description
Enable, Disable, and remove events

Managing Events

Each time you use a command like !syscall, !epthook, bp, !monitor, etc., you create an event.

After that, you can disable or re-enable the event or completely clear the event. This article demonstrates how to manage events in HyperDbg.

The following command shows the list of active/disabled events.

HyperDbg> events
0       (enabled)           !syscall 80
1       (disabled)          !sysret 80
2       (enabled)           !msrwrite 80 code {90}
3       (enabled)           !cpuid

The following command disables an event with event number 1 and then we see the list of all events.

HyperDbg> event d 1

HyperDbg> events
0       (enabled)           !syscall 80
1       (disabled)          !sysret 80
2       (enabled)           !msrwrite 80 code {90}
3       (enabled)           !cpuid

The following command enables all of the events and commands.

HyperDbg> event e all

HyperDbg> events
0       (enabled)           !syscall 80
1       (enabled)           !sysret 80
2       (enabled)           !msrwrite 80 code {90}
3       (enabled)           !cpuid

The following command clears an event with event number 1.

HyperDbg> event c 1

HyperDbg> events
0       (enabled)           !syscall 80
2       (enabled)           !msrwrite 80 code {90}
3       (enabled)           !cpuid

The following command clears and turns off every enabled and disabled event and commands.

HyperDbg> event c 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

managing-events.md

managing-events.md

Managing Events

Files

managing-events.md

Latest commit

History

managing-events.md

File metadata and controls

Managing Events