HyperDbg v0.4 is released!

If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub!

Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick Start and Frequently Asked Questions (FAQs) to learn more. You can use the examples of using the debugger and the script engine to get started with HyperDbg.

Added

• The !monitor command now supports 'execution' interception (link)
• .pagein - command is added to the debugger to bring pages in (link)

Changed

• The '.start' command's mechanism for finding the entrypoint is changed to address issues (link)
• The buffer overlap error in hyperlog in multi-core systems is fixed (link)
• The implementation of 'dd' (define dwrod, 32-bit), and 'dw' (define word, 16-bit) is changed (link)
• The problem with unloading driver (#238) is fixed (link)
• The symbol files for 32-bit modules are now loaded based on SysWOW64, and the issue (#243) is fixed (link)
• New alias names for u, !u as u64, !u64 and for u2, !u2 as u32, !u32 (link)(link)

HyperDbg v0.3 is released!

If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub!

Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick Start and Frequently Asked Questions (FAQs) to learn more. You can use the examples of using the debugger and the script engine to get started with HyperDbg.

Added

• The event short-circuiting mechanism (link)
• New pseudo-registers ($tag, $id) in the script engine (link)
• The breakpoint interception manipulation option is added to the 'test' command (link)
• The '!track' command to create the tracking records of function CALLs and RETs along with registers (link)
• disassemble_len(Address) function in script engine (link)
• disassemble_len32(Address) function in script engine (link)
• event_sc(DisableOrEnable) function in script engine (link)

Changed

• The old Length Disassembler Engine is replaced by Zydis (link)

HyperDbg v0.2.2 is released!

If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub!

Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick Start and Frequently Asked Questions (FAQs) to learn more. You can use the examples of using the debugger and the script engine to get started with HyperDbg.

Changed

• Fixing bugs!
• The problem with the callstack command (k) is fixed (link)

HyperDbg v0.2.1 is released!

If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub!

Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick Start and Frequently Asked Questions (FAQs) to learn more. You can use the examples of using the debugger and the script engine to get started with HyperDbg.

Changed

• Fixing bugs!
• The parameters of !cpuid extension command is changed, and a new EAX index parameter is added (link)
• The problem with removing EPT hooks (!monitor and !epthook) is fixed (link)

HyperDbg v0.2 is released!

If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub!

Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick Start and Frequently Asked Questions (FAQs) to learn more. You can use the examples of using the debugger and the script engine to get started with HyperDbg.

Added

• HyperDbg Software Development Kit (SDK) is now available
• flush() function in script engine (link)
• memcpy() function in script engine (link)

Changed

• Global code refactor and fixing bugs!
• Compiling HyperDbg by using the latest Windows 11 WDK
• enable_event function name changed to event_enable (link)
• disable_event function name changed to event_disable (link)
• The "settings" command now preserves the configurations in the config file
• The communication buffer is now separated from the hyperlogger buffer chunks and the buffer size is increased X10 times (link)
• Zydis submodule is updated to version 4 (link)

Removed

• enable_event script engine function
• disable_event script engine function

HyperDbg v0.1 is released!

If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub!

Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick Start and Frequently Asked Questions (FAQs) to learn more. You can use the examples of using the debugger and the script engine to get started with HyperDbg.

New Fearues

• Advanced Hypervisor-based Kernel Mode Debugger [link][link][link]
• Classic EPT Hook (Hidden Breakpoint) [link][link][link]
• Inline EPT Hook (Inline Hook) [link][link]
• Monitor Memory For R/W (Emulating Hardware Debug Registers Without Limitation) [link][link][link]
• SYSCALL Hook (Disable EFER & Handle #UD) [link][link][link]
• SYSRET Hook (Disable EFER & Handle #UD) [link][link]
• CPUID Hook & Monitor [link][link]
• RDMSR Hook & Monitor [link][link]
• WRMSR Hook & Monitor [link][link]
• RDTSC/RDTSCP Hook & Monitor [link]
• RDPMC Hook & Monitor [link]
• VMCALL Hook & Monitor [link]
• Debug Registers Hook & Monitor [link]
• I/O Port (In Instruction) Hook & Monitor [link][link]
• I/O Port (Out Instruction) Hook & Monitor [link][link]
• MMIO Monitor [link]
• Exception (IDT < 32) Monitor [link][link][link]
• External-Interrupt (IDT > 32) Monitor [link][link][link]
• Running Automated Scripts [link]
• Transparent-mode (Anti-debugging and Anti-hypervisor Resistance) [link][link]
• Running Custom Assembly In Both VMX-root, VMX non-root (Kernel & User) [link]
• Checking For Custom Conditions [link][link]
• Process-specific & Thread-specific Debugging [link][link][link]
• VMX-root Compatible Message Tracing [link]
• Powerful Kernel Side Scripting Engine [link][link]
• Support To Symbols (Parsing PDB Files) [link][link]
• Event Forwarding (#DFIR) [link][link]
• Transparent Breakpoint Handler [link][link]
• Various Custom Scripts [link]

Note: community contributions are always welcomed and appreciated. If you plan to contribute a new feature, it's best to discuss it first. Bug fixes, tests, and documentation improvements are greatly appreciated.

HyperDbg is not yet released but it is now available for testing! Please test it and provide us with your valuable feedback and possible bugs.

Please follow the instructions here to start using HyperDbg.

Full Changelog: https://github.com/HyperDbg/HyperDbg/commits/v0.1.0-beta