v0.18

Merge pull request HyperDbg#566 from HyperDbg/dev

Author: SinaKarvandi

.gitmodules

@@ -1,6 +1,3 @@
-[submodule "hyperdbg/dependencies/zydis"]
-	path = hyperdbg/dependencies/zydis
-	url = https://github.com/HyperDbg/zydis.git
 [submodule "hyperdbg/dependencies/pdbex"]
 	path = hyperdbg/dependencies/pdbex
 	url = https://github.com/HyperDbg/pdbex.git
@@ -13,3 +10,6 @@
 [submodule "hyperdbg/dependencies/ia32-doc"]
 	path = hyperdbg/dependencies/ia32-doc
 	url = https://github.com/HyperDbg/ia32-doc.git
+[submodule "hyperdbg/dependencies/zydis"]
+	path = hyperdbg/dependencies/zydis
+	url = https://github.com/HyperDbg/zydis.git

CHANGELOG.md

@@ -4,6 +4,22 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.18.0.0] - 2026-02-16
+New release of the HyperDbg Debugger.
+
+### Added
+- Script engine now supports writing libraries using the '#include' keyword thanks to [@xmaple555](https://github.com/xmaple555) ([link](https://docs.hyperdbg.org/commands/scripting-language/casting-and-inclusion))([link](https://github.com/HyperDbg/HyperDbg/issues/557))([link](https://github.com/HyperDbg/HyperDbg/pull/561))
+- Initial codes for the hypertrace project by using Intel Last Branch Record (LBR) and Branch Trace Store (BTS) thanks to [@harimishal1](https://github.com/harimishal1) ([link](https://github.com/HyperDbg/HyperDbg/tree/master/hyperdbg/hypertrace))
+- The hypertrace project is now linked to the hyperkd
+- Initial efforts to port HyperDbg to Linux have started thanks to [@Alish14](https://github.com/Alish14) ([link](https://github.com/HyperDbg/HyperDbg/pull/563))
+
+### Changed
+- Fix bugs for interpreting 'db_pa, 'dd_pa', 'eb_pa', and 'ed_pa' keywords in the script engine ([link](https://docs.hyperdbg.org/commands/scripting-language/assumptions-and-evaluations#keywords))([link](https://github.com/HyperDbg/HyperDbg/pull/507))
+- Fix variable types in the script engine ([link](https://github.com/HyperDbg/HyperDbg/commit/43b0245fa11b5c73ce4cd21d8b8787b86a05f89d))
+- Fix and update array index for boolean expressions in the script engine ([link](https://github.com/HyperDbg/HyperDbg/commit/ba2cec3c12c3ff45ddc0004051884983ff62a0b3))
+- Fix and update array index for boolean expressions in the script engine ([link](https://github.com/HyperDbg/HyperDbg/commit/ba2cec3c12c3ff45ddc0004051884983ff62a0b3))
+- Fix compilation error in Zydis with the new Windows WDK ([link](https://github.com/HyperDbg/zydis/commit/e61f59332ce49f8853006573ca853e404fafdd08))
+
 ## [0.17.0.0] - 2025-11-10
 New release of the HyperDbg Debugger. All credit for this release goes to [@xmaple555](https://github.com/xmaple555).
 

