-
Notifications
You must be signed in to change notification settings - Fork 492
Debuggers
Fernando Mercês edited this page Sep 29, 2021
·
13 revisions
RE Platform powered by Rizin framework (previously it was the GUI for radare2).
Hypervisor-assisted, user-mode and kernel-mode Windows debugger.
To use it, open a Command Prompt and type:
>hyperdbg-cli
HyperDbg Debugger [core version: v0.1.0.0]
Please visit https://docs.hyperdbg.com for more information...
HyperDbg is released under the GNU Public License v3 (GPLv3).
But to really understand how it works, read the docs.
Both 32 and 64-bit versions. It also includes the following plugins:
| Plugin name | Description |
|---|---|
| ASLR Removal | Creates a copy of the target executable without the ASLR bit set |
| checksec | Checks for security features in the target |
| MapoAnalyzer | Pseudo-C decompiler |
| Multiline Ultimate Assembler | Assembler that makes the reverse engineer's like much easier |
| ScyllaHide | Must have plugin to deal with anti-debug routines |
| SwissArmyKnife | I mainly use it to import .MAP files generated from IDA |
| xAnalyzer | Analyse API function calls to show you the parameters |
| xSelectBlock | Adds a widget and a command to easier selecting a block |
| YaraGen | Generate Yara rules based on code from targets |
In %AppFolder%\x64dbg\scripts folder you will also find scripts to help with the unpacking of PECompact, UPX, FSG, MPRESS and others.