|
HyperDbg Debugger
|
HyperDbg's SDK for hyperevade project. More...
Go to the source code of this file.
Classes | |
| struct | _HYPEREVADE_CALLBACKS |
| Prototype of each function needed by hyperevade module. More... | |
Typedefs | |
| typedef BOOLEAN(* | LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList) |
| A function from the message tracer that send the inputs to the queue of the messages. | |
| typedef BOOLEAN(* | LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority) |
| A function that sends the messages to message tracer buffers. | |
| typedef BOOLEAN(* | LOG_CALLBACK_SEND_BUFFER) (_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority) |
| A function that sends the messages to message tracer buffers. | |
| typedef BOOLEAN(* | LOG_CALLBACK_CHECK_IF_BUFFER_IS_FULL) (BOOLEAN Priority) |
| A function that checks whether the priority or regular buffer is full or not. | |
| typedef BOOLEAN(* | HYPERTRACE_LBR_IS_SUPPORTED) (UINT32 *Capacity, BOOLEAN *IsArchLbr) |
| A function that checks if LBR is supported on the current CPU and gets its capacity. | |
| typedef BOOLEAN(* | CHECK_ACCESS_VALIDITY_AND_SAFETY) (UINT64 TargetAddress, UINT32 Size) |
| A function that checks the validity and safety of the target address. | |
| typedef BOOLEAN(* | MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS) (UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead) |
| A function that reads memory safely on the target process. | |
| typedef BOOLEAN(* | MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS) (UINT64 Destination, PVOID Source, SIZE_T Size) |
| A function that writes memory safely on the target process. | |
| typedef PCHAR(* | COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK) (PVOID Eprocess) |
| A function that gets the process name from the process control block. | |
| typedef BOOLEAN(* | SYSCALL_CALLBACK_SET_TRAP_FLAG_AFTER_SYSCALL) (GUEST_REGS *Regs, UINT32 ProcessId, UINT32 ThreadId, UINT64 Context, SYSCALL_CALLBACK_CONTEXT_PARAMS *Params) |
| A function that sets the trap flag after a syscall. | |
| typedef VOID(* | HV_HANDLE_TRAPFLAG) () |
| A function that handles the trap flag. | |
| typedef VOID(* | EVENT_INJECT_GENERAL_PROTECTION) () |
| A function that injects a general protection (#GP). | |
| typedef struct _HYPEREVADE_CALLBACKS | HYPEREVADE_CALLBACKS |
| Prototype of each function needed by hyperevade module. | |
HyperDbg's SDK for hyperevade project.
This file contains definitions of HyperEvade routines
A function that checks the validity and safety of the target address.
| typedef PCHAR(* COMMON_GET_PROCESS_NAME_FROM_PROCESS_CONTROL_BLOCK) (PVOID Eprocess) |
A function that gets the process name from the process control block.
| typedef VOID(* EVENT_INJECT_GENERAL_PROTECTION) () |
A function that injects a general protection (#GP).
| typedef VOID(* HV_HANDLE_TRAPFLAG) () |
A function that handles the trap flag.
| typedef struct _HYPEREVADE_CALLBACKS HYPEREVADE_CALLBACKS |
Prototype of each function needed by hyperevade module.
A function that checks if LBR is supported on the current CPU and gets its capacity.
A function that checks whether the priority or regular buffer is full or not.
| typedef BOOLEAN(* LOG_CALLBACK_PREPARE_AND_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, BOOLEAN ShowCurrentSystemTime, BOOLEAN Priority, const CHAR *Fmt, va_list ArgList) |
A function from the message tracer that send the inputs to the queue of the messages.
| typedef BOOLEAN(* LOG_CALLBACK_SEND_BUFFER) (_In_ UINT32 OperationCode, _In_reads_bytes_(BufferLength) PVOID Buffer, _In_ UINT32 BufferLength, _In_ BOOLEAN Priority) |
A function that sends the messages to message tracer buffers.
| typedef BOOLEAN(* LOG_CALLBACK_SEND_MESSAGE_TO_QUEUE) (UINT32 OperationCode, BOOLEAN IsImmediateMessage, CHAR *LogMessage, UINT32 BufferLen, BOOLEAN Priority) |
A function that sends the messages to message tracer buffers.
| typedef BOOLEAN(* MEMORY_MAPPER_READ_MEMORY_SAFE_ON_TARGET_PROCESS) (UINT64 VaAddressToRead, PVOID BufferToSaveMemory, SIZE_T SizeToRead) |
A function that reads memory safely on the target process.
| typedef BOOLEAN(* MEMORY_MAPPER_WRITE_MEMORY_SAFE_ON_TARGET_PROCESS) (UINT64 Destination, PVOID Source, SIZE_T Size) |
A function that writes memory safely on the target process.
| typedef BOOLEAN(* SYSCALL_CALLBACK_SET_TRAP_FLAG_AFTER_SYSCALL) (GUEST_REGS *Regs, UINT32 ProcessId, UINT32 ThreadId, UINT64 Context, SYSCALL_CALLBACK_CONTEXT_PARAMS *Params) |
A function that sets the trap flag after a syscall.