HyperDbg Documentation
HyperDbg Documentation
HyperDbg
Download
Source code
Blog
HyperDbg
Getting Started
Quick Start
FAQ
Build & Install
Attach to HyperDbg
Using HyperDbg
Prerequisites
Examples
Commands
Debugging Commands
Meta Commands
Extension Commands
!pte (display page-level address and entries)
!db, !dc, !dd, !dq (read physical memory)
!eb, !ed, !eq (edit physical memory)
!sb, !sd, !sq (search physical memory)
!u, !u2 (disassemble physical address)
!epthook (hidden hook with EPT - stealth breakpoints)
!epthook2 (hidden hook with EPT - detours)
!monitor (monitor read/write to a page)
!syscall (hook system-calls)
!sysret (hook SYSRET instruction execution)
!cpuid (hook CPUID instruction execution)
!msrread (hook RDMSR instruction execution)
!msrwrite (hook WRMSR instruction execution)
!tsc (hook RDTSC/RDTSCP instruction execution)
!pmc (hook RDPMC instruction execution)
!vmcall (hook hypercalls)
!exception (hook first 32 entries of IDT)
!interrupt (hook external device interrupts)
!dr (hook access to debug registers)
!ioin (hook IN instruction execution)
!ioout (hook OUT instruction execution)
!hide (enable transparent-mode)
!unhide (disable transparent-mode)
!measure (measuring and providing details for transparent-mode)
!va2pa (convert a virtual address to physical address)
!pa2va (convert physical address to virtual address)
Scripting Language
Tips & Tricks
Considerations
Nested-Virtualization Environments
Misc
Contribution
Style Guide
Logo & Artworks
Design
Features
Debugger Internals
Script Engine
Links
Twitter
YouTube
Doxygen
Contribution
Powered by GitBook

Extension Commands

Here are the articles in this section:
!pte (display page-level address and entries)
Description of '!pte' command in HyperDbg.
!db, !dc, !dd, !dq (read physical memory)
Description of '!d*' command in HyperDbg.
!eb, !ed, !eq (edit physical memory)
Description of '!e*' command in HyperDbg.
!sb, !sd, !sq (search physical memory)
Description of '!s*' command in HyperDbg.
!u, !u2 (disassemble physical address)
Description of '!u, !u2' command in HyperDbg.
!epthook (hidden hook with EPT - stealth breakpoints)
Description of '!epthook' command in HyperDbg.
!epthook2 (hidden hook with EPT - detours)
Description of '!epthook2' command in HyperDbg.
!monitor (monitor read/write to a page)
Description of '!monitor' command in HyperDbg.
!syscall (hook system-calls)
Description of '!syscall' command in HyperDbg.
!sysret (hook SYSRET instruction execution)
Description of '!sysret' command in HyperDbg.
!cpuid (hook CPUID instruction execution)
Description of '!cpuid' command in HyperDbg.
!msrread (hook RDMSR instruction execution)
Description of '!msrread' command in HyperDbg.
!msrwrite (hook WRMSR instruction execution)
Description of '!msrwrite' command in HyperDbg.
!tsc (hook RDTSC/RDTSCP instruction execution)
Description of '!tsc' command in HyperDbg.
!pmc (hook RDPMC instruction execution)
Description of '!pmc' command in HyperDbg.
!vmcall (hook hypercalls)
Description of '!vmcall' command in HyperDbg.
!exception (hook first 32 entries of IDT)
Description of '!exception' command in HyperDbg.
!interrupt (hook external device interrupts)
Description of '!interrupt' command in HyperDbg.
!dr (hook access to debug registers)
Description of '!dr' command in HyperDbg.
!ioin (hook IN instruction execution)
Description of '!ioin' command in HyperDbg.
!ioout (hook OUT instruction execution)
Description of '!ioout' command in HyperDbg.
!hide (enable transparent-mode)
Description of '!hide' command in HyperDbg.
!unhide (disable transparent-mode)
Description of '!unhide' command in HyperDbg.
!measure (measuring and providing details for transparent-mode)
Description of '!measure' command in HyperDbg.
!va2pa (convert a virtual address to physical address)
Description of '!va2pa' command in HyperDbg.
!pa2va (convert physical address to virtual address)
Description of '!pa2va' command in HyperDbg.
Previous
.cls (clear the screen)
Next
!pte (display page-level address and entries)
Last updated 1 year ago
Edit on GitHub