About 6 years ago Neviksti managed to dump the internal 256 byte bootstrap ROM used by the DMG (First model Game Boy) to scroll down Nintendo logo, play the po-ling sound and confirm that the cartridge header is in order before allowing the cartridge to be executed. He did so by opening up the epoxy covering the chip and reading out the memory visually bit by bit though a microscope. This was groundbreaking because there was no ordinary way to read the ROM as it was shut off by an internal register after boot-up.
Just the other day, costis dumped the corresponding ROM image from the SGB (Super Game Boy) with a slightly different method, namely clock glitching. Costis’ method is using an FPGA to run the system clock normally up until the point where the protection register is to be written. At that point the clock frequency is increased to such a fast speed that the write is ignored by the protection register and the execution continues into the user code, which then dumps the 256 byte big code. The operation was surprisingly painless according to costis himself. Next up is the GBC which is believed to have a bootstrap ROM bigger than 256 since its start-up procedure is much more advanced, distinguishing between GBC and DMG, and letting the user choose palettes for monochrome games.
For more info, see costis’ SGB hack page.