HyperDbg Debugger
Toggle main menu visibility
Loading...
Searching...
No Matches
Events.h
Go to the documentation of this file.
1
12
#pragma once
13
15
// System Events //
17
22
typedef
enum
_EXCEPTION_VECTORS
23
{
24
EXCEPTION_VECTOR_DIVIDE_ERROR
,
25
EXCEPTION_VECTOR_DEBUG_BREAKPOINT
,
26
EXCEPTION_VECTOR_NMI
,
27
EXCEPTION_VECTOR_BREAKPOINT
,
28
EXCEPTION_VECTOR_OVERFLOW
,
29
EXCEPTION_VECTOR_BOUND_RANGE_EXCEEDED
,
30
EXCEPTION_VECTOR_UNDEFINED_OPCODE
,
31
EXCEPTION_VECTOR_NO_MATH_COPROCESSOR
,
32
EXCEPTION_VECTOR_DOUBLE_FAULT
,
33
EXCEPTION_VECTOR_RESERVED0
,
34
EXCEPTION_VECTOR_INVALID_TASK_SEGMENT_SELECTOR
,
35
EXCEPTION_VECTOR_SEGMENT_NOT_PRESENT
,
36
EXCEPTION_VECTOR_STACK_SEGMENT_FAULT
,
37
EXCEPTION_VECTOR_GENERAL_PROTECTION_FAULT
,
38
EXCEPTION_VECTOR_PAGE_FAULT
,
39
EXCEPTION_VECTOR_RESERVED1
,
40
EXCEPTION_VECTOR_MATH_FAULT
,
41
EXCEPTION_VECTOR_ALIGNMENT_CHECK
,
42
EXCEPTION_VECTOR_MACHINE_CHECK
,
43
EXCEPTION_VECTOR_SIMD_FLOATING_POINT_NUMERIC_ERROR
,
44
EXCEPTION_VECTOR_VIRTUAL_EXCEPTION
,
45
EXCEPTION_VECTOR_RESERVED2
,
46
EXCEPTION_VECTOR_RESERVED3
,
47
EXCEPTION_VECTOR_RESERVED4
,
48
EXCEPTION_VECTOR_RESERVED5
,
49
EXCEPTION_VECTOR_RESERVED6
,
50
EXCEPTION_VECTOR_RESERVED7
,
51
EXCEPTION_VECTOR_RESERVED8
,
52
EXCEPTION_VECTOR_RESERVED9
,
53
EXCEPTION_VECTOR_RESERVED10
,
54
EXCEPTION_VECTOR_RESERVED11
,
55
EXCEPTION_VECTOR_RESERVED12
,
56
57
//
58
// NT (Windows) specific exception vectors.
59
//
60
APC_INTERRUPT
= 31,
61
DPC_INTERRUPT
= 47,
62
CLOCK_INTERRUPT
= 209,
63
IPI_INTERRUPT
= 225,
64
PMI_INTERRUPT
= 254,
65
66
}
EXCEPTION_VECTORS
;
67
69
// Callback Enums //
71
76
typedef
enum
_VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
77
{
78
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_NO_INITIALIZED
= 0,
79
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL
= 0,
80
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_IGNORE_EVENT
= 1,
81
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_DEBUGGER_NOT_ENABLED
= 2,
82
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_INVALID_EVENT_TYPE
= 3,
83
84
}
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
;
85
87
// Event Details //
89
94
typedef
enum
_VMM_EVENT_TYPE_ENUM
95
{
96
97
//
98
// EPT Memory Monitoring Events
99
//
100
HIDDEN_HOOK_READ_AND_WRITE_AND_EXECUTE
,
101
HIDDEN_HOOK_READ_AND_WRITE
,
102
HIDDEN_HOOK_READ_AND_EXECUTE
,
103
HIDDEN_HOOK_WRITE_AND_EXECUTE
,
104
HIDDEN_HOOK_READ
,
105
HIDDEN_HOOK_WRITE
,
106
HIDDEN_HOOK_EXECUTE
,
107
108
//
109
// EPT Hook Events
110
//
111
HIDDEN_HOOK_EXEC_DETOURS
,
112
HIDDEN_HOOK_EXEC_CC
,
113
114
//
115
// System-call Events
116
//
117
SYSCALL_HOOK_EFER_SYSCALL
,
118
SYSCALL_HOOK_EFER_SYSRET
,
119
120
//
121
// CPUID Instruction Execution Events
122
//
123
CPUID_INSTRUCTION_EXECUTION
,
124
125
//
126
// Model-Specific Registers (MSRs) Reads/Modifications Events
127
//
128
RDMSR_INSTRUCTION_EXECUTION
,
129
WRMSR_INSTRUCTION_EXECUTION
,
130
131
//
132
// PMIO Events
133
//
134
IN_INSTRUCTION_EXECUTION
,
135
OUT_INSTRUCTION_EXECUTION
,
136
137
//
138
// Interrupts/Exceptions/Faults Events
139
//
140
EXCEPTION_OCCURRED
,
141
EXTERNAL_INTERRUPT_OCCURRED
,
142
143
//
144
// Debug Registers Events
145
//
146
DEBUG_REGISTERS_ACCESSED
,
147
148
//
149
// Timing & Performance Events
150
//
151
TSC_INSTRUCTION_EXECUTION
,
152
PMC_INSTRUCTION_EXECUTION
,
153
154
//
155
// VMCALL Instruction Execution Events
156
//
157
VMCALL_INSTRUCTION_EXECUTION
,
158
159
//
160
// Control Registers Events
161
//
162
CONTROL_REGISTER_MODIFIED
,
163
CONTROL_REGISTER_READ
,
164
CONTROL_REGISTER_3_MODIFIED
,
165
166
//
167
// Execution Trap Events
168
//
169
TRAP_EXECUTION_MODE_CHANGED
,
170
