Skip to content


Switch branches/tags

Latest commit

```(*(PULONG_PTR*)UserPointerToIncrementValue)++; ```
increments by one pointer (so 8) instead of 1. To make this a 1-byte arbitrary increment, making UserPointerToIncrementValue a PCHAR, and incrementing by 1 CHAR.

Git stats


Failed to load latest commit information.

HackSys Extreme Vulnerable Driver

           ooooo   ooooo oooooooooooo oooooo     oooo oooooooooo.   
           `888'   `888' `888'     `8  `888.     .8'  `888'   `Y8b  
            888     888   888           `888.   .8'    888      888 
            888ooooo888   888oooo8       `888. .8'     888      888 
            888     888   888    "        `888.8'      888      888 
            888     888   888       o      `888'       888     d88' 
           o888o   o888o o888ooooood8       `8'       o888bood8P'   

Appveyor build status Black Hat Arsenal

HackSys Extreme Vulnerable Driver is intentionally vulnerable Windows driver developed for security enthusiasts to learn and polish their exploitation skills at Kernel level.

HackSys Extreme Vulnerable Driver caters wide range of vulnerabilities ranging from simple Stack Buffer Overflow to complex Use After Free, Pool Buffer Overflow and Race Condition. This allows the researchers to explore the exploitation techniques for every implemented vulnerabilities.

Black Hat Arsenal 2016


White Paper

Blog Post

External Exploits

External Blog Posts


Ashfaq Ansari


@HackSysTeam | Blog | null

Payatu Technologies


Driver Banner



Driver Debug Print

Vulnerabilities Implemented

  • Write NULL
  • Double Fetch
  • Buffer Overflow
    • Stack
    • Stack GS
    • NonPagedPool
    • NonPagedPoolNx
    • PagedPoolSession
  • Use After Free
    • NonPagedPool
    • NonPagedPoolNx
  • Type Confusion
  • Integer Overflow
    • Arithmetic Overflow
  • Memory Disclosure
    • NonPagedPool
    • NonPagedPoolNx
  • Arbitrary Increment
  • Arbitrary Overwrite
  • Null Pointer Dereference
  • Uninitialized Memory
    • Stack
    • NonPagedPool
  • Insecure Kernel Resource Access

Building Driver

  1. Install Visual Studio 2017
  2. Install Windows Driver Kit
  3. Run the appropriate driver builder Build_HEVD_Vulnerable_x86.bat or Build_HEVD_Vulnerable_x64.bat


If you do not want to build HackSys Extreme Vulnerable Driver from source, you could download pre-built executables for the latest release:

Installing Driver

Use OSR Driver Loader to install HackSys Extreme Vulnerable Driver


The HackSys Extreme Vulnerable Driver and the respective exploits have been tested on Windows 7 SP1 x86 and Windows 10 x64

Sessions Conducted

Workshops Conducted


Please see the file LICENSE for copying permission

Contribution Guidelines

Please see the file for contribution guidelines

TODO & Bug Report

Please file any enhancement request or bug report via GitHub issue tracker at the below given address:

HackSys Team