Skip to content


Folders and files

Last commit message
Last commit date

Latest commit


Repository files navigation

HackSys Extreme Vulnerable Driver

           ooooo   ooooo oooooooooooo oooooo     oooo oooooooooo.   
           `888'   `888' `888'     `8  `888.     .8'  `888'   `Y8b  
            888     888   888           `888.   .8'    888      888 
            888ooooo888   888oooo8       `888. .8'     888      888 
            888     888   888    "        `888.8'      888      888 
            888     888   888       o      `888'       888     d88' 
           o888o   o888o o888ooooood8       `8'       o888bood8P'   

Black Hat Arsenal Appveyor Build Status GitHub all Releases Twitter Follow Mastodon Follow Discord Server

The HackSys Extreme Vulnerable Driver (HEVD) is a Windows Kernel driver that is intentionally vulnerable. It has been developed for security researchers and enthusiasts to improve their skills in kernel-level exploitation.

HEVD offers a range of vulnerabilities, from simple stack buffer overflows to more complex issues such as use-after-free, pool buffer overflows, and race conditions. This allows researchers to explore exploitation techniques for each implemented vulnerability.

Black Hat Arsenal 2016

Blog Post

External Exploits

External Blog Posts


Ashfaq Ansari


Blog | @HackSysTeam

HackSys Inc


Driver Banner



Driver Debug Print

Vulnerabilities Implemented

  • Write NULL
  • Double Fetch
  • Buffer Overflow
    • Stack
    • Stack GS
    • NonPagedPool
    • NonPagedPoolNx
    • PagedPoolSession
  • Use After Free
    • NonPagedPool
    • NonPagedPoolNx
  • Type Confusion
  • Integer Overflow
    • Arithmetic Overflow
  • Memory Disclosure
    • NonPagedPool
    • NonPagedPoolNx
  • Arbitrary Increment
  • Arbitrary Overwrite
  • Null Pointer Dereference
  • Uninitialized Memory
    • Stack
    • NonPagedPool
  • Insecure Kernel Resource Access

Building the driver

  1. Install Visual Studio 2017
  2. Install Windows Driver Kit
  3. Run the appropriate driver builder Build_HEVD_Vulnerable_x86.bat or Build_HEVD_Vulnerable_x64.bat


If you do not want to build HackSys Extreme Vulnerable Driver from source, you could download pre-built executables for the latest release:

Installing the driver

Use OSR Driver Loader to install HackSys Extreme Vulnerable Driver


The HackSys Extreme Vulnerable Driver and the respective exploits have been tested on Windows 7 SP1 x86 and Windows 10 x64

Sessions Conducted

Workshops Conducted

HEVD for Linux

Linux HEVD Driver Banner

Linux HEVD Driver Installer

Linux HEVD Driver IOTCL Tests

Linux HEVD Driver IOTCL Log


Please see the file LICENSE for copying permission

Contribution Guidelines

Please see the file for contribution guidelines

TODO & Bug Reports

Please file any enhancement request or bug report via the GitHub issue tracker at the below-given address:


Thanks go to these wonderful people: 🎉

HackSys Inc