secureboot

There are 6 repositories under secureboot topic.

• WinDiskWriter

  TechUnRestricted / WinDiskWriter

  🖥 Windows Bootable USB creator for macOS. 🛠 Patches Windows 11 to bypass TPM and Secure Boot requirements. 👾 UEFI & Legacy Support

  bootable-usbfat32macosmacos-appobjective-csecureboottpmwimlibwindowswindows11appkitcocoaexfatgrub4doslegacy-biosuefi
  Language:C 1787

• Foxboron / sbctl

  :computer: :lock: :key: Secure Boot key manager

  efiefi-stubgogolanglinuxsecurebootsignaturesuefiuefi-secureboot
  Language:Go 1533

• ValdikSS / Super-UEFIinSecureBoot-Disk

  Super UEFIinSecureBoot Disk: Boot any OS or .efi file without disabling UEFI Secure Boot

  bootable-usbgptgrub2isoliveusbmbrmultibootsecurebootuefiuefi-bootuefi-secureboot
  740

• GrapheneOS / Auditor

  Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.

  securityattestationcryptographyverifiedbootremote-attestationhsmandroidgrapheneosstrongboxmonitoringintegrityauthenticitysecure-bootsecureboot
  Language:Java 499
• kaku

  linuxmobile / kaku

  革 | kaku

  amdgpudotfileshyprlandneofetchnixosnvchadricingsecurebootstarshipunixpornwaylandweztermzsh
  Language:Nix 356

• noahbliss / mortar

  Framework to join Linux's physical security bricks.

  lukstpmtpm2securebootueficlevisbootmortardebianarchbitlocker
  Language:Shell 237

• EETagent / T480-OpenCore-Hackintosh

  OpenCore 0.6.9 configuration for T480. Optimized for Catalina and Big Sur.

  hackintosht480thinkpadmacosopencorecatalinamojaveefibigsursecureboot
  Language:ASL 143

• GrapheneOS / AttestationServer

  attestation.app remote attestation server. Server code for use with the Auditor app: https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remote attestation implementation with email alerts to go along with the local implementation based on QR code scanning in the app.

  securityattestationcryptographyverifiedbootremote-attestationhsmandroidmonitoringgrapheneosstrongboxintegrityauthenticitysecure-bootsecureboot
  Language:Java 109

• 3intermute / ramiel

  uefi diskless persistence technique + OVMF secureboot bypass

  securebootmalwareovmfpersistencedisklessuefi
  Language:C 53

• GrapheneOS-Archive / AttestationSamples

  A small subset of the submitted sample data from https://github.com/GrapheneOS/Auditor. It has a sample attestation certificate chain per device model (ro.product.model) along with a subset of the system properties from the sample as supplementary information.

  securityattestationcryptographysecure-bootverifiedbootremote-attestationhsmandroidstrongboxintegrityauthenticitysecureboot
  Language:Shell 33

• theo546 / my-arch-setup

  A repo that explain how to install Arch Linux featuring encryption, Secure Boot, btrfs and AppArmor.

  archlinuxarch-linuxbtrfsfirejailapparmorflatpaktpmsecurebootkde
  Language:Shell 33

• dm0- / installer

  Secure immutable GNU/Linux distro installer

  appliance-imagesarchcentosdistrofedoragentoogptopensusesecurebootselinuxubuntuuefiverity
  Language:Shell 32

• pbatard / Mosby

  Mosby – More Secure Secure Boot

  arm64edk2ia32secure-bootsecurebootuefiuefi-securebootuefi-shellx64
  Language:C 29
• SecureBootForSteamDeck

  ryanrudolfoba / SecureBootForSteamDeck

  This repository contains the instructions on how to generate and install the Platform Key (PK), Key Exchange Key (KEK) and Signature Database (DB) to enable the Secure Boot functionality in Steam Deck.

  bootdecksecuresecurebootsteamsteamdecksbctl
  29

• DimanNe / secure-boot

  Really Secure Boot on Linux

  securebootlinuxlinux-kernelgpgssl
  Language:Python 22

• abdullah-erturk / SecureBoot-Grub2FM-Suite

  SecureBoot Grub2FM Suite

  grub2grub2filembrefiuefilegacymultibootusbsecurebootsecureboot-grub2fm-suitevhduefi-modediskflash-disksgrubfm
  Language:Batchfile 17

