Frequently Asked Questions (FAQ)
Programmers, security researchers, malware analyzers, fuzzer programmers.
Because HyperDbg gives you unique abilities to use modern processor features that will assist you in your reverse engineering journey.
HyperDbg has a unique architecture. The principles of designing HyperDbg are making an OS-independent debugger and leveraging modern processor features to bring new reverse engineering methods; thus, the features you see in HyperDbg is not available in other debuggers.
HyperDbg has a completely different architecture. Windbg operates on ring 0 (kernel) while HyperDbg is running on ring -1 (hypervisor); thus, HyperDbg provides unique features that are not available on Windbg (OS-Level).
Besides that, HyperDbg is not just a simple debugger. It comes up with modern reverse engineering methods by using vt-x and other modern processor facilities to ease the reverse engineering, analyzing, and fuzzing.
The current version of HyperDbg only supports Intel x64 processors. You cannot run it on an AMD processor or an ARM processor, but future versions will support other processors.
Your processor should support Intel Extended Page Table (A.K.A. EPT), which is introduced on Nehalem Microarchitecture, but some functionalities only work on Intel's 4th or later generation; so, the previous processors might have undefined behaviors with some of the functionalities of HyperDbg. It's recommended to use a Skylake (6th generation) processor or newer processors.
No, the current version is only limited to Windows 10; however, one of our top priorities is to port HyperDbg on Linux, but currently, it's only usable on Windows.
Of course not! The only problem with not having a separate machine is that you can only operate on VMI mode, and you can't pause (halt) the system with breakpoint or for stepping. You can also use VMware Workstation to debug in debugger mode with all of the features, including stepping and pausing the debuggee.
The current versions of HyperDbg are only tested on VMware Workstation (Not VMware player), but in the future versions, we will support all the virtualization platforms with nested-virtualization.