HyperDbg Debugger
Loading...
Searching...
No Matches
Transparency.h File Reference

hide the debugger from anti-debugging and anti-hypervisor methods (headers) More...

Go to the source code of this file.

Classes

struct  _TRANSPARENCY_MEASUREMENTS
 The measurements from user-mode and kernel-mode. More...
struct  _TRANSPARENCY_PROCESS
 The ProcessList of TRANSPARENCY_MEASUREMENTS is from this architecture. More...

Typedefs

typedef struct _TRANSPARENCY_MEASUREMENTS TRANSPARENCY_MEASUREMENTS
 The measurements from user-mode and kernel-mode.
typedef struct _TRANSPARENCY_MEASUREMENTSPTRANSPARENCY_MEASUREMENTS
typedef struct _TRANSPARENCY_PROCESS TRANSPARENCY_PROCESS
 The ProcessList of TRANSPARENCY_MEASUREMENTS is from this architecture.
typedef struct _TRANSPARENCY_PROCESSPTRANSPARENCY_PROCESS

Functions

UINT32 TransparentGetRand ()
 Generate a random number by utilizing RDTSC instruction.

Variables

HYPEREVADE_CALLBACKS g_Callbacks
 List of callbacks.
BOOLEAN g_TransparentMode
 Shows whether the debugger transparent mode is enabled (true) or not (false).
UINT32 g_TransparentEvadeMask
 The enabled transparent-mode feature mask.

Detailed Description

hide the debugger from anti-debugging and anti-hypervisor methods (headers)

Author
Sina Karvandi (sina@.nosp@m.hype.nosp@m.rdbg..nosp@m.org)
jtaw5649
Version
0.1
Date
2020-07-07

Typedef Documentation

◆ PTRANSPARENCY_MEASUREMENTS

◆ PTRANSPARENCY_PROCESS

◆ TRANSPARENCY_MEASUREMENTS

The measurements from user-mode and kernel-mode.

◆ TRANSPARENCY_PROCESS

The ProcessList of TRANSPARENCY_MEASUREMENTS is from this architecture.

Function Documentation

◆ TransparentGetRand()

UINT32 TransparentGetRand ( )

Generate a random number by utilizing RDTSC instruction.

Masking 16 LSB of the measured clock time.

Returns
UINT32
131{
132 UINT64 Tsc;
133 UINT32 Rand;
134
135 Tsc = CpuReadTsc();
136 Rand = Tsc & 0xffff;
137
138 return Rand;
139}
UINT64 CpuReadTsc(VOID)
Read Time-Stamp Counter.
Definition PlatformIntrinsics.c:295
unsigned int UINT32
Definition BasicTypes.h:54

Variable Documentation

◆ g_Callbacks

HYPEREVADE_CALLBACKS g_Callbacks

List of callbacks.

◆ g_TransparentEvadeMask

UINT32 g_TransparentEvadeMask

The enabled transparent-mode feature mask.

◆ g_TransparentMode

BOOLEAN g_TransparentMode

Shows whether the debugger transparent mode is enabled (true) or not (false).