• abdullah-erturk / Ventoy-Grub2FM-Multiboot-With-Original-Files

  Ventoy & Grub2FM Multiboot With Original Files

  bootdiskefigptgrub2legacymbrmultibootsecurebootuefiusbventoygrub2fmgrubfm
  14
• symlink-secure-boot-vm

  anvilsecure / symlink-secure-boot-vm

  VM demonstration various symlink and hard link attacks against secure boot. See the whitepaper at: https://www.anvilventures.com/blog/defeating-secure-boot-with-symlink-attacks.html

  symlinksattackssecurityvmssecurebootsecureboothackingwhitepaper
  Language:HTML 14

• puzzleos / stubby

  UEFI bootloader stub

  bootloaderuefisecureboot
  Language:C 14

• puzzleos / uefi-dev

  QEMU/OVMF/SWTPM UEFI Secure Boot development environment

  qemuuefiovmfsecureboottpm
  Language:C 13

• herzhenr / Project-Hackintosh

  Intel 10th-gen Hackintosh powered by OpenCore

  hackintoshmacmacosocopencoresecurebootubuntuwindows11
  10

• Zile995 / booster-um

  Booster UKI Manager - A simple bash script to manage UKI files generated by booster and systemd-ukify

  arch-linuxboosterefistubinitramfslinuxsbctlsecurebootukisystemd-ukifyarchlinuxunified-kernel-imageukifyefisystemd-bootuefixbootldr
  Language:Shell 10

• GrapheneOS / platform_external_Auditor

  Auditor app prebuilt using the latest official release of the Auditor app.

  securityattestationcryptographyverifiedbootremote-attestationhsmandroidgrapheneosstrongboxmonitoringintegrityauthenticitysecure-bootsecureboot
  Language:Makefile 9

• jonasblixt / bpak

  Bitpacker

  embeddedfirmwaresecurebootdmverityota
  Language:C 6

• matthewpi / nixos-config

  My personal NixOS configs

  flake-partsnixnix-darwinnix-flakesnixosnixos-confignixos-configurationagenixhome-managersecureboottreefmttreefmt-nixagshyprlandneovim
  Language:Nix 6

• abdullah-erturk / iPXE-iso-efi-mbr-secureboot-support-

  ipxesecurebootpxepxe-bootpxe-serveripxe-isotftptftp-servertftp-clientnetbootdhcp-serverdhcppxeboot
  4

• ericonr / generate-sb-efi

  Automate generation of Secure Boot signed single file kernel images

  secure-bootsecurebootefiuefilinux
  Language:Python 4

• HarryR / cummiboot

  Encrypted PCR locked EFI Linux bootloader with Microsoft Pluton

  efilinux-securitysecureboottpm2
  Language:C 4

• 9001 / asm

  scriptable runtime-writable livecd / hardware wrangler

  alpinelivecdliveusbsecurebootuki
  Language:Shell 3

• abdullah-erturk / Ventoy-Command-Line-Installer

  Ventoy Command Line Installer

  diskefigrub2legacymultibootsecurebootuefiusbventoyefi-drivermbrvhd
  Language:Batchfile 3

• mkulke / mkosi-playground

  Building azure images with mkosi

  azureconfidential-computingmkosisecureboot
  Language:Go 2
• Tutorials-and-Tips

  Data-Spirit / Tutorials-and-Tips

  All the tips for GNU/Linux systems <3

  documentationsecureboottutorialvirtualbox
  1

• jellyterra / fedora-secureboot

  Build trusted boot on Fedora. With SecureBoot and Unified Kernel Image and encrypted disk.

  dracutfedorasecurebootsystemd-bootunified-kernel-image
  Language:Shell 1

• JMP-0xFF / arch-linux-paranoid

  Arch Linux installation Guide For Paranoid Users

  archlinuxarch-linuxlinuxinstallation-guidessecurebootlinux-hardening
  1

• KareemMoneeam / FOTA

  This repository hosts the Firmware Over-The-Air (FOTA) system developed as part of a graduation project at Cairo University. The FOTA system enables secure, efficient, remote updates for embedded systems in smart vehicles, enhancing functionality, safety, and user experience, with strong automotive cybersecurity measures.

  aes-encryptionbootloadercryptographydjangoembeddedembedded-cembedded-systemsesp32firmwarefirmware-over-the-airgraduation-projecthc05-modulemobileappsecurebootstm32
  Language:C 1

• vaginessa / uefi-checkscript

  The uefi-checkscript.ps1 verifies that the operating system was booted from UEFI. It will display a notification if the system was booted from BIOS.

  uefisecurebootsecure-boot
  Language:PowerShell 1