Bootloaders is a community-driven project that provides a curated list of all malicious bootloaders that have been found to be abused by adversaries to bypass security controls and execute malicious code. The project was inspired by Michael Haag's work in hunting evil and the need to track malicious drivers that adversaries use to evade detection, now extended to bootloaders. Jose Enrique Hernandez is instrumental in putting the project together and continues to contribute to its development.
Bootloaders is an open-source project that welcomes contributions from the security community. By sharing knowledge and expertise, we can help each other stay informed and better defend against emerging threats. Whether you're a researcher, incident responder, or system administrator, we hope that Bootloaders will be a valuable resource in your fight against cyberattacks.
Michael Haag is a Principal Threat Researcher at Splunk. Michael has more than a decade of experience in security architecture and operations. His specialties include advanced threat hunting and investigations, atomic testing, and technological evaluations and detection engineering. Michaels is the co-founder of the Atomic Red Team project and co-host of Atomics on a Friday.
Currently, Jose Enrique Hernandez is a Distinguished Cloud Threat Researcher at Laceworks. Previously he founded and lead the Threat Research team at Splunk (STRT). Jose is known for creating several security-related projects, including: Splunk Attack Range, Splunk Security Content, Git-Wild-Hunt, Melting-Cobalt, and BlackCert projects. He also works as a maintainer to security industry critical repositories such as Atomic Red Team and lolbas-project.github.io.
Currently, Nasreddine Bencherchali is a Threat Researcher at Nextron Systems, with a focus in Detection Engineering and Threat Hunting. Nasreddine is also currently one of the maintainers of the SIGMA project and the co-founder of the EVTX-ETW-Resources project, he also write a blog about Detection and other security topics