Find .sys files on disk and compare them against known vulnerable file hashes from https://www.loldrivers.io.
It will then print the file location, the hash and filename according to loldrivers.io, plus if the driver is running and if so the service name.
Clone and run
powershell -ep bypass
. .\find-vulnerable-drivers.ps1
Quick usage:
powershell -ep bypass { iwr https://raw.githubusercontent.com/m0rv4i/find-vulnerable-drivers/master/find-vulnerable-drivers.ps1 | select -ExpandProperty content | iex }
Inspired by work done by @api0cradle / @oddvar.moe