TRAP_EXECUTION_INSTRUCTION_TRACE
,
171
172
//
173
// XSETBV Instruction Execution Events
174
//
175
XSETBV_INSTRUCTION_EXECUTION
176
177
}
VMM_EVENT_TYPE_ENUM
;
178
183
typedef
enum
_DEBUGGER_EVENT_ACTION_TYPE_ENUM
184
{
185
BREAK_TO_DEBUGGER
,
186
RUN_SCRIPT
,
187
RUN_CUSTOM_CODE
188
189
}
DEBUGGER_EVENT_ACTION_TYPE_ENUM
;
190
195
typedef
enum
_DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
196
{
197
DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY
= 0,
198
DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD
= 1,
199
200
}
DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
;
201
206
typedef
enum
_DEBUGGER_EVENT_MODE_TYPE
207
{
208
DEBUGGER_EVENT_MODE_TYPE_USER_MODE_AND_KERNEL_MODE
= 1,
209
DEBUGGER_EVENT_MODE_TYPE_USER_MODE
= 3,
210
DEBUGGER_EVENT_MODE_TYPE_KERNEL_MODE
= 0,
211
DEBUGGER_EVENT_MODE_TYPE_INVALID
= 0xffffffff,
212
213
}
DEBUGGER_EVENT_MODE_TYPE
;
214
219
typedef
enum
_DEBUGGER_EVENT_TRACE_TYPE
220
{
221
DEBUGGER_EVENT_TRACE_TYPE_INVALID
= 0,
222
DEBUGGER_EVENT_TRACE_TYPE_STEP_IN
= 1,
223
DEBUGGER_EVENT_TRACE_TYPE_STEP_OUT
= 2,
224
DEBUGGER_EVENT_TRACE_TYPE_INSTRUMENTATION_STEP_IN
= 3,
225
226
}
DEBUGGER_EVENT_TRACE_TYPE
;
227
232
typedef
enum
_DEBUGGER_MODIFY_EVENTS_TYPE
233
{
234
DEBUGGER_MODIFY_EVENTS_QUERY_STATE
,
235
DEBUGGER_MODIFY_EVENTS_ENABLE
,
236
DEBUGGER_MODIFY_EVENTS_DISABLE
,
237
DEBUGGER_MODIFY_EVENTS_CLEAR
,
238
}
DEBUGGER_MODIFY_EVENTS_TYPE
;
239
244
typedef
struct
_DEBUGGER_MODIFY_EVENTS
245
{
246
UINT64
Tag
;
// Tag of the target event that we want to modify
247
UINT64
KernelStatus
;
// Kernel put the status in this field
248
DEBUGGER_MODIFY_EVENTS_TYPE
249
TypeOfAction
;
// Determines what's the action (enable | disable | clear)
250
BOOLEAN
IsEnabled
;
// Determines what's the action (enable | disable | clear)
251
252
}
DEBUGGER_MODIFY_EVENTS
, *
PDEBUGGER_MODIFY_EVENTS
;
253
254
#define SIZEOF_DEBUGGER_MODIFY_EVENTS sizeof(DEBUGGER_MODIFY_EVENTS)
255
260
typedef
struct
_DEBUGGER_SHORT_CIRCUITING_EVENT
261
{
262
UINT64
KernelStatus
;
// Kernel put the status in this field
263
BOOLEAN
IsShortCircuiting
;
// Determines whether to perform short circuting (on | off)
264
265
}
DEBUGGER_SHORT_CIRCUITING_EVENT
, *
PDEBUGGER_SHORT_CIRCUITING_EVENT
;
266
268
// Event Options //
270
275
typedef
struct
_DEBUGGER_EVENT_OPTIONS
276
{
277
UINT64
OptionalParam1
;
// Optional parameter
278
UINT64
OptionalParam2
;
// Optional parameter
279
UINT64
OptionalParam3
;
// Optional parameter
280
UINT64
OptionalParam4
;
// Optional parameter
281
UINT64
OptionalParam5
;
// Optional parameter
282
UINT64
OptionalParam6
;
// Optional parameter
283
284
}
DEBUGGER_EVENT_OPTIONS
, *
PDEBUGGER_EVENT_OPTIONS
;
285
287
// Enums For Event And Debugger Resources //
289
294
typedef
enum
_PROTECTED_HV_RESOURCES_PASSING_OVERS
295
{
296
//
297
// for exception bitmap
298
//
299
PASSING_OVER_NONE
= 0,
300
PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK
= 1,
301
PASSING_OVER_EXCEPTION_EVENTS
,
302
303
//
304
// for external interupts-exitings
305
//
306
PASSING_OVER_INTERRUPT_EVENTS
,
307
308
//
309
// for external rdtsc/p exitings
310
//
311
PASSING_OVER_TSC_EVENTS
,
312
313
//
314
// for external mov to hardware debug registers exitings
315
//
316
PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS
,
317
318
//
319
// for external mov to control registers exitings
320
//
321
PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS
,
322
323
}
PROTECTED_HV_RESOURCES_PASSING_OVERS
;
324
329
typedef
enum
_PROTECTED_HV_RESOURCES_TYPE
330
{
331
PROTECTED_HV_RESOURCES_EXCEPTION_BITMAP
,
332
333
PROTECTED_HV_RESOURCES_EXTERNAL_INTERRUPT_EXITING
,
334
335
PROTECTED_HV_RESOURCES_RDTSC_RDTSCP_EXITING
,
336
337
