This page provides different articles on the design details of each version of the HyperDbg Debugger.
The kernel-mode debugger of HyperDbg is called “kHyperDbg”. Unlike all the other software debuggers like WinDbg and GDB, HyperDbg is not a ring 0 (kernel) debugger. It uses ring -1 for its debugging purpose. Although, Using ring -1 (Hypervisor) as the base of the debugger has its own benefits, so many considerations are required to be noted for the implementation. In this report we present the design of HyperDbg Kernel Debugger.