CONTRIBUTING.md

@@ -13,15 +13,15 @@ Please make sure to create a [discussion](https://github.com/orgs/HyperDbg/discu
 - Troubleshooting problems with running on Hyper-V's nested virtualization.
 - Troubleshooting problems with running on VirtualBox's nested virtualization.
 - Supporting KDNET (sending data over the network).
-- Enhancing HyperDbg's [Transparent Mode](https://docs.hyperdbg.org/using-hyperdbg/prerequisites/operation-modes#transparent-mode), especially for anti-hypervisor methods.
+- Enhancing HyperDbg's [Transparent Mode](https://docs.hyperdbg.org/using-hyperdbg/prerequisites/operation-modes#transparent-mode). These features should be added as an extension to the [HyperEvade](https://www.vusec.net/projects/hyperevade/) project (e.g., by bypassing [al-khaser](https://github.com/LordNoteworthy/al-khaser) and similar anti-debugging and anti-hypervisor projects).
 - Enhancing and adding more features to the ['.pe'](https://docs.hyperdbg.org/commands/meta-commands/.pe) command.
 - Adding HyperDbg to the system startup using UEFI.
-- Adding routines to activate and use Last Branch Record (LBR) and Branch Trace Store (BTS).
+- Adding routines to activate and use Last Branch Record (LBR) and Branch Trace Store (BTS) | (In progress).
 - Creating a QT-based GUI.
 - Creating a SoftICE-style GUI.
 - Supporting nested-virtualization on HyperDbg itself.
 - Protecting HyperDbg code and memory from modification using VT-x capabilities.
-- Adding support for the Intel Processor Trace (PT).
+- Adding support for the Intel Processor Trace (PT) and event command for detecting coverage.
 - Creating a wrapper that automatically interprets the [HyperDbg SDK](https://github.com/HyperDbg/HyperDbg/tree/master/hyperdbg/include/SDK) to GO, RUST, C#, Python, etc.
 - Creating syntax highlighting for dslang for different IDEs (VSCode, VIM, etc.).
 - Building HyperDbg using LLVM clang.
@@ -33,23 +33,21 @@ Please make sure to create a [discussion](https://github.com/orgs/HyperDbg/discu
 - Working on live memory migration and adding support for kernel-mode time travel debugging.
 - Integrating the [z3 project](https://github.com/Z3Prover/z3) into HyperDbg and adding commands based on the z3 solver.
 - Adding the [Bochs emulator](https://github.com/bochs-emu/Bochs) to HyperDbg.
-- ~~Creating commands to inspect and read details of PCIe devices.~~ Added: [<a href="https://docs.hyperdbg.org/commands/extension-commands/pcitree" target="_blank">link</a>][<a href="https://docs.hyperdbg.org/commands/extension-commands/pcicam" target="_blank">link</a>]
-- ~~Mitigating the anti-hypervisor method described [here](https://howtohypervise.blogspot.com/2019/01/a-common-missight-in-most-hypervisors.html).~~ [[Fixed](https://github.com/HyperDbg/HyperDbg/pull/497)]
 - Creating different examples of how to use the SDK (using different programming languages).
 - Debugging and fixing bugs related to HyperDbg's physical serial communication.
 - Reading symbol information from modules in memory (currently, HyperDbg opens a file which continues the debugger).
 - Adding APIC virtualization.
 - Reading the list of modules for the '[lm](https://docs.hyperdbg.org/commands/debugging-commands/lm)' command directly from kernel-mode.
 - Detecting and fixing anti-hypervisor methods described [here](https://github.com/Ahora57/MAJESTY-technologies).
 - Investigating why the symbols parser (DIA SDK) could not read symbols of the 'kernel32!*'.
-- ~~Fixing the problem with [XSETBV instruction freezing](https://github.com/HyperDbg/HyperDbg/issues/429).~~ [[Fixed](https://github.com/HyperDbg/HyperDbg/pull/491)]
-- Adding an event function that detects coverage.
-- Bypassing [al-khaser](https://github.com/LordNoteworthy/al-khaser).
 - Creating the 'alias' command that converts or registers scripts as a command, for example: "alias !list .script list.dbg" (discussion needed).
 - Adding support for [Hardware Performance Counters (HPC)](https://en.wikipedia.org/wiki/Hardware_performance_counter).
-
 - Any other interesting tasks you might find!
 
+- ~~Creating commands to inspect and read details of PCIe devices.~~ Added: [<a href="https://docs.hyperdbg.org/commands/extension-commands/pcitree" target="_blank">link</a>][<a href="https://docs.hyperdbg.org/commands/extension-commands/pcicam" target="_blank">link</a>]
+- ~~Mitigating the anti-hypervisor method described [here](https://howtohypervise.blogspot.com/2019/01/a-common-missight-in-most-hypervisors.html).~~ [[Fixed](https://github.com/HyperDbg/HyperDbg/pull/497)]
+- ~~Fixing the problem with [XSETBV instruction freezing](https://github.com/HyperDbg/HyperDbg/issues/429).~~ [[Fixed](https://github.com/HyperDbg/HyperDbg/pull/491)]
+
 This list will be updated frequently.
 
 ## Fixing Bugs

README.md

@@ -9,7 +9,7 @@
 # HyperDbg Debugger
 
 <a href="https://hyperdbg.org/"><img align="right" width="150" height="150" src="https://github.com/HyperDbg/graphics/raw/master/Art%20Board/HyperDbg-Cat.Circle.Compressed.png" alt="HyperDbg Debugger"></a></br>
-**HyperDbg Debugger** is a free (as in free beer and freedom), open-source, community-driven, hypervisor-assisted, user-mode, and kernel-mode Windows debugger with a focus on using modern hardware technologies. It is a debugger designed for analyzing, fuzzing, and reversing.
+**HyperDbg Debugger** is a free (as in free beer), open-source, community-driven, hypervisor-assisted, user-mode, and kernel-mode Windows debugger with a focus on using modern hardware technologies. It is a debugger designed for analyzing, fuzzing, and reversing.
 