PROTECTED_HV_RESOURCES_MOV_TO_DEBUG_REGISTER_EXITING
,
338
339
PROTECTED_HV_RESOURCES_MOV_CONTROL_REGISTER_EXITING
,
340
341
PROTECTED_HV_RESOURCES_MOV_TO_CR3_EXITING
,
342
343
PROTECTED_HV_RESOURCES_SAVE_AND_LOAD_DEBUG_CONTROLS
,
344
345
}
PROTECTED_HV_RESOURCES_TYPE
;
346
348
// Event Details //
350
356
typedef
struct
_DEBUGGER_GENERAL_EVENT_DETAIL
357
{
358
LIST_ENTRY
359
CommandsEventList
;
// Linked-list of commands list (used for tracing purpose
360
// in user mode)
361
362
UINT32
CoreId
;
// determines the core index to apply this event to, if it's
363
// 0xffffffff means that we have to apply it to all cores
364
365
UINT32
ProcessId
;
// determines the process id to apply this to
366
// only that 0xffffffff means that we have to
367
// apply it to all processes
368
369
BOOLEAN
IsEnabled
;
370
371
BOOLEAN
EnableShortCircuiting
;
// indicates whether the short-circuiting event
372
// is enabled or not for this event
373
374
VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE
EventStage
;
// reveals the calling stage of the event
375
// (whether it's a all- pre- or post- event)
376
377
BOOLEAN
HasCustomOutput
;
// Shows whether this event has a custom output
378
// source or not
379
380
UINT64
381
OutputSourceTags
382
[
DebuggerOutputSourceMaximumRemoteSourceForSingleEvent
];
// tags of
383
// multiple
384
// sources which
385
// can be used to
386
// send the event
387
// results of
388
// scripts to
389
// remote sources
390
391
UINT32
CountOfActions
;
392
393
UINT64
Tag
;
// is same as operation code
394
VMM_EVENT_TYPE_ENUM
EventType
;
395
396
DEBUGGER_EVENT_OPTIONS
Options
;
397
398
PVOID
CommandStringBuffer
;
399
400
UINT32
ConditionBufferSize
;
401
402
}
DEBUGGER_GENERAL_EVENT_DETAIL
, *
PDEBUGGER_GENERAL_EVENT_DETAIL
;
403
404
#define SIZEOF_DEBUGGER_GENERAL_EVENT_DETAIL sizeof(DEBUGGER_GENERAL_EVENT_DETAIL)
405
412
typedef
struct
_DEBUGGER_GENERAL_ACTION
413
{
414
UINT64
EventTag
;
415
DEBUGGER_EVENT_ACTION_TYPE_ENUM
ActionType
;
416
BOOLEAN
ImmediateMessagePassing
;
417
UINT32
PreAllocatedBuffer
;
418
419
UINT32
CustomCodeBufferSize
;
420
UINT32
ScriptBufferSize
;
421
UINT32
ScriptBufferPointer
;
422
423
}
DEBUGGER_GENERAL_ACTION
, *
PDEBUGGER_GENERAL_ACTION
;
424
425
#define SIZEOF_DEBUGGER_GENERAL_ACTION sizeof(DEBUGGER_GENERAL_ACTION)
426
431
typedef
struct
_DEBUGGER_EVENT_AND_ACTION_RESULT
432
{
433
BOOLEAN
IsSuccessful
;
434
UINT32
Error
;
// If IsSuccessful was, FALSE
435
436
}
DEBUGGER_EVENT_AND_ACTION_RESULT
, *
PDEBUGGER_EVENT_AND_ACTION_RESULT
;
437
438
#define SIZEOF_REGISTER_EVENT sizeof(REGISTER_NOTIFY_BUFFER)
BOOLEAN
UCHAR BOOLEAN
Definition
BasicTypes.h:35
PVOID
void * PVOID
Definition
BasicTypes.h:56
UINT32
unsigned int UINT32
Definition
BasicTypes.h:54
DebuggerOutputSourceMaximumRemoteSourceForSingleEvent
#define DebuggerOutputSourceMaximumRemoteSourceForSingleEvent
Determines how many sources a debugger can have for a single event.
Definition
Constants.h:251
VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE
enum _VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE
Type of calling the event.
EXCEPTION_VECTORS
enum _EXCEPTION_VECTORS EXCEPTION_VECTORS
Exceptions enum.
PROTECTED_HV_RESOURCES_TYPE
enum _PROTECTED_HV_RESOURCES_TYPE PROTECTED_HV_RESOURCES_TYPE
Type of protected (multi-used) resources.
PDEBUGGER_SHORT_CIRCUITING_EVENT
struct _DEBUGGER_SHORT_CIRCUITING_EVENT * PDEBUGGER_SHORT_CIRCUITING_EVENT
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
enum _VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
The status of triggering events.
_VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
_VMM_CALLBACK_TRIGGERING_EVENT_STATUS_TYPE
The status of triggering events.
