Debug without kernel?

[seeker25]

So I ended up getting this going, but it seems like when I run a special application that happens to prevent kernel debug mode it crashes Ddimon entirely. I'm pretty sure they're doing it intentionally to crash HyperPlatform.

How would one go about debugging these kinds of crashes?

[tandasat]

I would suggest you to set true to kVmmpEnableRecordVmExit. This enables logging of all VM-exists and many register values at that moment. When the system crashes (as in, bug checks), you can look up the records include RIP values and disassemble how the application might detect the hypervisor.

The other way could be to employ anti-anti-debugging like TitanHide and try to bypass its protection. Generally speaking, you will perhaps get better suggestion for this direction if you ask in some RE / game-cheating communities as there are more people experienced.