 You can follow **HyperDbg** on **[Twitter](https://twitter.com/HyperDbg)** or **[Mastodon](https://infosec.exchange/@hyperdbg)** to get notified about new releases, or join any of the HyperDbg groups, where you can ask developers and open-source reversing enthusiasts for help setting up and using HyperDbg.
 
@@ -150,6 +150,7 @@ You can also read [this article](https://research.hyperdbg.org/debugger/kernel-d
 * Triggering and Counting System Management Mode (SMM) Interrupts (SMIs) [<a href="https://docs.hyperdbg.org/commands/extension-commands/smi" target="_blank">link</a>]
 * Attaching to the User-mode Process and Preventing Execution [<a href="https://docs.hyperdbg.org/commands/meta-commands/.attach" target="_blank">link</a>]
 * Intercepting Execution of XSETBV Instructions [<a href="https://docs.hyperdbg.org/commands/extension-commands/xsetbv" target="_blank">link</a>]
+* Writing Library Script Files [<a href="https://docs.hyperdbg.org/commands/scripting-language/casting-and-inclusion" target="_blank">link</a>]
 
 ## How does it work?
 

hyperdbg/dependencies/zydis

@@ -87,6 +87,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "imports", "imports", "{B3D9
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hyperkd", "hyperkd\hyperkd.vcxproj", "{AFDD7028-1ED9-442E-8A3D-01CFA3AA1CAA}"
 	ProjectSection(ProjectDependencies) = postProject
+		{9FA45E25-DAEB-4C2D-806C-7908A180195D} = {9FA45E25-DAEB-4C2D-806C-7908A180195D}
 		{AFDE69E9-EE3D-470E-8407-C1F0D98F9E3D} = {AFDE69E9-EE3D-470E-8407-C1F0D98F9E3D}
 		{BB17323A-2460-4AE1-8AFE-B367400B934F} = {BB17323A-2460-4AE1-8AFE-B367400B934F}
 	EndProjectSection
@@ -97,6 +98,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "modules", "modules", "{13E4
 	ProjectSection(SolutionItems) = preProject
 		include\SDK\modules\HyperEvade.h = include\SDK\modules\HyperEvade.h
 		include\SDK\Modules\HyperLog.h = include\SDK\Modules\HyperLog.h
+		include\SDK\modules\HyperTrace.h = include\SDK\modules\HyperTrace.h
 		include\SDK\Modules\VMM.h = include\SDK\Modules\VMM.h
 	EndProjectSection
 EndProject
@@ -145,13 +147,15 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "kernel", "kernel", "{D0E5A2
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "code", "code", "{6498728B-D9B0-4CAB-A9E3-ACE5BC371010}"
 	ProjectSection(SolutionItems) = preProject
-		include\platform\kernel\code\Mem.c = include\platform\kernel\code\Mem.c
+		include\platform\kernel\code\PlatformMem.c = include\platform\kernel\code\PlatformMem.c
 	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "header", "header", "{AA41FFF1-A730-433E-8D26-13DA5B653825}"
 	ProjectSection(SolutionItems) = preProject
 		include\platform\kernel\header\Environment.h = include\platform\kernel\header\Environment.h
-		include\platform\kernel\header\Mem.h = include\platform\kernel\header\Mem.h
+		include\platform\kernel\header\PlatformMem.h = include\platform\kernel\header\PlatformMem.h
+		include\platform\kernel\header\PlatformModuleInfo.h = include\platform\kernel\header\PlatformModuleInfo.h
+		include\platform\kernel\header\PlatformTypes.h = include\platform\kernel\header\PlatformTypes.h
 	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "code", "code", "{4BF590C3-1032-4DD2-BF87-BB9E5781977C}"
@@ -173,6 +177,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "kernel", "kernel", "{947577
 		include\SDK\imports\kernel\HyperDbgHyperEvade.h = include\SDK\imports\kernel\HyperDbgHyperEvade.h
 		include\SDK\Imports\Kernel\HyperDbgHyperLogImports.h = include\SDK\Imports\Kernel\HyperDbgHyperLogImports.h
 		include\SDK\Imports\Kernel\HyperDbgHyperLogIntrinsics.h = include\SDK\Imports\Kernel\HyperDbgHyperLogIntrinsics.h
+		include\SDK\imports\kernel\HyperDbgHyperTrace.h = include\SDK\imports\kernel\HyperDbgHyperTrace.h
 		include\SDK\Imports\Kernel\HyperDbgVmmImports.h = include\SDK\Imports\Kernel\HyperDbgVmmImports.h
 	EndProjectSection
 EndProject
@@ -214,6 +219,9 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hyperdbg_app", "..\examples
 	EndProjectSection
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hyperevade", "hyperevade\hyperevade.vcxproj", "{B226530A-14B1-40AC-B82E-D9057400E7EE}"
+	ProjectSection(ProjectDependencies) = postProject
+		{AFDE69E9-EE3D-470E-8407-C1F0D98F9E3D} = {AFDE69E9-EE3D-470E-8407-C1F0D98F9E3D}
+	EndProjectSection
 EndProject
 Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "hyper-v", "hyper-v", "{02EA681E-C7D8-13C7-8484-4AC65E1B71E8}"
 	ProjectSection(SolutionItems) = preProject
@@ -226,6 +234,8 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "config", "config", "{035508
 		include\config\Definition.h = include\config\Definition.h
 	EndProjectSection
 EndProject
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "hypertrace", "hypertrace\hypertrace.vcxproj", "{9FA45E25-DAEB-4C2D-806C-7908A180195D}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		debug|x64 = debug|x64
@@ -279,6 +289,10 @@ Global
 		{B226530A-14B1-40AC-B82E-D9057400E7EE}.debug|x64.Build.0 = debug|x64
 		{B226530A-14B1-40AC-B82E-D9057400E7EE}.release|x64.ActiveCfg = release|x64
 		{B226530A-14B1-40AC-B82E-D9057400E7EE}.release|x64.Build.0 = release|x64
+		{9FA45E25-DAEB-4C2D-806C-7908A180195D}.debug|x64.ActiveCfg = debug|x64
+		{9FA45E25-DAEB-4C2D-806C-7908A180195D}.debug|x64.Build.0 = debug|x64
+		{9FA45E25-DAEB-4C2D-806C-7908A180195D}.release|x64.ActiveCfg = release|x64
+		{9FA45E25-DAEB-4C2D-806C-7908A180195D}.release|x64.Build.0 = release|x64
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE

