5 min read

Living Off The Land Drivers 1.0 Release

Official 1.0 release of LOLDrivers - the community-driven project for tracking vulnerable Windows drivers.

loldrivers byovd drivers release announcement

Originally published on Medium
Read the full article: LOLDrivers 1.0 Release

1.0 is Here!

After months of development and community contributions, LOLDrivers reaches version 1.0.

What’s Included

Driver Database

  • 100+ vulnerable drivers
  • SHA256 hashes
  • Vendor information
  • CVE references where applicable

Detection Rules

  • Sigma rules for SIEM integration
  • YARA signatures
  • Sysmon configurations
  • Splunk searches

Website

loldrivers.io provides:

  • Searchable database
  • API access
  • Documentation
  • Contribution guidelines

How to Use

Hash Lookup

Query the API for known-bad hashes:

curl https://www.loldrivers.io/api/drivers.json | jq

SIEM Integration

Import Sigma rules directly into your SIEM.

Endpoint Detection

Deploy Sysmon configs to monitor driver loads.

Get Involved

LOLDrivers is community-driven. Contribute drivers, improve rules, or help with documentation.

Read the full release notes: LOLDrivers 1.0 Release

Related Modules

Active

LOLDrivers

Living Off The Land Drivers - A curated list of Windows drivers used by adversaries to bypass security controls. The definitive resource for vulnerable driver detection.

drivers byovd detection windows +2
View Module → GitHub