Need help with Screwed-Drivers?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

144 Stars 29 Forks GNU General Public License v3.0 13 Commits 0 Opened issues


"Screwed Drivers" centralized information source for code references, links, etc.

Services available


Need anything else?

Contributors list


General information

We have created this repository as a centralized source of knowledge which contains a list of drivers determined to be vulnerable as well as example code for how to use this kind of functionality.

This file contains a list of drivers, hashes, and who they are signed by. In some cases, links to advisories and other research we found discussing these drivers will be included as well.

Vendor advisories will be published here once they are made public.

Code samples:



This is an example of an application to automate the loading of a driver as a service in Windows, if run as user it will prompt a UAC. We used this to help us load various drivers for experimentation.


An example of how to use an ASrock driver to read an MSR, including all the relevant imports from Windows.



Based on FuzzySec's excellent writeup and example, this code does the same as the C# "exampleApplication", except written in PowerShell.


Example of reading Control Registers from PowerShell


Example of writing Control Registers from PowerShell


Example of reading LSTAR MSR and CR3 to find Windows kernel syscall entry point and kernel page table base, defeating KASLR


Checks if SMEP is enabled on each CPU from PowerShell


Disables SMEP temporarily from PowerShell


Disables CR0 Write Protect bit temporarily from PowerShell


This is a script written using the angr dynamic analysis framework to detect this kind of vulnerability in drivers.

This file contains gymrat spotter functions to address limitations in the pyvex framework angr depends on.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.