Definition
Events.h:77
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_IGNORE_EVENT
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_IGNORE_EVENT
Definition
Events.h:80
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL
Definition
Events.h:79
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_DEBUGGER_NOT_ENABLED
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_DEBUGGER_NOT_ENABLED
Definition
Events.h:81
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_NO_INITIALIZED
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_SUCCESSFUL_NO_INITIALIZED
Definition
Events.h:78
VMM_CALLBACK_TRIGGERING_EVENT_STATUS_INVALID_EVENT_TYPE
@ VMM_CALLBACK_TRIGGERING_EVENT_STATUS_INVALID_EVENT_TYPE
Definition
Events.h:82
_DEBUGGER_EVENT_TRACE_TYPE
_DEBUGGER_EVENT_TRACE_TYPE
Type of tracing events.
Definition
Events.h:220
DEBUGGER_EVENT_TRACE_TYPE_INVALID
@ DEBUGGER_EVENT_TRACE_TYPE_INVALID
Definition
Events.h:221
DEBUGGER_EVENT_TRACE_TYPE_INSTRUMENTATION_STEP_IN
@ DEBUGGER_EVENT_TRACE_TYPE_INSTRUMENTATION_STEP_IN
Definition
Events.h:224
DEBUGGER_EVENT_TRACE_TYPE_STEP_IN
@ DEBUGGER_EVENT_TRACE_TYPE_STEP_IN
Definition
Events.h:222
DEBUGGER_EVENT_TRACE_TYPE_STEP_OUT
@ DEBUGGER_EVENT_TRACE_TYPE_STEP_OUT
Definition
Events.h:223
_VMM_EVENT_TYPE_ENUM
_VMM_EVENT_TYPE_ENUM
enum to show type of all HyperDbg events
Definition
Events.h:95
SYSCALL_HOOK_EFER_SYSCALL
@ SYSCALL_HOOK_EFER_SYSCALL
Definition
Events.h:117
DEBUG_REGISTERS_ACCESSED
@ DEBUG_REGISTERS_ACCESSED
Definition
Events.h:146
OUT_INSTRUCTION_EXECUTION
@ OUT_INSTRUCTION_EXECUTION
Definition
Events.h:135
CPUID_INSTRUCTION_EXECUTION
@ CPUID_INSTRUCTION_EXECUTION
Definition
Events.h:123
EXTERNAL_INTERRUPT_OCCURRED
@ EXTERNAL_INTERRUPT_OCCURRED
Definition
Events.h:141
EXCEPTION_OCCURRED
@ EXCEPTION_OCCURRED
Definition
Events.h:140
HIDDEN_HOOK_WRITE_AND_EXECUTE
@ HIDDEN_HOOK_WRITE_AND_EXECUTE
Definition
Events.h:103
TRAP_EXECUTION_INSTRUCTION_TRACE
@ TRAP_EXECUTION_INSTRUCTION_TRACE
Definition
Events.h:170
RDMSR_INSTRUCTION_EXECUTION
@ RDMSR_INSTRUCTION_EXECUTION
Definition
Events.h:128
CONTROL_REGISTER_READ
@ CONTROL_REGISTER_READ
Definition
Events.h:163
IN_INSTRUCTION_EXECUTION
@ IN_INSTRUCTION_EXECUTION
Definition
Events.h:134
HIDDEN_HOOK_EXEC_DETOURS
@ HIDDEN_HOOK_EXEC_DETOURS
Definition
Events.h:111
CONTROL_REGISTER_3_MODIFIED
@ CONTROL_REGISTER_3_MODIFIED
Definition
Events.h:164
TSC_INSTRUCTION_EXECUTION
@ TSC_INSTRUCTION_EXECUTION
Definition
Events.h:151
WRMSR_INSTRUCTION_EXECUTION
@ WRMSR_INSTRUCTION_EXECUTION
Definition
Events.h:129
CONTROL_REGISTER_MODIFIED
@ CONTROL_REGISTER_MODIFIED
Definition
Events.h:162
PMC_INSTRUCTION_EXECUTION
@ PMC_INSTRUCTION_EXECUTION
Definition
Events.h:152
XSETBV_INSTRUCTION_EXECUTION
@ XSETBV_INSTRUCTION_EXECUTION
Definition
Events.h:175
HIDDEN_HOOK_READ_AND_WRITE
@ HIDDEN_HOOK_READ_AND_WRITE
Definition
Events.h:101
HIDDEN_HOOK_READ_AND_EXECUTE
@ HIDDEN_HOOK_READ_AND_EXECUTE
Definition
Events.h:102
HIDDEN_HOOK_EXEC_CC
@ HIDDEN_HOOK_EXEC_CC
Definition
Events.h:112
HIDDEN_HOOK_READ
@ HIDDEN_HOOK_READ
Definition
Events.h:104
SYSCALL_HOOK_EFER_SYSRET
@ SYSCALL_HOOK_EFER_SYSRET
Definition
Events.h:118
HIDDEN_HOOK_WRITE
@ HIDDEN_HOOK_WRITE
Definition
Events.h:105
HIDDEN_HOOK_READ_AND_WRITE_AND_EXECUTE
@ HIDDEN_HOOK_READ_AND_WRITE_AND_EXECUTE
Definition
Events.h:100
TRAP_EXECUTION_MODE_CHANGED
@ TRAP_EXECUTION_MODE_CHANGED
Definition
Events.h:169
VMCALL_INSTRUCTION_EXECUTION
@ VMCALL_INSTRUCTION_EXECUTION
Definition
Events.h:157
HIDDEN_HOOK_EXECUTE
@ HIDDEN_HOOK_EXECUTE
Definition
Events.h:106
DEBUGGER_EVENT_TRACE_TYPE
enum _DEBUGGER_EVENT_TRACE_TYPE DEBUGGER_EVENT_TRACE_TYPE
Type of tracing events.
