HyperDbg

FOSDEM 2026 - Invisible Hypervisors: Stealthy Malware Analysis with HyperDbg HyperDbg is a modern, open-source hypervisor-based debugger supporting both user- and kernel-mode debugging. Operating at the hypervisor level, it bypasses OS debugging APIs and offers stealthy…

Invisible Hypervisors: Stealthy Malware Analysis with HyperDbg, a modern, open-source hypervisor-based Debugger supporting both user and kernel-mode debugging - Talk at #FOSDEM 2026 Conference #Video fosdem.org/2026/schedul...

Casting & Inclusion | HyperDbg Documentation Description of casting (type-awareness) and file (library) inclusion

More information:
docs.hyperdbg.org/commands/scr...

Release v0.18 · HyperDbg/HyperDbg HyperDbg v0.18 is released! If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub! Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick...

HyperDbg v0.18 is released! 🎉✨

This version adds support for including external scripts using `#include` in the script engine, as well as initial refactoring for potential future support for Linux.

Check it out:
github.com/HyperDbg/Hyp...

Slides and recordings for our @FOSDEM talks are up! Join us for an in-depth introduction into @HyperDbg 's features and internals, or find out what's the latest in anti-anti-debugging techniques and HV transparency for malware reversing:

- fosdem.org/2026/schedul...

- fosdem.org/2026/schedul...

We brought plenty of HyperDbg stickers to give away at FOSDEM! Find us after our talks or ping us to grab yours.

- Security track: Room UB5.132 (13:00-13:25)
- Virtualization track: Room H.2213 (18:30-19:00)

#FOSDEM #FOSDEM2026 #HyperDbg

Curious about anti-anti-debugging techniques and hiding hypervisors from malware? Or simply looking for an in-depth introduction to @HyperDbg? Join our FOSDEM talks presented by [Sina Karvandi] and [Björn Ruytenberg] tomorrow:

fosdem.org/2026/schedul...

fosdem.org/2026/schedul...

We'll be at #FOSDEM 2026 in Brussels (January 31-February 1) with talks in the Security, Virtualization and Cloud Infrastructure rooms about the HyperDbg debugger.

More info:
- fosdem.org/2026/schedul...

- fosdem.org/2026/schedul...

#FOSDEM2026

Variables & Assignments | HyperDbg Documentation Description of variables and assignments

For more information, you can check:

Compound assignments:
docs.hyperdbg.org/commands/scr...

Arrays:
docs.hyperdbg.org/commands/scr...

Multidimensional arrays:
docs.hyperdbg.org/commands/scr...

Release v0.17 · HyperDbg/HyperDbg HyperDbg v0.17 is released! If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub! Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick...

HyperDbg v0.17 is out! ✨🥂

This update brings major improvements to the script engine, including multidimensional arrays, compound & multiple assignments, plus key interpretation bug fixes.

Check it out:
github.com/HyperDbg/Hyp...

!xsetbv (hook XSETBV instruction execution) | HyperDbg Documentation Description of the '!xsetbv' command in HyperDbg.

For more information, check the documentation:

docs.hyperdbg.org/commands/ext...

Release v0.16 · HyperDbg/HyperDbg HyperDbg v0.16 is released! If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub! Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick...

HyperDbg v0.16 is released! 🐞💫✨

This version adds a new event command '!xsetbv', along with bug fixes, performance improvements, and progress on the user-mode debugger in VMI mode.

Check it out:

github.com/HyperDbg/Hyp...

!smi (trigger and show System Management Interrupt functionalities) | HyperDbg Documentation Description of '!smi' command in HyperDbg.

More information:
docs.hyperdbg.org/commands/ext...

Enhancement of the '.pe' command:
docs.hyperdbg.org/commands/met...

HyperDbg v0.15 is out! ✨🎈

This version comes with a new SMM interrupt (SMI) command, fixing issues with Intel CET emulation for SYSCALL/SYSRET on 11th Gen+ (Tiger/Rocket Lake) CPUs, also saving/restoring XMM registers on VM-exits/entries.

Check it out:
github.com/HyperDbg/Hyp...

Thanks to Tara for making this painting for us (it's not AI-generated).

(3/3)

More info on HyperEvade: github.com/HyperDbg/sli...

