The HackSys Extreme Vulnerable Driver (HEVD) is a Windows Kernel driver that is intentionally vulnerable. It has been developed for security researchers and enthusiasts to improve their skills in kernel-level exploitation.
HEVD offers a range of vulnerabilities, from simple stack buffer overflows to more complex issues such as use-after-free, pool buffer overflows, and race conditions. This allows researchers to explore exploitation techniques for each implemented vulnerability.
ooooo ooooo oooooooooooo oooooo oooo oooooooooo.
`888' `888' `888' `8 `888. .8' `888' `Y8b
888 888 888 `888. .8' 888 888
888ooooo888 888oooo8 `888. .8' 888 888
888 888 888 " `888.8' 888 888
888 888 888 o `888' 888 d88'
o888o o888o o888ooooood8 `8' o888bood8P'
Screenshots
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj8rc2hKaM0ZciRBAYDAL4AvsoNb7NTmE6EKGPv90Ko9qjxon4RkiPxt_pBqUdSe3i4MLnfisva6T-GpLUJHiiX2OIfTgQpasuXYArvVxg7e-AcRsyapbUmgGpDKP6sRSgilAoqopVOlySvMCH0BcKlgl3DjMv7nz1KwJbs2FjUOrh5uTaJOOzfK5L-vusL/s16000/hevd-banner.png)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZNwWveRZmWmxiKAo5bsYMYznkFjeTOYpUajMWbmjKIsru7qIxbVlwKyNIgdy6yt22z7-yg5KZa12rPJA2IJ4sUvfHL-EBp1GHtbhyuvUY2UcF18st2rgZQ4HGAedFbVEIcAkqi-f5Leix0sevWssOodEAMyXjXXoRDpkLIQoF83gZU-s5XAZvIGyJJiM8/s16000/hevd-help.png)
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNmiJZbOqgyy06p7ZTpC1uQURjL7Jcs2oTD7nGVSi6mCPisH8R_O-0eJWG_OHCX0W3wZs8PvTLgK8rRZ-3cGErzuzpS6oJOuVPhgNYxRuOI-EMcQ8EvwKqnoafEN7yt5RvVC_S8QV976fg91Hw71WlPibAQOl6ktXFaWXbbe0ldQ_33SwcopC8VAwN_xL0/s16000/hevd-exploitation.png)
Vulnerabilities Implemented
- Write NULL
- Double Fetch
- Buffer Overflow
- Stack
- Stack GS
- NonPagedPool
- NonPagedPoolNx
- PagedPoolSession
- Use After Free
- NonPagedPool
- NonPagedPoolNx
- Type Confusion
- Integer Overflow
- Arithmetic Overflow
- Memory Disclosure
- NonPagedPool
- NonPagedPoolNx
- Arbitrary Increment
- Arbitrary Overwrite
- Null Pointer Dereference
- Uninitialized Memory
- Stack
- NonPagedPool
- Insecure Kernel Resource Access
Building The Driver
- Install Visual Studio 2017
- Install Windows Driver Kit
- Run the appropriate driver builder
Build_HEVD_Vulnerable_x86.bat
orBuild_HEVD_Vulnerable_x64.bat
Download
If you do not want to build HackSys Extreme Vulnerable Driver from source, you could download pre-built executables for the latest release:
Installing The Driver
Use OSR Driver Loader to install HackSys Extreme Vulnerable Driver
Testing
The HackSys Extreme Vulnerable Driver and the respective exploits have been tested on Windows 7 SP1 x86 and Windows 10 x64