DEBUGGER_GENERAL_EVENT_DETAIL
struct _DEBUGGER_GENERAL_EVENT_DETAIL DEBUGGER_GENERAL_EVENT_DETAIL
Each command is like the following struct, it also used for tracing works in user mode and sending it...
_DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
_DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
Type of handling !syscall or !sysret.
Definition
Events.h:196
DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY
@ DEBUGGER_EVENT_SYSCALL_SYSRET_SAFE_ACCESS_MEMORY
Definition
Events.h:197
DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD
@ DEBUGGER_EVENT_SYSCALL_SYSRET_HANDLE_ALL_UD
Definition
Events.h:198
DEBUGGER_EVENT_ACTION_TYPE_ENUM
enum _DEBUGGER_EVENT_ACTION_TYPE_ENUM DEBUGGER_EVENT_ACTION_TYPE_ENUM
Type of Actions.
_DEBUGGER_EVENT_MODE_TYPE
_DEBUGGER_EVENT_MODE_TYPE
Type of mode change traps.
Definition
Events.h:207
DEBUGGER_EVENT_MODE_TYPE_KERNEL_MODE
@ DEBUGGER_EVENT_MODE_TYPE_KERNEL_MODE
Definition
Events.h:210
DEBUGGER_EVENT_MODE_TYPE_USER_MODE_AND_KERNEL_MODE
@ DEBUGGER_EVENT_MODE_TYPE_USER_MODE_AND_KERNEL_MODE
Definition
Events.h:208
DEBUGGER_EVENT_MODE_TYPE_INVALID
@ DEBUGGER_EVENT_MODE_TYPE_INVALID
Definition
Events.h:211
DEBUGGER_EVENT_MODE_TYPE_USER_MODE
@ DEBUGGER_EVENT_MODE_TYPE_USER_MODE
Definition
Events.h:209
_DEBUGGER_MODIFY_EVENTS_TYPE
_DEBUGGER_MODIFY_EVENTS_TYPE
different types of modifying events request (enable/disable/clear)
Definition
Events.h:233
DEBUGGER_MODIFY_EVENTS_ENABLE
@ DEBUGGER_MODIFY_EVENTS_ENABLE
Definition
Events.h:235
DEBUGGER_MODIFY_EVENTS_DISABLE
@ DEBUGGER_MODIFY_EVENTS_DISABLE
Definition
Events.h:236
DEBUGGER_MODIFY_EVENTS_QUERY_STATE
@ DEBUGGER_MODIFY_EVENTS_QUERY_STATE
Definition
Events.h:234
DEBUGGER_MODIFY_EVENTS_CLEAR
@ DEBUGGER_MODIFY_EVENTS_CLEAR
Definition
Events.h:237
PROTECTED_HV_RESOURCES_PASSING_OVERS
enum _PROTECTED_HV_RESOURCES_PASSING_OVERS PROTECTED_HV_RESOURCES_PASSING_OVERS
Things to consider when applying resources.
PDEBUGGER_GENERAL_EVENT_DETAIL
struct _DEBUGGER_GENERAL_EVENT_DETAIL * PDEBUGGER_GENERAL_EVENT_DETAIL
_DEBUGGER_EVENT_ACTION_TYPE_ENUM
_DEBUGGER_EVENT_ACTION_TYPE_ENUM
Type of Actions.
Definition
Events.h:184
RUN_CUSTOM_CODE
@ RUN_CUSTOM_CODE
Definition
Events.h:187
BREAK_TO_DEBUGGER
@ BREAK_TO_DEBUGGER
Definition
Events.h:185
RUN_SCRIPT
@ RUN_SCRIPT
Definition
Events.h:186
VMM_EVENT_TYPE_ENUM
enum _VMM_EVENT_TYPE_ENUM VMM_EVENT_TYPE_ENUM
enum to show type of all HyperDbg events
PDEBUGGER_MODIFY_EVENTS
struct _DEBUGGER_MODIFY_EVENTS * PDEBUGGER_MODIFY_EVENTS
DEBUGGER_EVENT_MODE_TYPE
enum _DEBUGGER_EVENT_MODE_TYPE DEBUGGER_EVENT_MODE_TYPE
Type of mode change traps.
PDEBUGGER_EVENT_OPTIONS
struct _DEBUGGER_EVENT_OPTIONS * PDEBUGGER_EVENT_OPTIONS
PDEBUGGER_EVENT_AND_ACTION_RESULT
struct _DEBUGGER_EVENT_AND_ACTION_RESULT * PDEBUGGER_EVENT_AND_ACTION_RESULT
_PROTECTED_HV_RESOURCES_PASSING_OVERS
_PROTECTED_HV_RESOURCES_PASSING_OVERS
Things to consider when applying resources.
