HatDBG v1.0.1 Powershell win32 Class

HatDBG v1.0.1 Powershell win32 Class

The HatDBG is A pure Powershell win32 debugging abstraction class. The goal of this project is to make a powershell debugger. It is intended to be used during internal penetration tests and red team engagements. This is exclusively for educational purposes.

The debugger objects implementing a number of features such as:

  • Soft (INT 3) breakpoints
  • Exception / event handling call backs
  • Process memory snapshotting
  • Function resolution
  • Memory manipulation
  • Threads enumerations


Method Summary

  • open_thread
  • enumerate_threads
  • get_thread_context
  • read_process_memory
  • write_process_memory
  • bp_set
  • func_resolve
  • detach
  • attach
  • exception_handler_breakpoint
  • get_debug_event
  • run
  • open_process
  • load

More Information: here

[button size=large style=round color=red align=none url=https://github.com/enddo/HatDBG]Download HatDBG v1.0.1[/button]

Thanks to Enddo for sharing this tool with us. 😉


www.artssec.com @maxisoler