hyperdbg/hyperdbg.sln

@@ -6,7 +6,7 @@ set(SourceFiles
     "code/UnloadDll.c"
     "../include/components/spinlock/header/Spinlock.h"
     "../include/platform/kernel/header/Environment.h"
-    "../include/platform/kernel/header/Mem.h"
+    "../include/platform/kernel/header/PlatformMem.h"
     "header/Logging.h"
     "header/pch.h"
     "header/UnloadDll.h"

hyperdbg/hyperevade/CMakeLists.txt

@@ -74,7 +74,7 @@
 //
 // Platform independent headers
 //
-#include "platform/kernel/header/Mem.h"
+#include "platform/kernel/header/PlatformMem.h"
 
 //
 // Hyperevade Callbacks

hyperdbg/hyperevade/header/pch.h

@@ -107,7 +107,7 @@
     <ClCompile Include="..\include\components\optimizations\code\InsertionSort.c" />
     <ClCompile Include="..\include\components\optimizations\code\OptimizationsExamples.c" />
     <ClCompile Include="..\include\components\spinlock\code\Spinlock.c" />
-    <ClCompile Include="..\include\platform\kernel\code\Mem.c" />
+    <ClCompile Include="..\include\platform\kernel\code\PlatformMem.c" />
     <ClCompile Include="code\SyscallFootprints.c" />
     <ClCompile Include="code\Transparency.c" />
     <ClCompile Include="code\UnloadDll.c" />
@@ -116,7 +116,7 @@
   <ItemGroup>
     <ClInclude Include="..\include\components\interface\HyperLogCallback.h" />
     <ClInclude Include="..\include\platform\kernel\header\Environment.h" />
-    <ClInclude Include="..\include\platform\kernel\header\Mem.h" />
+    <ClInclude Include="..\include\platform\kernel\header\PlatformMem.h" />
     <ClInclude Include="header\SyscallFootprints.h" />
     <ClInclude Include="header\Transparency.h" />
     <ClInclude Include="header\pch.h" />

hyperdbg/hyperevade/hyperevade.vcxproj

@@ -45,7 +45,7 @@
     <ClCompile Include="code\UnloadDll.c">
       <Filter>code</Filter>
     </ClCompile>
-    <ClCompile Include="..\include\platform\kernel\code\Mem.c">
+    <ClCompile Include="..\include\platform\kernel\code\PlatformMem.c">
       <Filter>code\platform</Filter>
     </ClCompile>
     <ClCompile Include="..\hyperhv\code\components\registers\DebugRegisters.c">
@@ -86,7 +86,7 @@
     <ClInclude Include="..\include\platform\kernel\header\Environment.h">
       <Filter>header\platform</Filter>
     </ClInclude>
-    <ClInclude Include="..\include\platform\kernel\header\Mem.h">
+    <ClInclude Include="..\include\platform\kernel\header\PlatformMem.h">
       <Filter>header\platform</Filter>
     </ClInclude>
     <ClInclude Include="..\include\components\interface\HyperLogCallback.h">