Microsleep function:
docs.hyperdbg.org/commands/scr...

and RDTSC/RDTSCP:
docs.hyperdbg.org/commands/scr...

docs.hyperdbg.org/commands/scr...

(2/3)

I'm happy to announce that @HyperDbg v0.14 is released!

This version includes HyperEvade (beta preview), fixes Win11 24H2 compatibility issues & adds multiple timing functions to the script engine (Special thanks to @0Xiphorus).

Check it out: github.com/HyperDbg/Hyp...

(1/3)

HyperEvade is targeted for @hyperdbg.bsky.social 's next major release - so watch this space! (2/2)

Curious about anti-anti-debugging techniques and hiding hypervisors from malware? Slides are up for our ECOOP/DEBT 2025 talk where we present HyperEvade, our upcoming hypervisor transparency extension for @hyperdbg.bsky.social

github.com/HyperDbg/sli... (1/2)

Release v0.13.2 · HyperDbg/HyperDbg HyperDbg v0.13.2 is released! If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub! Please visit Build & Install to configure the environment for running HyperDbg. Check out the Qui...

HyperDbg v0.13.2 is out! 🎉

This version brings improvements and fixes stability issues in nested virtualization on Intel Meteor Lake processors.

Check it out:
github.com/HyperDbg/Hyp...

🧙‍♂️ Did you know you can easily hook, patch, or change arguments to functions both in user mode and kernel mode by using #HyperDbg?

Here’s a quick example 👇

Releases · HyperDbg/HyperDbg State-of-the-art native debugging tools. Contribute to HyperDbg/HyperDbg development by creating an account on GitHub.

HyperDbg v0.13.1 has been released. 💫

This version includes improved mitigations against anti-hypervisor techniques used to detect nested virtualization environments, along with various bug fixes.

Check it out:
github.com/HyperDbg/Hyp...

More details are available here:
docs.hyperdbg.org/commands/ext...

Release v0.13 · HyperDbg/HyperDbg HyperDbg v0.13 is released! If you’re enjoying HyperDbg, don’t forget to give a star 🌟 on GitHub! Please visit Build & Install to configure the environment for running HyperDbg. Check out the Quick...

HyperDbg v0.13 is out! 🎉

This version comes with a new command '!pcicam' for dumping and interpreting PCIe CAM, new anti-anti-hypervisor methods, improved MMIO scripting, plus lots of bug fixes & improvements.
Big thanks to @0Xiphorus & @AbbasMasoumiG.

github.com/HyperDbg/Hyp...

It's been a while since we passed 3,000 stars on GitHub, but we couldn’t let it go uncelebrated! 🌟🎉

We raise our glass to the awesome community and those who supported and contributed to HyperDbg. 🍾🥂

github.com/HyperDbg/Hyp...

!pcitree (show PCI express device tree) | HyperDbg Documentation Description of '!pcitree' command in HyperDbg.

More information:
- docs.hyperdbg.org/commands/ext...

- docs.hyperdbg.org/commands/ext...

The first HyperDbg release of 2025 is out! 🎉

This version (v0.12) introduces commands for PCI/PCI-e device tree enumeration and IDT dumping, plus many bug fixes.

Huge thanks to @0Xiphorus, @reodus_, @binophism & other contributors!

🔗 Check it out:
github.com/HyperDbg/Hyp...

Happy New Year, everyone! 🎊🎉

Wishing you all a fantastic year ahead. This year, we’re aiming to introduce exciting new features in HyperDbg, mostly around PCI Express, UEFI, and firmware debugging. As always, your contributions are greatly appreciated! 💫

!apic (dump local APIC entries in XAPIC and X2APIC modes) | HyperDbg Documentation Description of '!apic' command in HyperDbg.

Check it out:
docs.hyperdbg.org/commands/ext...

docs.hyperdbg.org/commands/ext...

HyperDbg v0.11 is released! ✨

This version comes with bug fixes, improvements, and two new commands for viewing Local APIC (XAPIC/X2APIC) and IO APIC.

Big shoutout to Björn Ruytenberg for joining the team for bringing PCIe support to HyperDbg!

github.com/HyperDbg/Hyp...

Guys, just because HyperDbg’s '!monitor' command can technically monitor unlimited address ranges doesn’t mean you can monitor any memory range you want. So let’s not go wild, alright? 😅

docs.hyperdbg.org/commands/ext...