Blog

AI analysis of Intel Processor Trace from ENABLEJTAGBREAK to Windows’ first SMI

Alan Sguigna

June 15, 2025
5:15 pm

It is possible to break at the earliest part of Windows boot via the ENABLEJTAGBREAK facility made available within bootmgfw!BlBdWaitForJtagHwDebugger. In this article, there’s a short description and video whereby I’ve collected Intel Processor Trace as the target boots from early Windows to the first SMM entry; and then used AI to analyze it. The results are outstanding.

Using JTAG for Interrupt Handler Research

Alan Sguigna

May 26, 2025
1:33 pm

JTAG can be used to explore the behavior of interrupt dispatching internals in a new way. This article describes the functionality of the Interrupt Descriptor Table (IDT) as an Intel target is booted from the reset vector, through UEFI, and into Windows.

Using LLMs to analyze Hyper-V Register State and Instruction Trace

Alan Sguigna

May 11, 2025
4:24 pm

SourcePoint+AI is a new enhancement of the renowned JTAG-based debugger, which can reduce months' worth of analysis into minutes. For debugging and reverse engineering, it's like going from hunting with a stone spear to using a guided missile.

Using ChatGPT on Windows Secure Kernel with Intel Architectural Event Trace

Alan Sguigna

April 13, 2025
3:04 pm

This article describes the process of feeding ChatGPT with Intel Architectural Event Trace (AET) data generated during Windows secure boot.

Using ChatGPT on Windows Secure Kernel with Intel Processor Trace

Alan Sguigna

April 5, 2025
3:27 pm

In this article, the ChatGPT OpenAI LLM is used to provide insight into Windows instruction execution during a Secure Kernel to Normal Kernel transition.

Unlocking the Power of ScanWorks Fast Flash: Integrating Customer IP into FPGA Configurations – Part 1

John Akin

March 31, 2025
1:23 pm

In this blog post ASSET's John Akin explores integrating customer IP into FPGA configurations, and he dives into the innovative ways you can leverage ScanWorks Fast Flash Programming (FFP) technology to enhance your FPGA configurations.

The Mysterious Behavior of the Intel E-cores

Alan Sguigna

March 23, 2025
10:03 am

While doing some low-level debugging using SourcePoint, I noticed some interesting and puzzling behavior of Intel E-cores (based upon Atom architecture) versus P-cores (based on Core architecture).

Debugging, Reverse Engineering, and Malware Research – The Value of Better Tools: Part 2

Alan Sguigna

March 2, 2025
5:02 pm

What is the Return on Investment (ROI) of better debuggers? Managers often want to know what the financial benefit of investing in better tools is. Although your mileage will vary, here's one model based upon our experience.

Debugging SMM with JTAG: Part 3

Alan Sguigna

February 23, 2025
6:19 pm

In my prior two articles, I demonstrated the use of JTAG to set breakpoints inside SMM that survive Entry and Exit, and how to use Last Branch Record (LBR) trace to do dynamic analysis. In this blog, I show how to set up a visual view of SMRAM that updates dynamically as SMIs are hit.

Unboxing Boundary-Scan Test: Part 5

Alan Sguigna

February 22, 2025
4:47 pm

Building a boundary scan project from scratch, starting with Scan Path Verify (SPV).

AI analysis of Intel Processor Trace from ENABLEJTAGBREAK to Windows’ first SMI

Using JTAG for Interrupt Handler Research

Using LLMs to analyze Hyper-V Register State and Instruction Trace

Using ChatGPT on Windows Secure Kernel with Intel Architectural Event Trace

Using ChatGPT on Windows Secure Kernel with Intel Processor Trace

Unlocking the Power of ScanWorks Fast Flash: Integrating Customer IP into FPGA Configurations – Part 1

The Mysterious Behavior of the Intel E-cores

Debugging, Reverse Engineering, and Malware Research – The Value of Better Tools: Part 2

Debugging SMM with JTAG: Part 3

Unboxing Boundary-Scan Test: Part 5

Archives

Categories