Managing Events

Enable, Disable, and remove events
Each time you use a command like !syscall, !epthook, bp, !monitor, etc., you create an event.
After that, you can disable or re-enable the event or completely clear the event. This article demonstrates how to manage events in HyperDbg.
The following command shows the list of active/disabled events.
HyperDbg> events
0       (enabled)           !syscall 80
1       (disabled)          !sysret 80
2       (enabled)           !msrwrite 80 code {90}
3       (enabled)           !cpuid
The following command disables an event with event number 1 and then we see the list of all events.
HyperDbg> event d 1
​
HyperDbg> events
0       (enabled)           !syscall 80
1       (disabled)          !sysret 80
2       (enabled)           !msrwrite 80 code {90}
3       (enabled)           !cpuid
The following command enables all of the events and commands.
HyperDbg> event e all
​
HyperDbg> events
0       (enabled)           !syscall 80
1       (enabled)           !sysret 80
2       (enabled)           !msrwrite 80 code {90}
3       (enabled)           !cpuid
The following command clears an event with event number 1.
HyperDbg> event c 1
​
HyperDbg> events
0       (enabled)           !syscall 80
2       (enabled)           !msrwrite 80 code {90}
3       (enabled)           !cpuid
The following command clears and turns off every enabled and disabled event and commands.
HyperDbg> event c 1
events
Hooking Any Function
Last modified 1yr ago