Definition
Events.h:295
PASSING_OVER_INTERRUPT_EVENTS
@ PASSING_OVER_INTERRUPT_EVENTS
Definition
Events.h:306
PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS
@ PASSING_OVER_MOV_TO_CONTROL_REGS_EVENTS
Definition
Events.h:321
PASSING_OVER_TSC_EVENTS
@ PASSING_OVER_TSC_EVENTS
Definition
Events.h:311
PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS
@ PASSING_OVER_MOV_TO_HW_DEBUG_REGS_EVENTS
Definition
Events.h:316
PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK
@ PASSING_OVER_UD_EXCEPTIONS_FOR_SYSCALL_SYSRET_HOOK
Definition
Events.h:300
PASSING_OVER_NONE
@ PASSING_OVER_NONE
Definition
Events.h:299
PASSING_OVER_EXCEPTION_EVENTS
@ PASSING_OVER_EXCEPTION_EVENTS
Definition
Events.h:301
DEBUGGER_SHORT_CIRCUITING_EVENT
struct _DEBUGGER_SHORT_CIRCUITING_EVENT DEBUGGER_SHORT_CIRCUITING_EVENT
request for performing a short-circuiting event
DEBUGGER_MODIFY_EVENTS_TYPE
enum _DEBUGGER_MODIFY_EVENTS_TYPE DEBUGGER_MODIFY_EVENTS_TYPE
different types of modifying events request (enable/disable/clear)
_PROTECTED_HV_RESOURCES_TYPE
_PROTECTED_HV_RESOURCES_TYPE
Type of protected (multi-used) resources.
Definition
Events.h:330
PROTECTED_HV_RESOURCES_MOV_CONTROL_REGISTER_EXITING
@ PROTECTED_HV_RESOURCES_MOV_CONTROL_REGISTER_EXITING
Definition
Events.h:339
PROTECTED_HV_RESOURCES_EXCEPTION_BITMAP
@ PROTECTED_HV_RESOURCES_EXCEPTION_BITMAP
Definition
Events.h:331
PROTECTED_HV_RESOURCES_MOV_TO_DEBUG_REGISTER_EXITING
@ PROTECTED_HV_RESOURCES_MOV_TO_DEBUG_REGISTER_EXITING
Definition
Events.h:337
PROTECTED_HV_RESOURCES_MOV_TO_CR3_EXITING
@ PROTECTED_HV_RESOURCES_MOV_TO_CR3_EXITING
Definition
Events.h:341
PROTECTED_HV_RESOURCES_RDTSC_RDTSCP_EXITING
@ PROTECTED_HV_RESOURCES_RDTSC_RDTSCP_EXITING
Definition
Events.h:335
PROTECTED_HV_RESOURCES_SAVE_AND_LOAD_DEBUG_CONTROLS
@ PROTECTED_HV_RESOURCES_SAVE_AND_LOAD_DEBUG_CONTROLS
Definition
Events.h:343
PROTECTED_HV_RESOURCES_EXTERNAL_INTERRUPT_EXITING
@ PROTECTED_HV_RESOURCES_EXTERNAL_INTERRUPT_EXITING
Definition
Events.h:333
DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
enum _DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE DEBUGGER_EVENT_SYSCALL_SYSRET_TYPE
Type of handling !syscall or !sysret.
DEBUGGER_GENERAL_ACTION
struct _DEBUGGER_GENERAL_ACTION DEBUGGER_GENERAL_ACTION
Each event can have multiple actions.
PDEBUGGER_GENERAL_ACTION
struct _DEBUGGER_GENERAL_ACTION * PDEBUGGER_GENERAL_ACTION
DEBUGGER_EVENT_OPTIONS
struct _DEBUGGER_EVENT_OPTIONS DEBUGGER_EVENT_OPTIONS
request for performing a short-circuiting event
DEBUGGER_MODIFY_EVENTS
struct _DEBUGGER_MODIFY_EVENTS DEBUGGER_MODIFY_EVENTS
request for modifying events (enable/disable/clear)
_EXCEPTION_VECTORS
_EXCEPTION_VECTORS
Exceptions enum.
