Skip to content

trailofbits/HVCI-loldrivers-check

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 

Repository files navigation

HVCI-loldrivers-check

Checks to see which drivers from loldrivers.io are not blocked by the current HVCI blocklist on the system.

Requirements

  • Powershell 6.0+

Usage

.\check_allowed_drivers.ps1

Output

Number of blocked drivers: <number>
Number of allowed drivers: <number>

Allowed:
MD5: <hash> SHA1: <hash> SHA256: <hash>
MD5: <hash> SHA1: <hash> SHA256: <hash>
...

All drivers have at least one of their MD5, SHA1, or SHA256 hashes available on loldrivers.io, but some of them have one or two of these missing.

The drivers outputted under "allowed" are drivers that do not match any of the criteria that the blocklist uses to determine which drivers are blocked:

  • Blocked by MD5, SHA1 or SHA256 of the file
  • Blocked by a combination of Original File Name and signer, and in some cases also file version. The signer list uses the issuer of the intermediate signature and can be an MD5, SHA1, SHA256 or SHA384.

About

No description, website, or topics provided.

Resources

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published