In HyperDbg, we have multiple options to set a breakpoint.
ObRegisterCallbacks is located at
Many game anti-cheat solutions use this function to monitor processes to prevent game cheater to cheat on games.
In order to bypass this mechanism, we use the following command in HyperDbg to set a breakpoint on this function.
0: kHyperDbg> bp fffff805`5cbac610
Then, we will run our game and see if the breakpoint is triggered or not.
If the breakpoint is triggered, then the system is halt and we are able to control the debuggee.
After that, we can use the 'p' command to step-over the instructions.
0: kHyperDbg> pfffff805`5cbac610 48 81 EC 50 01 00 00 sub rsp, 0x150
You can also add a number to instrument the instructions multiple times.
0: kHyperDbg> p 3fffff805`5cbac610 48 81 EC 50 01 00 00 sub rsp, 0x150fffff805`5cbac617 48 8D AC 24 80 00 00 00 lea rbp, ss:[rsp+0x80]fffff805`5cbac620 C6 45 AB 00 mov byte ptr ss:[rbp-0x55], 0x00
If you want to step-in, you can use the 't' command.
0: kHyperDbg> tfffff805`5cbac610 48 81 EC 50 01 00 00 sub rsp, 0x150