You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
HyperDbg has a caveat in the design of !monitor or possibly !epthook.
If you specify a particular process (add pid xx to your event command), only if that process accesses the memory, the event will be triggered. If another process attempts to change the memory, HyperDbg will ignore the event.
As a real-world scenario, if you modify the memory of a special process using a debugger (let say x64dbg), then as the memory is modified in an application other than the current debuggee's application, the event is ignored.
To solve this issue, one solution is adding new parameters to the commands mentioned above to specify another process as the target process to use its memory layout and use the pid parameter as a condition for the event.
One thing to mention is updating the examples in the documentation.
The text was updated successfully, but these errors were encountered:
HyperDbg has a caveat in the design of !monitor or possibly !epthook.
If you specify a particular process (add
pid xx
to your event command), only if that process accesses the memory, the event will be triggered. If another process attempts to change the memory, HyperDbg will ignore the event.As a real-world scenario, if you modify the memory of a special process using a debugger (let say x64dbg), then as the memory is modified in an application other than the current debuggee's application, the event is ignored.
To solve this issue, one solution is adding new parameters to the commands mentioned above to specify another process as the target process to use its memory layout and use the
pid
parameter as a condition for the event.One thing to mention is updating the examples in the documentation.
The text was updated successfully, but these errors were encountered: