diff --git a/examples/kernel-exploit/.out-of-tree.toml b/examples/kernel-exploit/.out-of-tree.toml
new file mode 100644
index 0000000..b7a7d03
--- /dev/null
+++ b/examples/kernel-exploit/.out-of-tree.toml
@@ -0,0 +1,12 @@
+# out-of-tree configuration file
+# docs at https://out-of-tree.io
+name = "out-of-tree exploit example"
+type = "exploit"
+
+[[supported_kernels]]
+# Can be Ubuntu/CentOS/Debian/etc.
+distro_type = "Ubuntu"
+# regex for `uname -r`
+# See also: regex-golang.appspot.com
+# stupid way to generate: $ echo '4.4.0-('$(seq 44 | xargs echo | sed 's/ /|/g')')-.*'
+release_mask = "4.4.0-(1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16|17|18|19|20|21|22|23|24|25|26|27|28|29|30|31|32|33|34|35|36|37|38|39|40|41|42|43|44)-.*"
diff --git a/examples/kernel-exploit/CVE-2016-5195.c b/examples/kernel-exploit/CVE-2016-5195.c
new file mode 100644
index 0000000..31556af
--- /dev/null
+++ b/examples/kernel-exploit/CVE-2016-5195.c
@@ -0,0 +1,8 @@
+#include <stdio.h>
+#include <stdlib.h>
+
+int main(int argc, char **argv)
+{
+	/* TODO http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5195 */
+	return EXIT_FAILURE;
+}
diff --git a/examples/kernel-exploit/CVE-2016-5195_test.c b/examples/kernel-exploit/CVE-2016-5195_test.c
new file mode 100644
index 0000000..a84bb05
--- /dev/null
+++ b/examples/kernel-exploit/CVE-2016-5195_test.c
@@ -0,0 +1,8 @@
+#include <stdio.h>
+#include <stdlib.h>
+
+int main(int argc, char **argv)
+{
+	/* TODO run exploit and create file with it */
+	return EXIT_FAILURE;
+}
diff --git a/examples/kernel-exploit/Makefile b/examples/kernel-exploit/Makefile
new file mode 100644
index 0000000..ed548cd
--- /dev/null
+++ b/examples/kernel-exploit/Makefile
@@ -0,0 +1,26 @@
+# out-of-tree called make with four arguments:
+# - KERNEL: kernel headers path
+# - TARGET_EXPLOIT: name of exploit binary that MUST be produced by makefile.
+# - TARGET_TEST: name of test binary that MUST be produced by makefile
+# and it's will be runned on a LPE stage. TARGET_TEST MUST accept two argument:
+#   - Path to exploit binary
+#   - File that MUST be created with exploit. It uses for test that exploit works
+#     correctly.
+# - VMLINUZ: path to vmlinuz
+#
+# e.g.:
+#    make KERNEL=/lib/modules/4.8.0-58-generic/build \
+#         TARGET_EXPLOIT=nyan-exploit \
+#         TARGET_TEST=nyan-exploit-test
+#         VMLINUZ=/boot/vmlinuz-4.8.0-58-generic
+
+TARGET := CVE-2016-5195
+TARGET_TEST := CVE-2016-5195_test
+
+all:
+	gcc CVE-2016-5195.c -o $(TARGET_EXPLOIT)
+	gcc CVE-2016-5195_test.c -o $(TARGET_TEST)
+
+clean:
+	rm -f $(TARGET_EXPLOIT)
+	rm -f $(TARGET_TEST)
diff --git a/examples/kernel-exploit/README.md b/examples/kernel-exploit/README.md
new file mode 100644
index 0000000..9b83dfd
--- /dev/null
+++ b/examples/kernel-exploit/README.md
@@ -0,0 +1,5 @@
+# out-of-tree kernel exploit example
+
+Implements CVE-2016-5195 and tests for it.
+
+See .out-of-tree.toml