXZEKUTuU0078asNZNCo_DLGHD5cxnFrjWll3-8mNfm-l-aYKpZGLasRc4YX8OllJ_k3Ff1yGnMOLuvTFIj66qxnoaPRtQcGHFdNAWQXR4ui3BNG3EOByYiW\/s1600\/hrtng%20IDA%20Plugin.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjSjqTCMpgErTwvhs8Pwxrzhh1vlkbosIPdeKSze2DmCM4MeOvJvqX1C704IHUr6OcakNQcjXZEKUTuU0078asNZNCo_DLGHD5cxnFrjWll3-8mNfm-l-aYKpZGLasRc4YX8OllJ_k3Ff1yGnMOLuvTFIj66qxnoaPRtQcGHFdNAWQXR4ui3BNG3EOByYiW\/s1600\/hrtng%20IDA%20Plugin.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":13497,"url":"https:\/\/kalilinuxtutorials.com\/bn-uefi-helper\/","url_meta":{"origin":19134,"position":3},"title":"Bn-Uefi-Helper : Helper Plugin For Analyzing UEFI Firmware","author":"R K","date":"June 19, 2021","format":false,"excerpt":"Bn-Uefi-Helper is a tool to helper plugin for analyzing UEFI firmware. This plugin contains the following features: Apply the correct prototype to the entry point functionFix segments so all segments are RWX and have the correct semanticsThis allows for global function pointers to be rendered correctlyApply types for core UEFI\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":18314,"url":"https:\/\/kalilinuxtutorials.com\/karta\/","url_meta":{"origin":19134,"position":4},"title":"Karta : Source Code Assisted Fast Binary Matching Plugin For IDA","author":"R K","date":"September 23, 2021","format":false,"excerpt":"\"Karta\" (Russian for \"Map\") is an IDA Python plugin that identifies and matches open-sourced libraries in a given binary. The plugin uses a unique technique that enables it to support huge binaries (>200,000 functions), with almost no impact on the overall performance. The matching algorithm is location-driven. This means that\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-MHZ0YZ_pCCY\/YT7BF8eOovI\/AAAAAAAAKzo\/lUrjg_GK2sI9nvovNj0gnNpyHoAvjkU9ACLcBGAsYHQ\/s668\/KartaTool.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-MHZ0YZ_pCCY\/YT7BF8eOovI\/AAAAAAAAKzo\/lUrjg_GK2sI9nvovNj0gnNpyHoAvjkU9ACLcBGAsYHQ\/s668\/KartaTool.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-MHZ0YZ_pCCY\/YT7BF8eOovI\/AAAAAAAAKzo\/lUrjg_GK2sI9nvovNj0gnNpyHoAvjkU9ACLcBGAsYHQ\/s668\/KartaTool.png?resize=525%2C300&ssl=1 1.5x"},"classes":[]},{"id":3799,"url":"https:\/\/kalilinuxtutorials.com\/bincat-binary-code-static-analyser\/","url_meta":{"origin":19134,"position":5},"title":"Bincat : Binary Code Static Analyser With IDA Integration","author":"R K","date":"February 8, 2019","format":false,"excerpt":"BinCAT is a\u00a0static\u00a0Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA or using Python for automation. It features: value analysis (registers and memory)taint analysistype reconstruction and propagationbackward and forward analysisuse-after-free and double-free detection Also Read : LOLBAS \u2013 Living Off The Land Binaries And Scripts Quick FAQ\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/19134","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=19134"}],"version-history":[{"count":9,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/19134\/revisions"}],"predecessor-version":[{"id":19393,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/19134\/revisions\/19393"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/19154"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=19134"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=19134"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=19134"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}