-
Notifications
You must be signed in to change notification settings - Fork 500
Debuggers
merces edited this page May 30, 2023
·
13 revisions
HyperDbg is great open-source, hypervisor-assisted, user-mode, and kernel-mode Windows debugger with a focus on using modern hardware technologies. Its use involves some initial setup. After you're done with it, open a Command Prompt and type hyperdbg-cli
to start. Read the documentation to learn its commands. :)
Both 32 and 64-bit versions. It also includes plugins and scripts.
Plugin name | Description |
---|---|
checksec | Checks for security features in the target |
MapoAnalyzer | Pseudo-C decompiler |
Multiline Ultimate Assembler | Assembler that makes the reverse engineer's like much easier |
OllyDumpEx | Process dumper |
ScyllaHide | Must have plugin to deal with anti-debug routines |
SlothBP | Put breakpoints at known API functions |
SwissArmyKnife | I mainly use it to import .MAP files generated from IDA |
xAnalyzer | Analyse API function calls to show you the parameters |
xSelectBlock | Adds a widget and a command to easier selecting a block |
YaraGen | Generate Yara rules based on code from targets |
In %AppFolder%\x64dbg\scripts
folder, you will also find scripts to help with unpacking.