A tutorial on creating a hypervisor from scratch
All the parts »
Part 1
·
Part 2
·
Part 3
·
Part 4
·
Part 5
·
Part 6
·
Part 7
·
Part 8
If you're looking to use a hypervisor for analysis and reverse engineering tasks, check out HyperDbg Debugger. It's a hypervisor-based debugger designed specifically for analyzing, fuzzing, and reversing applications.
Notice: The Hypervisor From Scratch tutorial is completely revised in August 2022. Codes from all parts are updated, unnecessary details are removed, and new explanations and materials are added to the tutorial.
Source code of a multiple series of tutorials about the hypervisor.
Available at: https://rayanfam.com/tutorials
Part 1 - Basic Concepts & Configure Testing Environment (https://rayanfam.com/topics/hypervisor-from-scratch-part-1)
Part 2 - Entering VMX Operation (https://rayanfam.com/topics/hypervisor-from-scratch-part-2)
Part 3 - Setting up Our First Virtual Machine (https://rayanfam.com/topics/hypervisor-from-scratch-part-3)
Part 4 - Address Translation Using Extended Page Table (EPT) (https://rayanfam.com/topics/hypervisor-from-scratch-part-4)
Part 5 - Setting up VMCS & Running Guest Code (https://rayanfam.com/topics/hypervisor-from-scratch-part-5)
Part 6 - Virtualizing An Already Running System (https://rayanfam.com/topics/hypervisor-from-scratch-part-6)
Part 7 - Using EPT & Page-Level Monitoring Features (https://rayanfam.com/topics/hypervisor-from-scratch-part-7)
Part 8 - How To Do Magic With Hypervisor! (https://rayanfam.com/topics/hypervisor-from-scratch-part-8)
Note: please keep in mind that hypervisors change over time because new features are added to the operating systems or using new technologies. For example, updates to Meltdown & Spectre have made a lot of changes to the hypervisors, so if you want to use Hypervisor From Scratch in your projects, research, or whatever, you have to use the driver from the latest parts of these tutorial series as this tutorial is actively updated and changes are applied to the newer parts (earlier parts keep untouched) so you might encounter errors and instability problems in the earlier parts thus make sure to use the latest parts in real-world projects.
In order to compile this project, you have to use Windows Driver Kit (WDK), first install Visual Studio, then install WDK. After that, you can compile it.
All the drivers are tested on both physical-machine, and VMWare Workstations's nested-virtualization, from part 8 support to Hyper-V is added, which means that you can test part 8 and newer parts on physical-machine, VMWare Workstation's nested-virtualization, and Hyper-V's nested-virtualization.
If you want to know more about hypervisors, you can visit the awesome virtualization repo.
This series is written by:
Special Thanks to these guys for their help and contributions:
- Alex Ionescu
- Satoshi Tanda
- Liran Alon
- gerhart
- Daax
- Noteworthy
- ivs
- Artem Shishkin
- Shahriar
- Ahmad
- ...and many other people who helped to solve the problems
Hypervisor From Scratch is licensed under an MIT license.