Fork me on GitHub


out-of-tree kernel {module, exploit} development tool


Build && run module/exploit
$ out-of-tree pew
Test only with one kernel
$ out-of-tree pew --kernel='Ubuntu:4.10.0-30-generic'
Run debug environment
$ out-of-tree debug --kernel='Ubuntu:4.10.0-30-generic'
Test compiled module/exploit
$ out-of-tree pew --binary some_exploit --test some_exploit_test
Identifying vulnerable kernel version
$ out-of-tree pew --guess
And more examples in


$ cat kernel-exploit/.out-of-tree.toml
name = "CVE-XXXX-YYYYY exploit"
type = "exploit" # or "module" for LKM

distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.4.0-(1|2|3|4)-.*"

distro_type = "Ubuntu"
distro_release = "16.04"
release_mask = "4.8.0-(1|2|3|4|5|6|7|8|9|10)-.*"


If you already have Go, Qemu and Docker installed, there's cross-platform installation checklist:
$ go get -u
$ out-of-tree bootstrap 
Test kernel module
$ cd $GOPATH/
$ out-of-tree kernel autogen # generate kernels based on .out-of-tree.toml
$ out-of-tree pew
Test kernel exploit
$ cd $GOPATH/
$ out-of-tree pew

See also