HyperDbg


(not yet released/finished)

An x86-64 VT-x based Windows Debugger

Download & Install

It's hidden

HyperDbg designed to be hidden, it uses different processor feature, virtualizing memory management unit so most of the anti-debugging tricks won't work on HyperDbg.

Learn More

It's a debugger

It's a debugger, even it's not normal debugger, tens of innovative implementations and features make HyperDbg a unique debugger.

Learn More

It's for reverse engineering

Esteem spirit temper too say adieus who direct esteem. It esteems luckily or picture placing drawing.

Learn More

How to start with HyperDbg?

Here's a fast guide of how to compile and run HyperDbg on your system, also there are some interesting examples of how you can use HyperDbg in your reverse-engineering journey.

Unique Features

Here are some unique features that recently added to HyperDbg.

FAQs

HyperDbg is not like other debuggers that rely on operating system APIs to debug other programs, instead it uses hardware technologies like Intel VT-x and Intel PT and other processor features to debug both kernel and user applications. For example for debugging another process we intercept the context of the process using hypervisor, this way the target process has no idea how its state is captures or modified, or we handle kernel breakpoint in ring -1 instead of letting Windows to handle them.
No, HyperDbg is currently available for only x64 Intel based systems, some of the features might be implemented in other processors in future. HyperDbg can be used only in Windows, if you can help and contribute to bring Linux or OS X support, please contact me.
We designed HyperDbg based on virtualizing already running systems and processing debugging commands in ring -1. More details about design internals of HyperDbg is available here.

Overview

HyperDbg is extended based on the following assumptions.

Active Development

HyperDbg is globaly under active development, many people contribute in its design.

Rely on Academic Papers

We extend HyperDbg's new features based on academic papers.

Custom Scripts

You can create custom Python scripts and use all HyperDbg features automatically in a way you want.

Integration with Static Analysis Tools

One of the goals of HyperDbg is to make an easy integration with static analysis tools like IDA, Ghidra and other tools.

Heavily Hardware-dependant

HyperDbg extensively uses hardware technologies to ease the reverse-engineering.

Have a New Idea?

Open an issue and describe how to implement it or you can submit a pull request with you feature.