Definition
Events.h:23
EXCEPTION_VECTOR_RESERVED11
@ EXCEPTION_VECTOR_RESERVED11
Definition
Events.h:54
EXCEPTION_VECTOR_GENERAL_PROTECTION_FAULT
@ EXCEPTION_VECTOR_GENERAL_PROTECTION_FAULT
Definition
Events.h:37
EXCEPTION_VECTOR_MATH_FAULT
@ EXCEPTION_VECTOR_MATH_FAULT
Definition
Events.h:40
EXCEPTION_VECTOR_STACK_SEGMENT_FAULT
@ EXCEPTION_VECTOR_STACK_SEGMENT_FAULT
Definition
Events.h:36
EXCEPTION_VECTOR_INVALID_TASK_SEGMENT_SELECTOR
@ EXCEPTION_VECTOR_INVALID_TASK_SEGMENT_SELECTOR
Definition
Events.h:34
EXCEPTION_VECTOR_RESERVED0
@ EXCEPTION_VECTOR_RESERVED0
Definition
Events.h:33
EXCEPTION_VECTOR_UNDEFINED_OPCODE
@ EXCEPTION_VECTOR_UNDEFINED_OPCODE
Definition
Events.h:30
EXCEPTION_VECTOR_NMI
@ EXCEPTION_VECTOR_NMI
Definition
Events.h:26
PMI_INTERRUPT
@ PMI_INTERRUPT
Definition
Events.h:64
EXCEPTION_VECTOR_RESERVED10
@ EXCEPTION_VECTOR_RESERVED10
Definition
Events.h:53
EXCEPTION_VECTOR_DEBUG_BREAKPOINT
@ EXCEPTION_VECTOR_DEBUG_BREAKPOINT
Definition
Events.h:25
EXCEPTION_VECTOR_DIVIDE_ERROR
@ EXCEPTION_VECTOR_DIVIDE_ERROR
Definition
Events.h:24
APC_INTERRUPT
@ APC_INTERRUPT
Definition
Events.h:60
EXCEPTION_VECTOR_RESERVED8
@ EXCEPTION_VECTOR_RESERVED8
Definition
Events.h:51
IPI_INTERRUPT
@ IPI_INTERRUPT
Definition
Events.h:63
EXCEPTION_VECTOR_PAGE_FAULT
@ EXCEPTION_VECTOR_PAGE_FAULT
Definition
Events.h:38
EXCEPTION_VECTOR_RESERVED9
@ EXCEPTION_VECTOR_RESERVED9
Definition
Events.h:52
EXCEPTION_VECTOR_RESERVED5
@ EXCEPTION_VECTOR_RESERVED5
Definition
Events.h:48
EXCEPTION_VECTOR_ALIGNMENT_CHECK
@ EXCEPTION_VECTOR_ALIGNMENT_CHECK
Definition
Events.h:41
EXCEPTION_VECTOR_RESERVED4
@ EXCEPTION_VECTOR_RESERVED4
Definition
Events.h:47
EXCEPTION_VECTOR_RESERVED1
@ EXCEPTION_VECTOR_RESERVED1
Definition
Events.h:39
EXCEPTION_VECTOR_RESERVED2
@ EXCEPTION_VECTOR_RESERVED2
Definition
Events.h:45
CLOCK_INTERRUPT
@ CLOCK_INTERRUPT
Definition
Events.h:62
EXCEPTION_VECTOR_MACHINE_CHECK
@ EXCEPTION_VECTOR_MACHINE_CHECK
Definition
Events.h:42
EXCEPTION_VECTOR_SIMD_FLOATING_POINT_NUMERIC_ERROR
@ EXCEPTION_VECTOR_SIMD_FLOATING_POINT_NUMERIC_ERROR
Definition
Events.h:43
EXCEPTION_VECTOR_NO_MATH_COPROCESSOR
@ EXCEPTION_VECTOR_NO_MATH_COPROCESSOR
Definition
Events.h:31
EXCEPTION_VECTOR_VIRTUAL_EXCEPTION
@ EXCEPTION_VECTOR_VIRTUAL_EXCEPTION
Definition
Events.h:44
EXCEPTION_VECTOR_RESERVED6
@ EXCEPTION_VECTOR_RESERVED6
Definition
Events.h:49
EXCEPTION_VECTOR_RESERVED12
@ EXCEPTION_VECTOR_RESERVED12
Definition
Events.h:55
DPC_INTERRUPT
@ DPC_INTERRUPT
Definition
Events.h:61
EXCEPTION_VECTOR_BOUND_RANGE_EXCEEDED
@ EXCEPTION_VECTOR_BOUND_RANGE_EXCEEDED
Definition
Events.h:29
EXCEPTION_VECTOR_RESERVED3
@ EXCEPTION_VECTOR_RESERVED3
Definition
Events.h:46
EXCEPTION_VECTOR_OVERFLOW
@ EXCEPTION_VECTOR_OVERFLOW
Definition
Events.h:28
EXCEPTION_VECTOR_SEGMENT_NOT_PRESENT
@ EXCEPTION_VECTOR_SEGMENT_NOT_PRESENT
Definition
Events.h:35
EXCEPTION_VECTOR_RESERVED7
@ EXCEPTION_VECTOR_RESERVED7
Definition
Events.h:50
EXCEPTION_VECTOR_DOUBLE_FAULT
@ EXCEPTION_VECTOR_DOUBLE_FAULT
Definition
Events.h:32
EXCEPTION_VECTOR_BREAKPOINT
@ EXCEPTION_VECTOR_BREAKPOINT
Definition
Events.h:27
DEBUGGER_EVENT_AND_ACTION_RESULT
struct _DEBUGGER_EVENT_AND_ACTION_RESULT DEBUGGER_EVENT_AND_ACTION_RESULT
Status of register buffers.
VMM_EVENT_TYPE_ENUM
enum _VMM_EVENT_TYPE_ENUM VMM_EVENT_TYPE_ENUM
enum to show type of all HyperDbg events
DEBUGGER_MODIFY_EVENTS_TYPE
enum _DEBUGGER_MODIFY_EVENTS_TYPE DEBUGGER_MODIFY_EVENTS_TYPE
different types of modifying events request (enable/disable/clear)
DEBUGGER_EVENT_OPTIONS
struct _DEBUGGER_EVENT_OPTIONS DEBUGGER_EVENT_OPTIONS
request for performing a short-circuiting event
_DEBUGGER_EVENT_AND_ACTION_RESULT
Status of register buffers.
