#``

About Living Off The Land Drivers

Living Off The Land Drivers is a community-driven project that provides a curated list of all Windows drivers that have been found abused by adversaries to bypass security controls and execute malicious code. The project was inspired by Michael Haag's work in hunting evil and the need to track malicious drivers that adversaries use to evade detection. Jose Enrique Hernandez is instrumental in putting the project together and continues to contribute to its development.

Living Off The Land Drivers is an open-source project that welcomes contributions from the security community. By sharing knowledge and expertise, we can help each other stay informed and better defend against emerging threats. Whether you're a researcher, incident responder, or system administrator, we hope that Living Off The Land Drivers will be a valuable resource in your fight against cyber attacks.

Drivers

#``

Michael Haag

Michael Haag is a Senior Threat Researcher at Splunk. Michael has more than a decade of experience in security architecture and operations. His specialties include advanced threat hunting and investigations, atomic testing, and technological evaluations and detection engineering. Michaels is the co-founder of the Atomic Red Team project and co-host of Atomics on a Friday.

Jose Hernandez

Currently, Jose Enrique Hernandez is a Distinguished Cloud Threat Researcher at Laceworks. Previously he founded and lead the Threat Research team at Splunk (STRT). Jose is known for creating several security-related projects, including: Splunk Attack Range, Splunk Security Content, Git-Wild-Hunt, Melting-Cobalt, and BlackCert projects. He also works as a maintainer to security industry critical repositories such as Atomic Red Team and lolbas-project.github.io.

Nasreddine Bencherchali

Currently, Nasreddine Bencherchali is a Threat Researcher at Nextron Systems, with a focus in Detection Engineering and Threat Hunting. Nasreddine is also currently one of the maintainers of the SIGMA project and the co-founder of the EVTX-ETW-Resources project, he also write a blog about Detection and other security topics

Honorable mentions, Florian and Patrick for all their help getting the idea and the project off the ground!