Definition
Events.h:432
_DEBUGGER_EVENT_AND_ACTION_RESULT::Error
UINT32 Error
Definition
Events.h:434
_DEBUGGER_EVENT_AND_ACTION_RESULT::IsSuccessful
BOOLEAN IsSuccessful
Definition
Events.h:433
_DEBUGGER_EVENT_OPTIONS
request for performing a short-circuiting event
Definition
Events.h:276
_DEBUGGER_EVENT_OPTIONS::OptionalParam5
UINT64 OptionalParam5
Definition
Events.h:281
_DEBUGGER_EVENT_OPTIONS::OptionalParam2
UINT64 OptionalParam2
Definition
Events.h:278
_DEBUGGER_EVENT_OPTIONS::OptionalParam3
UINT64 OptionalParam3
Definition
Events.h:279
_DEBUGGER_EVENT_OPTIONS::OptionalParam6
UINT64 OptionalParam6
Definition
Events.h:282
_DEBUGGER_EVENT_OPTIONS::OptionalParam1
UINT64 OptionalParam1
Definition
Events.h:277
_DEBUGGER_EVENT_OPTIONS::OptionalParam4
UINT64 OptionalParam4
Definition
Events.h:280
_DEBUGGER_GENERAL_ACTION
Each event can have multiple actions.
Definition
Events.h:413
_DEBUGGER_GENERAL_ACTION::CustomCodeBufferSize
UINT32 CustomCodeBufferSize
Definition
Events.h:419
_DEBUGGER_GENERAL_ACTION::ScriptBufferSize
UINT32 ScriptBufferSize
Definition
Events.h:420
_DEBUGGER_GENERAL_ACTION::ActionType
DEBUGGER_EVENT_ACTION_TYPE_ENUM ActionType
Definition
Events.h:415
_DEBUGGER_GENERAL_ACTION::ScriptBufferPointer
UINT32 ScriptBufferPointer
Definition
Events.h:421
_DEBUGGER_GENERAL_ACTION::PreAllocatedBuffer
UINT32 PreAllocatedBuffer
Definition
Events.h:417
_DEBUGGER_GENERAL_ACTION::ImmediateMessagePassing
BOOLEAN ImmediateMessagePassing
Definition
Events.h:416
_DEBUGGER_GENERAL_ACTION::EventTag
UINT64 EventTag
Definition
Events.h:414
_DEBUGGER_GENERAL_EVENT_DETAIL
Each command is like the following struct, it also used for tracing works in user mode and sending it...
Definition
Events.h:357
_DEBUGGER_GENERAL_EVENT_DETAIL::Options
DEBUGGER_EVENT_OPTIONS Options
Definition
Events.h:396
_DEBUGGER_GENERAL_EVENT_DETAIL::EnableShortCircuiting
BOOLEAN EnableShortCircuiting
Definition
Events.h:371
_DEBUGGER_GENERAL_EVENT_DETAIL::IsEnabled
BOOLEAN IsEnabled
Definition
Events.h:369
_DEBUGGER_GENERAL_EVENT_DETAIL::EventType
VMM_EVENT_TYPE_ENUM EventType
Definition
Events.h:394
_DEBUGGER_GENERAL_EVENT_DETAIL::CountOfActions
UINT32 CountOfActions
Definition
Events.h:391
_DEBUGGER_GENERAL_EVENT_DETAIL::Tag
UINT64 Tag
Definition
Events.h:393
_DEBUGGER_GENERAL_EVENT_DETAIL::HasCustomOutput
BOOLEAN HasCustomOutput
Definition
Events.h:377
_DEBUGGER_GENERAL_EVENT_DETAIL::OutputSourceTags
UINT64 OutputSourceTags[DebuggerOutputSourceMaximumRemoteSourceForSingleEvent]
Definition
Events.h:382
_DEBUGGER_GENERAL_EVENT_DETAIL::EventStage
VMM_CALLBACK_EVENT_CALLING_STAGE_TYPE EventStage
Definition
Events.h:374
_DEBUGGER_GENERAL_EVENT_DETAIL::ConditionBufferSize
UINT32 ConditionBufferSize
Definition
Events.h:400
_DEBUGGER_GENERAL_EVENT_DETAIL::ProcessId
UINT32 ProcessId
Definition
Events.h:365
_DEBUGGER_GENERAL_EVENT_DETAIL::CoreId
UINT32 CoreId
Definition
Events.h:362
_DEBUGGER_GENERAL_EVENT_DETAIL::CommandStringBuffer
PVOID CommandStringBuffer
Definition
Events.h:398
_DEBUGGER_GENERAL_EVENT_DETAIL::CommandsEventList
LIST_ENTRY CommandsEventList
Definition
Events.h:359
_DEBUGGER_MODIFY_EVENTS
request for modifying events (enable/disable/clear)
Definition
Events.h:245
_DEBUGGER_MODIFY_EVENTS::TypeOfAction
DEBUGGER_MODIFY_EVENTS_TYPE TypeOfAction
Definition
Events.h:249
_DEBUGGER_MODIFY_EVENTS::IsEnabled
BOOLEAN IsEnabled
Definition
Events.h:250
_DEBUGGER_MODIFY_EVENTS::KernelStatus
UINT64 KernelStatus
Definition
Events.h:247
_DEBUGGER_MODIFY_EVENTS::Tag
UINT64 Tag
Definition
Events.h:246
_DEBUGGER_SHORT_CIRCUITING_EVENT
request for performing a short-circuiting event
Definition
Events.h:261
_DEBUGGER_SHORT_CIRCUITING_EVENT::IsShortCircuiting
BOOLEAN IsShortCircuiting
Definition
Events.h:263
_DEBUGGER_SHORT_CIRCUITING_EVENT::KernelStatus
UINT64 KernelStatus
Definition
Events.h:262
hyperdbg
include
SDK
headers
Events.h
Generated by
1.17.0